0

I have a network.

There's an edge server with a public IP address.

There are multiple internal services 192.168.0.{1..255} with SSH running on port 22 that can be accessed via a private network from the edge server.

I have clients connecting from outside the network to the edge server on port range 30001-30255. I need to map these connections to internal SSH services like so:

  • ssh -p 30001 myedgeserver.com -> 192.6.0.1:22
  • ssh -p 30002 myedgeserver.com -> 192.6.0.2:22
  • ...
  • ssh -p 30255 myedgeserver.com -> 192.6.0.255:22

Can this be achieved with iptables?

Antti Kuosmanen
  • 830
  • 7
  • 11

1 Answers1

2

Yes. You make a nat for each of the 255 ports. I am unaware that you can do it in one line. So 255 lines like this:

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 30001 -j DNAT \
  --to 192.6.0.1:22
Ole Tange
  • 31,768
  • 5
  • 86
  • 104
  • Looks good. Just doesn't work across interfaces. The public connections are from eth0 and internal is eth1. What do I need to change? – Antti Kuosmanen Oct 26 '15 at 19:32