Hi, I'd like to know whether it is possible to do this kind of thing with iptables. I'd like to configure my firewall/router so that all the packets to the port 80 from the Internet (from specific addresses) are forwarded automatically to the ssh-port on another host on the Internet (not on my home lan).
This would be needed so that shell access would be possible even in an environment where firewall blocks all the other ports than 80. I could solve the problem by binding SSH to listen that port but I'd like to have a solution where the packets wouldn't get past the firewall and no access would be necessary to my Linux box. I already have NAT working for my home LAN but I don't fully understand how all those post/prerouting things work. And can I mangle packets and then send them back to the same interface where they came from? -- Vesa Salento
