NM this, I found the patches and patched the kernel. Works great.
DK
On Thursday 07 March 2002 09:46, DevilKin wrote:
> On Thursday 07 March 2002 09:02, DevilKin wrote:
> > Hello list,
> >
> > I don't know if this is a rather dump question or not. I've looked
> > through the FAQ and through Rusty's guides. In the latter I found the
> > text that 'it wasn't really supported' to do NAT on connections
> > originating on the box itselfs.
> >
> > Basically: i want to do this
> >
> > On my box X, i initiate an ssh connection to box Y on port 22. Before the
> > connection is actually made the port must be 'rewritten' to 5000. (no, i
> > can't use the ssh -p parameter), then the connection can be made.
> >
> > I've tried many different setups with rules, but I can't get it correct.
> >
> > If i'm correct it should be something like this:
> >
> > iptables -t nat -A OUTPUT -p tcp --destination dest.box.ip --dport 22 -j
> > DNAT --to-destination dest.box.ip:5000
> >
> > this rule repeated twice, once for UDP and once for TCP.
> >
> > IPTables accepts the input, but it doesn't work when I initate a
> > connection with ssh dest.box.ip
> >
> > Any ideas/patches/... to try?
> >
> > Thanks!
> >
> > DK
>
> Forgot to mention i'm using Iptables-1.2.5 and the latest kernel with the
> -ac patch, being linux-2.4.19-pre2-ac2.
>
> I've discovered some patch files for local natting in the cvs under
> patch-o-matic/pending for local natting. I've patched my kernel and am
> going to try it out.
