On Sunday 18 March 2007 15:56, Gavin Carr wrote: > > > DNAT:info net loc:10.0.50.50:22 tcp 2222 > > > > I've run into this before as well, and had all kinds of grief until I > > figured it out. For some reason, the SSH protocol does not like its port > > changed. So, if you have 2222 open on the firewall, then have SSH listen > > on 2222 (as well as 22, if you want) on your machine, and DNAT to 2222. > > Not true, at least on my versions of ssh on linux. I routinely dnat ssh > from all kinds of ports through to port 22, and it works just fine. You > must have been seeing some other problem (or it's specific to a particular > ssh or os or something?)
Interesting. It might have been version specific, but somewhere back in the recesses of my mind, it seems I read something to that effect, and I know when I DNAT'ed to the same port (2022 -> 2022) all my sporadic connectivity problems went away. I guess I should have said YMMV. :) j -- Joshua Kugler Lead System Admin -- Senior Programmer http://www.eeinternet.com PGP Key: http://pgp.mit.edu/ ID 0xDB26D7CE PO Box 80086 -- Fairbanks, AK 99708 -- Ph: 907-456-5581 Fax: 907-456-3111 ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
