I have already asked a topic with an almost similar question, but I did not reach the end point, even after reading the literature.

Our devices:

  1. Laptop with ip address 192.168.0.24 connected to switch
  2. The first Linux machine:

eth1 with ip address 192.168.0.155 - connected to the switch

auto eth1 iface ethic net dhcp

iptables looks like this:

iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -o eth1 -j MASQUERADE

and

eth0 with ip address 192.168.2.155 - connected to the eth0 of the second Linux machine.

auto eth0 iface eth0 inet static address 192.168.2.155 netmask 255.255.255.0

  1. The second Linux machine:

eth0 with ip address 192.168.2.167 - is connected to eth0 first Linux machine and has access to the network through it.

auto eth0 iface ethic net dhcp

I need to add the rule to the iptables first Linux machine, so that when connected via a laptop via ssh root@192.168.0.155 -73 or any other port, this is not the main thing, I was hooked to ssh connecting the second Linux machine.

  • 192.168. 0 .155? - Pavel Mayorov
  • @PavelMayorov did not understand you - Insider
  • Is the third octet exactly 0? The text above is used 2. - Pavel Mayorov
  • Network configuration is not clear, porridge. That's how it is right - dsnk
  • @PavelMayorov for sure. The laptop and the first Linux machine via eth1 connected to the xxx.xxx.0.xxx network, and the first Linux machine already creates its network and distributes the Internet via eth0 second Linux machine. - Insider

1 answer 1

 iptables -t nat -A PREROUTING -p tcp -d 192.168.0.155 --dport 73 -j DNAT --to-destination 192.168.2.167:22
  • ssh: connect to host 192.168.0.155 port 73: Connection refused - Insider
  • iptables -l -n ??? - dsnk
  • @dsnk Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination - Insider
  • From the first car the second generally pinged? - Pavel Mayorov
  • @PavelMayorov yes. - Insider