Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have following schema:
host 1 (linux eth0 - 192.168.172.2/28)
host 1 (linux eth0:700 - 192.168.172.5/28)
host 2 (windows 10.5.8.7/24)
host 3 (windows 172.18.72.7)
VPN tunnel permitting 192.168.172.2's access to 10.5.8.7:3389/tcp I can open host2's 10.5.8.7 RDP from host host1 no problem.
I have route and full open way between 172.18.72.7 and 192.168.172.2
host 3 has NO routes and all rejections to host 2
Idea is:
open RDP to host 2 from host 3 by accessing host 1's eth0:700 but need rewrite all replies from host2:3389/tcp
I setup iptables pre and post routing NAT rules at host1 like:
enable IP forwarding
++++++++++
echo 1 > /proc/sys/net/ipv4/ip_forward
I'm sorry, but your post doesn't make it clear how your network is designed.
It sounds like you're trying to do port forwarding from TCP/192.168.172.5/7777 to 10.5.8.7:3389, while at the same time doing... something... to traffic from the host 10.5.8.7.
The port forwarding itself should work, but beware of possible asymmetric routing issues. After all, the forwarded packet from 192.168.172.5 will still have the original source address, so unless 192.168.172.5 is actually a router/gateway somewhere in the return path, the reply packet will never be de-NATed.
But I'm just guessing here, because I don't really understand your setup. I diagram would be really nice; even ASCII art would help enormously.
I'm sorry, but your post doesn't make it clear how your network is designed.
It sounds like you're trying to do port forwarding from TCP/192.168.172.5/7777 to 10.5.8.7:3389, while at the same time doing... something... to traffic from the host 10.5.8.7.
The port forwarding itself should work, but beware of possible asymmetric routing issues. After all, the forwarded packet from 192.168.172.5 will still have the original source address, so unless 192.168.172.5 is actually a router/gateway somewhere in the return path, the reply packet will never be de-NATed.
But I'm just guessing here, because I don't really understand your setup. I diagram would be really nice; even ASCII art would help enormously.
Quote:
Originally Posted by Ser Olmy
I'm sorry, but your post doesn't make it clear how your network is designed.
It sounds like you're trying to do port forwarding from TCP/192.168.172.5/7777 to 10.5.8.7:3389, while at the same time doing... something... to traffic from the host 10.5.8.7.
The port forwarding itself should work, but beware of possible asymmetric routing issues. After all, the forwarded packet from 192.168.172.5 will still have the original source address, so unless 192.168.172.5 is actually a router/gateway somewhere in the return path, the reply packet will never be de-NATed.
But I'm just guessing here, because I don't really understand your setup. I diagram would be really nice; even ASCII art would help enormously.
I need to get following:
when host3 is connecting to host1:7777/tcp, connections have to forward to host2:3389/tcp with source of host1. host1 needs to rewrite source ip for returning packets from host2:3389/tcp to host host1:7777/tcp
so simple words: I need host1 to rewrite host3 source and destination IP, for forwarded and returning packets.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.