Hello all. I did a cursory search of different subreddits - started with sysadmin - and it seems like there are at least some tech-support-related-specifically-to-linux-network-management questions in this subreddit. If I'm in the wrong place, please let me know.
Here's what I'm trying to do:
I've got a jump point box. It's got 3 physical network interfaces. One NI hits a wider eng. LAN, the other two NIs hit small LANs that need to stay isolated (unit testers for packet traffic.)
What I desire is the ability to ssh/telnet into a particular port on the jump point box and have that port route me to the IP address of one of the cards on the smaller LANs; i.e.,
telnet <jump_point_box_IP> <unique_port> --> lowest-level interface on the card on the smaller LAN
Essentially, I'd like to treat the ports on the jump point box the same way a console server treats its ports, just with TCP connections.
I've tried this with the iptables command. This is what I put together, cribbing from a borrowed book and online:
Entered from ssh command line on jump point box:
iptables -t nat -A PREROUTING -p tcp –i eth0 \--destination-port 8001 -j DNAT --to-destination <small_LAN_card> iptables -A FORWARD -p tcp -d <small_LAN_card> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT These were accepted, but then when I exit out from the jump point box to my PC and try to telnet to port 8001, I get the usual "could not find host" error message.
tl;dr - new to iptables, trying to figure out how to set it up to route a port on one box to the ip address of another box*
Thoughts? Opinions? Fish?
As an aside, if anyone has any suggestions for a better/more refined tool to use aside that builds on or is higher-level than iptables, please let me know.
[link] [1 comment]