[PVE-User] ssh from internet

Giuliano Monti Avellino giulianomontiavellino at gmail.com
Tue Nov 1 14:05:27 CET 2011 

Thanks, be shure i will learn iptables, and i will find about map two
different external ports to internals

2011/10/31 William Maddler <news at maddler.net>

>  You just cannot share same public port among two different destination
> ports.
> As of now only 1st one is being matched.
>
> Perhaps you should spend a couple hrs reading about how iptables works.
>
> By the way, to put it simple, you'll need to map two different external
> ports to internal 443 and 22. That's it.
>
> On 31/10/11 19:00 , Giuliano Monti Avellino wrote:
>
> ERRATA
>
> 2011/10/31 Giuliano Monti Avellino <giulianomontiavellino at gmail.com>
>
>> ohhh my (between lines)
>>
>>  2011/10/31 Giuliano Natali <diaolin at diaolin.com>
>>
>>> Giuliano Monti Avellino wrote:
>>> > In fact, part of the firewall is like this:
>>> >
>>> > $IPT -t nat -A PREROUTING -p tcp -d $ip_address --dport 8101 -i
>>> > $INET_IFACE
>>> > -j DNAT --to-destination 192.168.0.101:443,22
>>>
>>>  Ok ma la 22????
>>>
>>> Se vuoi la 22 devi fare un DNAT verso
>>> -j DNAT --to-destination 192.168.0.101:22
>>>
>>
>> same line different port??
>> stessa linea a un altro porto??
>>
>>
>>   $IPT -t nat -A PREROUTING -p tcp -d $ip_address --dport 8101 -i >
>> $INET_IFACE > -j DNAT --to-destination 192.168.0.101:443
>>
>>  $IPT -t nat -A PREROUTING -p tcp -d $ip_address --dport 8101 -i >
>> $INET_IFACE > -j DNAT --to-destination 192.168.0.101:22<http://192.168.0.101:443/>
>>
>
>
> ERRATA: should say /dovrebbe dire:
>
> $IPT -t nat -A PREROUTING -p tcp -d $ip_address --dport 8101 -i
> $INET_IFACE  -j DNAT --to-destination 192.168.0.101:443
>
>  $IPT -t nat -A PREROUTING -p tcp -d $ip_address --dport 8101 -i
> $INET_IFACE  -j DNAT --to-destination 192.168.0.101:22<http://192.168.0.101:443/>
>
>>
>> this is not working. Look / non funziona. Guarda
>> w3m my_ipaddress:8101 ok
>> ssh my_ipaddress:8101 ssh: Could not resolve hostname my_ipaddress:8101:
>> Name or service not known
>>
>>
>> > $IPT -I FORWARD -d 192.168.0.100 -p tcp --dport 8100 -j ACCEPT
>>
>>   e questo???
>>>
>>> sopra 101 qui 100
>>>
>>> Hmmmmmmmmmmmmmmmmmmmmmmmm
>>>
>>>  Sorry my mistake copy/past
>> Scusa, ho sbagliato cuando copiavo qui.
>>
>>
>>> Diaolin
>>>
>>>  Giuliano
>>
>
>
>
> _______________________________________________
> pve-user mailing listpve-user at pve.proxmox.comhttp://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
>
>
>
>
> _______________________________________________
> pve-user mailing list
> pve-user at pve.proxmox.com
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.proxmox.com/pipermail/pve-user/attachments/20111101/e345f478/attachment.htm>

More information about the pve-user mailing list