[PVE-User] ssh from internet

William Maddler news at maddler.net
Mon Oct 31 19:27:50 CET 2011


You just cannot share same public port among two different destination 
ports.
As of now only 1st one is being matched.

Perhaps you should spend a couple hrs reading about how iptables works.

By the way, to put it simple, you'll need to map two different external 
ports to internal 443 and 22. That's it.

On 31/10/11 19:00 , Giuliano Monti Avellino wrote:
> ERRATA
>
> 2011/10/31 Giuliano Monti Avellino <giulianomontiavellino at gmail.com 
> <mailto:giulianomontiavellino at gmail.com>>
>
>     ohhh my (between lines)
>
>     2011/10/31 Giuliano Natali <diaolin at diaolin.com
>     <mailto:diaolin at diaolin.com>>
>
>         Giuliano Monti Avellino wrote:
>         > In fact, part of the firewall is like this:
>         >
>         > $IPT -t nat -A PREROUTING -p tcp -d $ip_address --dport 8101 -i
>         > $INET_IFACE
>         > -j DNAT --to-destination 192.168.0.101:443
>         <http://192.168.0.101:443>,22
>
>         Ok ma la 22????
>
>         Se vuoi la 22 devi fare un DNAT verso
>         -j DNAT --to-destination 192.168.0.101:22
>         <http://192.168.0.101:22>
>
>
>     same line different port??
>     stessa linea a un altro porto??
>
>
>       $IPT -t nat -A PREROUTING -p tcp -d $ip_address --dport 8101 -i
>     > $INET_IFACE > -j DNAT --to-destination 192.168.0.101:443
>     <http://192.168.0.101:443/>
>
>     $IPT -t nat -A PREROUTING -p tcp -d $ip_address --dport 8101 -i >
>     $INET_IFACE > -j DNAT --to-destination 192.168.0.101:22
>     <http://192.168.0.101:443/>
>
>
>
> ERRATA: should say /dovrebbe dire:
>
> $IPT -t nat -A PREROUTING -p tcp -d $ip_address --dport 8101 -i  
> $INET_IFACE  -j DNAT --to-destination 192.168.0.101:443 
> <http://192.168.0.101:443/>
>
> $IPT -t nat -A PREROUTING -p tcp -d $ip_address --dport 8101 -i  
> $INET_IFACE  -j DNAT --to-destination 192.168.0.101:22 
> <http://192.168.0.101:443/>
>
>
>     this is not working. Look / non funziona. Guarda
>     w3m my_ipaddress:8101 ok
>     ssh my_ipaddress:8101 ssh: Could not resolve hostname
>     my_ipaddress:8101: Name or service not known
>
>
>     > $IPT -I FORWARD -d 192.168.0.100 -p tcp --dport 8100 -j ACCEPT
>
>         e questo???
>
>         sopra 101 qui 100
>
>         Hmmmmmmmmmmmmmmmmmmmmmmmm
>
>     Sorry my mistake copy/past
>     Scusa, ho sbagliato cuando copiavo qui.
>
>         Diaolin
>
>     Giuliano
>
>
>
>
> _______________________________________________
> pve-user mailing list
> pve-user at pve.proxmox.com
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://pve.proxmox.com/pipermail/pve-user/attachments/20111031/c8e21de6/attachment-0014.html>


More information about the pve-user mailing list