calum.org:~#

Let a friend use your IP address to get access to a machine that you can access, but he can't

Tags: networking, iptables, howto,

Added: 2007-07-08T13:21

Let a friend use your IP address to get access to a machine that you can access, but he can't

I'm sure we've all suffered from this at some time.
You've got access to a machine on the internet, and a friend of yours has offered to sort out some of your CSS, but a firewall protecting the server blocks his IP?

This example uses SSH, but it will work with anything, TCP, UDP, ICMP, etc.

Answer - use IPTables to let him bounce off your machine.

iptables -t nat -I PREROUTING -s your.friend -p tcp --dport 1 -j DNAT --to de.st.ip.address:22
iptables -I FORWARD -s your.friend -d de.st.ip.address -j ACCEPT

Simple. Now if he tries to SSH to your.host on port 1, his packets will be rewritten to the destination address, with your address as the source.

Linux. Is there anything it can't do?

posted by Calum on 2007-07-08T13:21 under

Add a comment

Your IP:
Please enter 2568326 here: