Let a friend use your IP address to get access to a machine that you can access, but he can't

Tags: networking, iptables, howto,

Added: 2007-07-08T00:00

Let a friend use your IP address to get access to a machine that you can access, but he can't

I'm sure we've all suffered from this at some time.
You've got access to a machine on the internet, and a friend of yours has offered to sort out some of your CSS, but a firewall protecting the server blocks his IP?

This example uses SSH, but it will work with anything, TCP, UDP, ICMP, etc.

Answer - use IPTables to let him bounce off your machine.

iptables -t nat -I PREROUTING -s your.friend -p tcp --dport 1 -j DNAT --to de.st.ip.address:22
iptables -I FORWARD -s your.friend -d de.st.ip.address -j ACCEPT

Simple. Now if he tries to SSH to your.host on port 1, his packets will be rewritten to the destination address, with your address as the source.

Linux. Is there anything it can't do?

Add a comment

Your IP:
Please enter 8943779 here: