How to change ip address when connecting via ssh using iptables?

D

Denis Neichev2017-10-04 18:25:18

linux

Denis Neichev, 2017-10-04 18:25:18

The task is as follows:
there is a server on which several interfaces are raised
there is a server where you need to knock - abcd
there is an address from which you need to knock 172.16.80.1 You
need to connect via ssh to the abcd server through the tun0 interface at 172.16.
ssh [email protected] changes ip to abcd and exits the tun0 interface.
I have already tried a bunch of implementation options using iptables, I got to the point that by 172.16.80.1. goes where it is necessary, but not from that interface. used the rule

iptables -t nat -A OUTPUT -d 172.16.80.1 -j DNAT --to-destination a.b.c.d

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

D

Denis Neichev, 2017-10-05
@dneichev

The decision has come. To the rule that I described above, it was just necessary to add the route to ip ro, i.e.
iptables -t nat -A OUTPUT -d 172.16.80.1 -j DNAT --to-destination abcd
ip ro add 172.16.80.1 via [tun_ip]

K

ky0, 2017-10-04
@ky0

ssh has a -b switch:

-b bind_address
Use bind_address on the local machine as the source address of
the connection. Only useful on systems with more than one
address.
Of course, this does not eliminate the need to properly configure routing on the server.