Forward a host network traffic to another host with the exception of the ssh service [closed]

Question

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.

---

This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.

Closed 9 years ago.

Improve this question

I am trying to redirect all the network traffic received in a old host to a different new host. For that i created two new rules on iptables of the old host:

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -d old_machine_ip -j DNAT --to-destination new_machine_IP
iptables -t nat -A POSTROUTING -s new_machine_ip -j SNAT --to-source old_machine_ip
/etc/init.d/iptables save
/etc/init.d/iptables restart

Everything worked perfectly however i cannot access the old host ssh anymore since it redirect to the new host so i would like to know if it is possible to create a single rule that ignores the prerouting for the ssh service.

best regards,

Answer 1

iptables -t nat -A PREROUTING -m tcp -p tcp --dport 22 -j RETURN

It must appear before your DNAT rules.