[Firehol-support] Help : port forwarding to virtual machine (vmware)
carlos.efr at mail.telepac.pt
Fri Mar 21 22:55:02 CET 2008
On Fri, Mar 21, 2008 at 9:23 PM, Harry Sufehmi <sufehmi at gmail.com> wrote:
> Tried that, but SSH still can't connect. Here's the output from SSH :
> debug1: Connecting to 188.8.131.52 [184.108.40.206] port 211
> ssh: connect to host 220.127.116.11 port 211: Connection timed out
> No messages on /var/log/messages as well.
Ok, let me see if I understand. The traffic comes from the outside
through eth0, is redirected through vmnet8 where it is NATed by VMware
towards the guest VM?
I think you should try this using something like HTTP before trying to
do it with SSH. To separate the problem of forwarding traffic from the
problem of forwarding it in a way that doesn't break SSH.
Also, those iptables commands on that vmware forum seem to NAT
(masquerade) *all* traffic on every interface. Maybe the replies from
the guest VM have to be SNATed... Just guessing here, you can try
adding the part:
# Flush the NAT table
iptables -t nat --flush
# Masquerade all traffic
iptables --table nat --append POSTROUTING -j MASQUERADE
...to the start of your firehol script instead of the dnat, to see
what happens. If it works, you can add an SNAT for the public host
address for all traffic coming from vmnet8.
> Would you like me to send the iptable statements generated from
> current firehol.conf ?
If it doesn't help, at least it won't hurt either. :)
More information about the Firehol-support