IPTalbes Unable to port forward to Host Only Networked VM

Discussion in 'Hardware' started by hackingNerd, Feb 28, 2016.

  1. hackingNerd

    hackingNerd

    Joined:
    Feb 28, 2016
    Messages:
    1
    Likes Received:
    0
    **Host OS Ubuntu** with live(public) IP address `1.2.3.4` .

    And a **Ubuntu VM** running in Virtual Box with **Host Only** and **NAT** network configuration. NAT to make my VM able to communicate with world.

    Now my VM have IP address `192.168.56.101`.
    I successfully SSH my VM from host. But when i move forward, I implement IPTables rule to forward traffic from host to VM. It is not working. I have enabled IP forwarding at host with `#sysctl net.ipv4.ip_forward=1`, and added `#iptables -t nat -A PREROUTING -p tcp --dport 2222 -j DNAT --to-destination 192.168.56.101:2222` to /etc/iptables/rules.v4.

    Now when I ssh my VM from external network with IP address `3.3.3.3` with command `#ssh [email protected] -p 2222`, it stuck. No output. also No logs on my host `1.2.3.4` and `VM`. I have also added port `2222` in ssh config (/etc/ssh/sshd_config) of my VM.

    **Host IPTables rules (/etc/iptables/rules.v4)**
    `[email protected]:~$ iptables -L`
    `Chain INPUT (policy ACCEPT)`
    `target prot opt source destination`
    `ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED`
    `ACCEPT all -- anywhere anywhere`
    `DROP all -- anywhere anywhere ctstate INVALID`
    `UDP udp -- anywhere anywhere ctstate NEW`
    `TCP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN ctstate NEW`
    `ICMP icmp -- anywhere anywhere ctstate NEW`
    `REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable`
    `REJECT tcp -- anywhere anywhere reject-with tcp-reset`
    `REJECT all -- anywhere anywhere reject-with icmp-proto-unreachable`

    `Chain FORWARD (policy ACCEPT)`
    `target prot opt source destination`

    `Chain OUTPUT (policy ACCEPT)`
    `target prot opt source destination`

    `Chain ICMP (1 references)`
    `target prot opt source destination`

    `Chain TCP (1 references)`
    `target prot opt source destination`
    `ACCEPT tcp -- anywhere anywhere tcp dpt:ssh`

    `Chain UDP (1 references)`
    `target prot opt source destination`

    **Use Case:** I have deployed SSH Honeypots in my VM. Any one who will try to SSH my Live IP `1.2.3.4` at port `2222`, will be forwarded to SSH honeypot. In honeypot VM all SSH sessions are logged. So in logs I need the real IP of attacker(`3.3.3.3`).

    **Request:** I have already discussed this issue on some forums online, my luck :-(. I have tried my best and still trying. I would be greatly thankful to a person who can help me or suggest me any alternative approach which could satisfy my use case.

    If you found difficulty in understanding or it is basic. I am sorry Sir! I am a student of networks.
     
    hackingNerd, Feb 28, 2016
    #1

    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.
Similar Threads

  1. PIX: how to allow 1 host from outside interface to access another host on the inside interface?

  2. port forward / port changing

  3. Cisco PIX 501 - Port forwarded to an internal host via Static NAT doesn't work from internal host

  4. Shared Printer attached to networked computer not printing from networked computers

  5. Networked laptop auto dialing out on host....grrrr

  6. Nat port Forwarding , allows only only some ip

  7. Cisco port 8080 port forward to public interface

Loading...