IPTalbes Unable to port forward to Host Only Networked VM

Discussion in 'Hardware' started by hackingNerd, Feb 28, 2016.

  1. hackingNerd


    Feb 28, 2016
    Likes Received:
    **Host OS Ubuntu** with live(public) IP address `` .

    And a **Ubuntu VM** running in Virtual Box with **Host Only** and **NAT** network configuration. NAT to make my VM able to communicate with world.

    Now my VM have IP address ``.
    I successfully SSH my VM from host. But when i move forward, I implement IPTables rule to forward traffic from host to VM. It is not working. I have enabled IP forwarding at host with `#sysctl net.ipv4.ip_forward=1`, and added `#iptables -t nat -A PREROUTING -p tcp --dport 2222 -j DNAT --to-destination` to /etc/iptables/rules.v4.

    Now when I ssh my VM from external network with IP address `` with command `#ssh [email protected] -p 2222`, it stuck. No output. also No logs on my host `` and `VM`. I have also added port `2222` in ssh config (/etc/ssh/sshd_config) of my VM.

    **Host IPTables rules (/etc/iptables/rules.v4)**
    `[email protected]:~$ iptables -L`
    `Chain INPUT (policy ACCEPT)`
    `target prot opt source destination`
    `ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED`
    `ACCEPT all -- anywhere anywhere`
    `DROP all -- anywhere anywhere ctstate INVALID`
    `UDP udp -- anywhere anywhere ctstate NEW`
    `TCP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN ctstate NEW`
    `ICMP icmp -- anywhere anywhere ctstate NEW`
    `REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable`
    `REJECT tcp -- anywhere anywhere reject-with tcp-reset`
    `REJECT all -- anywhere anywhere reject-with icmp-proto-unreachable`

    `Chain FORWARD (policy ACCEPT)`
    `target prot opt source destination`

    `Chain OUTPUT (policy ACCEPT)`
    `target prot opt source destination`

    `Chain ICMP (1 references)`
    `target prot opt source destination`

    `Chain TCP (1 references)`
    `target prot opt source destination`
    `ACCEPT tcp -- anywhere anywhere tcp dpt:ssh`

    `Chain UDP (1 references)`
    `target prot opt source destination`

    **Use Case:** I have deployed SSH Honeypots in my VM. Any one who will try to SSH my Live IP `` at port `2222`, will be forwarded to SSH honeypot. In honeypot VM all SSH sessions are logged. So in logs I need the real IP of attacker(``).

    **Request:** I have already discussed this issue on some forums online, my luck :-(. I have tried my best and still trying. I would be greatly thankful to a person who can help me or suggest me any alternative approach which could satisfy my use case.

    If you found difficulty in understanding or it is basic. I am sorry Sir! I am a student of networks.
    hackingNerd, Feb 28, 2016
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.