I have googled and haven`t found the answer on my question. Help me please.
There are two servers:
serverA with public IP 12.0.0.10 and an private IP 10.0.0.5
serverB with public IP 20.0.0.11
I have setup SOCKS proxy on serverB to serverA:
ssh -D20.0.0.11:2222
[email protected]
So when on my local machine in a browser
i specify SOCKS proxy 20.0.0.11:2222 (serverB:2222) as external IP while browsing
i get 12.0.0.10 (serverA IP). That is ok.
As well if
i go onto http://10.0.0.5 (serverA private IP) it is also reachable.
That is what
i need.
I want to make servers A private IP to be available through servers B public IP on certain ports but without specifying SOCKS in my browser.
I could use ssh port forward but the problem is -
i need to forward many ports and do not know which exactly -
i know only the range.
So when
i connect to 20.0.0.11 to any port , for example, from 3000:4000 range,
i want that
traffic to be redirected to 10.0.0.5 on the same port.
That is why i`ve decided maybe SOCKS proxy via SSH and iptables REDIRECT could help me.
Client - serverBPublicIP (any port from range 3000:4000) -
serverAPublicIP - serverAPrivateIP (the port was requested on
serverBPublicIP)
On serverB
i do:
ssh -D20.0.0.11:2222
[email protected]
iptables -t nat -A PREROUTING -d 20.0.0.11 -p tcp --dport 3000:4000 -j REDIRECT --to-port 2222
But that does not work - when
i telnet on 20.0.0.11:3001 for example
i do not see any proxied
traffic on the serverA. What should
i do else?
I have tried tcpsocks
like this (in example
i am telneting to 20.0.0.11:3001)
Client -> 20.0.0.11:3001 -> iptables REDIRECT from 3001 --to-port 1111 -> tcpsocks from 1111 to 2222 -> SOCKS proxy from serverB to serverA on port 2222 -> serverA
But
i do not know what to do with the
traffic on serverA. How to route it to its private IP.
Help me please.
I know, VPN removes all the hell
i am trying to create, but
i have no ability to use tun/tap device. It is disabled.