I want to all request to a certain IP:port on the machine A its self (for a current or rather 10/11/12) to another IP = machine B so that requests from processes on machine A are forwarded to machine B with IP B.
Machine A can reach the network of machine B and the other way round (ip a on machine A:
2: eno1: ...
inet X.Y.52.60/24 brd X.Y.52.255 scope global eno1
valid_lft forever preferred_lft forever
inet X.Z.52.16/24 brd X.Z.52.255 scope global eno1:1
I have tried diffeent approaches:
nftables
chain postrouting {
type nat hook postrouting priority 100; policy accept;
masquerade
}
chain prerouting {
type nat hook prerouting priority -100; policy accept;
ip daddr X.Y.52.69 tcp dnat to X.Z.10.99
}
route add -net X.Y.52.60/32 gw X.Z.10.99withsysctl net.ipv4.ip_forward=(which should redirect all ports)
(*iptables- as there a lot of all manuals about this and command should be passed to the nftables wrapper. I did:iptables -t nat -A OUTPUT -d X.Y.52.69 -p tcp --dport 31000 -j DNAT --to-destination X.Z.10.99)
As far I know handling with socator ssh is not possible
With the firewall approach redirection seam to work nut nmap report filtered port. With routeI got SIOCADDRT: Invalid argument.
Which one is the best approach and how does it actually work on current Linux systems?
