It’s just data
Problem: I’m not always at the machine that is VPN’ed into work.
Solution: place the following into /etc/network/if-up.d/sametime-forwarder:
#!/bin/sh # # redirect Sametime's port 1533 to messaging.ibm.com # echo 1 > /proc/sys/net/ipv4/ip_forward # turns on forwarding iptables -F -t nat # Flush existing translation tables iptables -t nat -A PREROUTING -p tcp --dport 1533 -j DNAT --to 9.17.136.77:1533 iptables -t nat -A POSTROUTING -j MASQUERADE
Alternatively, what I do in similar situations is to use ssh -L to get a port forwarded. Or even ssh -D to get socks support.
Santiago: two differences.
First, and perhaps most importantly, I can’t ssh to this target machine as it is not mine.
Second, this requires no planning, no set up beyond the configuration, has no overhead, recovers after hibernation or when the connection otherwise drops, and in general has no process that might fail or might need to be restarted.
Posted by Sam Ruby at