The prerequisite is:
HostA: (can access public machine, can t access hostA and hostB) CentOS 7
HostB: (private machine, I can login, and it can access hostA and hostC, ) CentOS 7
HostC: (private machine, svn server, IP:)
I need to hostA to "svn co http://hostC_IP:port/svn_repository".
And I set a "screen -dmS svn ssh -R HostAPublicIP:11002:HostC_IP:80 user@HostA_PublicIP -p2222" on hostB that the hostA can checkout the svn by " svn co http://127.0.0.1:11002/svn_repository". It works well.
But there is another problem that the svn repository has external links and the HostA can t checkout the external repository( the external repository s address is the same HostC_IP). So I thought of a method: use the "ip forward" to solve it.
The detail is that use the original address to checkout,and the "HostC_IP:80" forward to "127.0.0.1:11002" through the ssh tunnel:
sudo sysctl -w net.ipv4.conf.all.route_localnet=1
sudo iptables -t nat -A POSTROUTING -p tcp -d HostC_IP --dport 80 -j SNAT --to-source 127.0.0.1
# /proc/sys/net/ipv4/ip_forward=1 has setted
It didn t work.
What can I do to make it run properly or is it impossible?