Redirect SSH traffic through GRE tunnel

ssh routing tunnel gre

mangle's PREROUTING is for altering incoming packets before routing and OUTPUT for altering locally-generated packets before routing. Hence PREROUTING is needless (for local connections). But OUTPUT should have worked, though. You don't need to specify source address in firewall rules usually, since it would be "locally-generated packets" anyway.

And another thing to remember is no-one gonna change source IP just due to you've marked the packet and it would be routed with another route table — you'd need to use NAT explicitly for that. In terms of Linux' iptables it has to be SNAT. And "This target is only valid in the nat table, in the POSTROUTING chain", as the man says. Although I personally prefer its subspecies MASQUERADE which is more handy for that, cause you don't have to bother with IP-addresses hard coding.

Related

how to export all FreeIPA users list to a csv format?
How to extend 1U / 2U servers with multiple 2 slot full height GPUs for sharing? [closed]
How to verify if an email was received and read
I manually deleted my /etc/php5/ config files and now they don't reinstall
Error installing Exchange2016
How to generate DHCP Decline scenario / packets
Vsftpd: log failed login attempts
“Terrified, John locked the door” — Is the comma necessary?
Single word for "people with premonition" [closed]
wish sentences... wish+would vs wish+could negative sentences
Word or phrase that describes a group of acronymic initials that can be any order
Is "give me a five" the same as "give me five" or incorrect?