I'm still searching the forums and google for answers to this, but I figured I'd go ahead and ask here in case someone can help me. If I stumble upon the answer myself I'll post it.
Here's my situation. I have a block of ip addresses from my isp:
220.127.116.11-.3 using 18.104.22.168 as the gateway.
I have 22.214.171.124 assigned as the primary ip address in my router. Using the gui I can forward ports from it with no problem, and of course changing the port to a different one internally works fine.
I've added 126.96.36.199 as a second ip address by following this tutorial here:
so my firewall script looks like this:
/usr/sbin/ip addr add 188.8.131.52/28 dev vlan1 /usr/sbin/iptables -t nat -I PREROUTING -d 184.108.40.206 -j DNAT --to-destination 192.168.12.11 /usr/sbin/iptables -I FORWARD -p tcp -d 192.168.8.50 --dport 22 -j ACCEPT
I don't need the source nat rule from the example page as this works for simple port forwarding. I can telnet from an outside source just fine. So I know the router is answering on the second ip address.
What I'd like to do is also accept a connection on port 23 but redirect it to port 22.
I've tried quite a few different things but I never get a connection when I try to telnet on port 23. Port 22 continues to work but if I'm somewhere that's blocking port 22 I'd like to be able to try port 23.
Thanks for any input. If I find the answer I will post it here.