IPTables - Forward Packets from Existing Nat Connection
Hello... I am reposting this from linuxquestions.org in a hope to get more exposure...
I two physical servers set up: 192.168.1.150 and 192.168.1.160
All external traffic comes in to server .150
Initially, I want all traffic to be served by server 150. So for this purpose I am leaving the IPTables on .150 empty (for sake of simplicity).
At a point in time, I want to forward all incoming traffic to be served by .160 instead.
I have accomplished this using these commands (on .150):
iptables -t nat -A PREROUTING -j DNAT --to 192.168.1.160
iptables -t nat -I POSTROUTING -j MASQUERADE
My problem is that if I have an open SSH connection to .150 (prior to adding the rules), the packets are still handled by .150 after adding the rules.. e.g. my SSH session stays active. I want these packets to be forwarded to .160, which would effectively disconnect the SSH session. I do not want the packets flat out dropped, I need them to be forwarded on in whatever state they are in.
If I try a new SSH session, it is properly forwarded to .160
Any help would be appreciated to get these packets from the existing session forwarded.