I'm trying to forward ssh connections from anywhere on internet to my server behind OpenWrt router. It seats behind another router/antenae controlled by my ISP. Port on that seems open:
nmap -Pn 93.xx.xx.xx ... 22/tcp filtered ssh ...
I added an iptables rule on OpenWrt like that:
iptables -t nat -A PREROUTING -i br-lan -p tcp -d 188.8.131.52 --dport 22 -j DNAT --to-destination 192.168.1.100:22
Also changed default dropbear port to something else.
I can ssh from local network to my server no problem, /etc/hosts.allow allows any IP.
what is curious (I'm a noob when it comes to networking) is that
nmap -Pn 192.168.1.100 ... 22/tcp closed ssh ...
even though I'm connected to it through ssh from local network.
And I cannot ssh to it from outside.
What am I doing wrong? Are my interfaces in order in that iptables rule?