Answer the question
In order to leave comments, you need to log in
B
B
Bergtagen2019-02-26 15:37:47
Bergtagen, 2019-02-26 15:37:47
How to arrange port mapping using iptables through a single interface?
Hello :)
I have a hosting vps through which I need to forward one port to another address. It costs ubuntu 18.04. The difficulty is that there is only one network interface and the incoming packet must be sent in the same way.
I wrote the following rules:
#тут очистка таблиц
#далее:
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -p TCP --dport 22 -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A PREROUTING -p TCP --dport 2610 -j DNAT --to-destination 12.13.14.15:2710I know that it is possible, with Kerio Control it turned out. There is something I can not formulate a rule. There are vague doubts that I did not masquerading and forward with state = new, but with a single interface this is strange.
Thank you very much :)
2 answer(s)
@Bergtagen
K
ky0, 2019-02-26 @Bergtagen
Yes, there is not enough masquerading and permission to forward (here you can make a rule with src and/or dst host/port). Well, net.ipv4.ip_forward=1they didn’t forget in sysctl, I hope?
Something like this:
-A FORWARD -d 12.13.14.15/32 -j ACCEPT
-t nat -A PREROUTING -p tcp -m tcp --dport 2610 -j DNAT --to-destination 12.13.14.15:2710
-t nat -A POSTROUTING -d 12.13.14.15/32 -j MASQUERADE
Similar questions
I
Ilya Derevyannykh2020-10-07 22:21:50
Is it possible to automatically change prices in Woocommerc?
4Reply
B
M
R
O
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question