Linux IPTables Port Forwarding
Port forwarding is very simple to do with iptables in a UNIX operating system. This work like gateway operation. In UNIX kernels port forwarding can be done by packet filter rules . Port forwarding also called port mapping usually refers to the network address translator (NAT).
Iptables Commands
#iptables -L - To List all the rule
#iptables -F -to clear or flush the rule
In order to NAT or forward request to other server , you need to make sure that the kernel is set to allow forwarding:
check the file /proc/sys/net/ipv4/ip_forward inside this file 1 should be there if it is 0 then run the below command.
#echo 1 > /proc/sys/net/ipv4/ip_forward
Example Scenario
Source IP 192.168.0.1 Port 1236
Destination IP 192.168.0.10 on port 6666
In My Scenario we will connect server 192.168.0.1 on port 1236 and it should forward to server 192.168.0.10 on port 6666
So here is the command syntax
#iptables -t nat -A PREROUTING -p tcp -d 192.168.0.1 --dport 1236 -j DNAT --to 192.168.0.10:6666
#iptables -t nat -A POSTROUTING -j MASQUERADE
once you execute above routing table and try to connect server 192.168.0.1 on port 1236 it will connect 192.168.0.10 on port 6666
To Check the above rule you can use below command iptables -L will not show the tables
#iptables -t nat -vnL
Iptables Commands
#iptables -L - To List all the rule
#iptables -F -to clear or flush the rule
In order to NAT or forward request to other server , you need to make sure that the kernel is set to allow forwarding:
check the file /proc/sys/net/ipv4/ip_forward inside this file 1 should be there if it is 0 then run the below command.
#echo 1 > /proc/sys/net/ipv4/ip_forward
Example Scenario
Source IP 192.168.0.1 Port 1236
Destination IP 192.168.0.10 on port 6666
In My Scenario we will connect server 192.168.0.1 on port 1236 and it should forward to server 192.168.0.10 on port 6666
So here is the command syntax
#iptables -t nat -A PREROUTING -p tcp -d 192.168.0.1 --dport 1236 -j DNAT --to 192.168.0.10:6666
#iptables -t nat -A POSTROUTING -j MASQUERADE
once you execute above routing table and try to connect server 192.168.0.1 on port 1236 it will connect 192.168.0.10 on port 6666
To Check the above rule you can use below command iptables -L will not show the tables
#iptables -t nat -vnL
Linux IPTables Port Forwarding
Reviewed by TecGeeks News
on
May 30, 2016
Rating:
No comments: