Home / server / Questions / 231381
Accepted
Caffeine Coma
Asked: 2011-02-05 13:08:20 +0800 CST

iptables: forward port 80 to port 8080

  • 772

How can I port-forward port 80 internally to port 8080?

My goal is to have a web app server (Glassfish) running on port 8080, but for the outside world to access it normally on port 80. This is being done so that I don't have to run Glassfish as root.

I tried adding the following rule to my /etc/sysconfig/iptables:

-A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080

but this results in the following error:

Applying iptables firewall rules: iptables-restore v1.3.5: Line 21 seems to have a -t table option.
centos port-forwarding iptables

2 Answers

  1. Best Answer

    You cannot specify the table like that in/etc/sysconfig/iptables. Each table is set with an asterisk then the table name. Here is a skeleton of what you'd do:

    *nat
:PREROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination :8080
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT

    Instead of editing the file you could also manually set up the rules you like using the iptables command and then execute iptables-save > /etc/sysconfig/iptables or service iptables save.

    • 8

  2. you were close

    iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination :8080

    It has to do NAT so that when the reply is sent back to the client, it appears to come from port 80, not 8080.

    • 3