I have a service setup that redirects after a succesfull login (Couchbase), but the IP it transfers to is an local one, where the client that is connecting to cannot reach.
How can I setup iptables so that I can route traffic generated by the client itself to another port?
- Client connects to server1
- Server1 sends Client the ip to connect to (Which is local to server1, not Client)
- Client gets redirected to 192.168.2.53:11210 (Can't reach)
- IPTables routes all traffic that is send to 192.168.2.53:11210 to outside_ip:11210
The HTTP service just returns and IP to connect to, thus 'redirecting' the Client, but not with a HTTP Redirect.
I'm not confortable with IPTables so I'm not eager to experiment with it/mess up and lose my ssh connection, I've seen some examples but none of them seem to work or do exactly what I want.
If you cannot get the webservice to give a valid routable public IP address to the client, it's never going to work unless you write the client to ignore the IP address provided by the webservice.
iptablescannot fix this (without writing a protocol inspection module likeip_masq_ftp, and then assuming you're not using SSL).If you can get the webservice to give a proper public IP of a computer that has access to the internet and to the private network, then the simplest thing to do would be to have
rinetdrunning on that machine, listening on the internet side and forwarding connections to the private side, but for this to work, the port has to be consistent for the same IP (you can have multiple ports redirected, but incoming port 11210 always has to go to 192.168.2.53) (you can redirect to a different port, so if you have ...53:11210 and ...54:11210, you can use :11211 to redirect to one of them, but the webservice will need to know this).