How can I forward requests coming in on port 80 to another port on the same linux machine?
I used to do this by changing nat.conf, but this machine that I'm using doesn't have NAT. What's the alternative?
I have a Linux VPS (virtuozzo) server and I need to setup port forwarding, but my hosting provider does not allow iptables-nat kernel modules so iptables -t nat - is not working.
I'm looking for other ways how to do it. I know I can forward port using openssh, but I need to forward 20+ different ports, tcp and udp so this is not an option.
Is there is any software for linux that can do port forwarding?
I want to redirect all traffic from port 443 to the internal port 8080. I'm using this config for iptables:
iptables -t nat -I PREROUTING --source 0/0 --destination 0/0 -p tcp \
--dport 443 -j REDIRECT --to-ports 8080
This works for all external clients. But if I'm trying to access the port 443 from the same maschine I'll get a connection refused error.
wget https://localhost
How can I extend the iptables rule to redirect local traffic too?
How can I forward ports on a server running libvirt/KVM to specified ports on VM's, when using NAT?
For example, the host has a public IP of 1.2.3.4. I want to forward port 80 to 10.0.0.1 and port 22 to 10.0.0.2.
I assume I need to add iptables rules, but I'm not sure where is appropriate and what exactly should be specified.
Output of iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp dpt:bootps
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere 10.0.0.0/24 state RELATED,ESTABLISHED
ACCEPT all -- 10.0.0.0/24 anywhere
ACCEPT all -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Output of ifconfig
eth0 Link encap:Ethernet HWaddr 00:1b:fc:46:73:b9
inet addr:192.168.1.14 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::21b:fcff:fe46:73b9/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:201 errors:0 dropped:0 overruns:0 frame:0
TX packets:85 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:31161 (31.1 KB) TX bytes:12090 (12.0 KB)
Interrupt:17
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
virbr1 Link encap:Ethernet HWaddr ca:70:d1:77:b2:48
inet addr:10.0.0.1 Bcast:10.0.0.255 Mask:255.255.255.0
inet6 addr: fe80::c870:d1ff:fe77:b248/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:468 (468.0 B)
I'm using Ubuntu 10.04.
I want connections coming in on ppp0 on port 8001 to be routed to 192.168.1.200 on eth0 on port 8080.
I've got these two rules
-A PREROUTING -p tcp -m tcp --dport 8001 -j DNAT --to-destination 192.168.1.200:8080
-A FORWARD -m state -p tcp -d 192.168.1.200 --dport 8080 --state NEW,ESTABLISHED,RELATED -j ACCEPT
and it doesn't work. What am I missing?