Is it possible to redirect all calls to an external IP on internet, to localhost (without use of hosts)?
I have an old application and I don't have the source code and this application try to connect to a postgres server using an IP
Can I instruct ubuntu to redirect all callings to this external IP to localhost?
In this way, I'll be able to run a postgres server on localhost and work with my application.
note: the application uses the IP, not the dns.
Iptables is the way to go.
Breaking it down
-t nat
allows you to refer to 127.0.0.1 as a valid destination.-A OUTPUT
, appends to theOUTPUT
chain of iptables. This is a built-in chain. Other built-in chains exist likeINPUT
, which applies to incoming packets andPREPROCESSING
, which applies to all incoming packets before any other bulit-in chain gets to them. You can also make your own chains and append them to one of these built-in chains for better management of your settings.-d ${EXTERNAL_IP}
filters on the destination IP-address of packets going through OUTPUT chain.-j DNAT
sets the target of the rule toDNAT
, which allows you to modify destination address of packets.--to-destination 127.0.0.1
is parameter to the DNAT target that specifies what to change about these matching packets.You can also limit redirected ports of an address by using
--dports ${ORIGINAL_PORT_NUMBER}
after-d ${EXTERNAL_IP}
and have them re-route to specific port by appending port to 127.0.0.1 like so127.0.0.1:${FINAL_PORT_NUMBER}
.Removal
use the following to remove from iptables.
and check iptables listings with
sudo iptables -t nat -L -n -v
where-t nat
allows you to look at iptables mappings including ones that pertain to NAT.Further actions
You may also need to masquerade or redirect packets from your postgres server to match external IP addresses and expected port if you plan to communicate with the application and the application checks source IP address and port.
Related