Nov 30 2012

IPTables Traffic Redirection

Published by at 7:55 pm under Linux




Wether you need to redirect telnet or ssh connections through a server because you don’t have direct access to your final destination or you’re planning a web server migration, traffic forwarding comes in handy in many situations.
This is easily achieved on Linux distributions that come with IPtables. Yes, Iptables isn’t just a firewall but can provide nat and rewritting features.
 
Allow IP forwarding through the server

# echo 1 >/proc/sys/net/ipv4/ip_forward

 
The next step is to tell IPTables to redirect the traffic to the new server (http, port 80 in this case):

# iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination dst_srv_IP

 
Here’s where the IPTables magic begins. With the third and final step we tell IPTables to return the traffic to the original client.

# iptables -t nat -A POSTROUTING -d dst_srv_IP -p tcp -m tcp --dport 80 -j MASQUERADE

No responses yet

Comments RSS

Leave a Reply