Netexpertise

Wether you need to redirect telnet or ssh connections through a server because you don’t have direct access to your final destination or you’re planning a web server migration, traffic forwarding comes in handy in many situations.
This is easily achieved on Linux distributions that come with IPtables. Yes, Iptables isn’t just a firewall but can provide nat and rewritting features.
 
Allow IP forwarding through the server

# echo 1 >/proc/sys/net/ipv4/ip_forward

 
The next step is to tell IPTables to redirect the traffic to the new server (http, port 80 in this case):

# iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination dst_srv_IP

 
Here’s where the IPTables magic begins. With the third and final step we tell IPTables to return the traffic to the original client.

# iptables -t nat -A POSTROUTING -d dst_srv_IP -p tcp -m tcp --dport 80 -j MASQUERADE

Tags: firewall, iptables, linux, network

Comments RSS