Nov 30 2012
IPTables Traffic Redirection
Wether you need to redirect telnet or ssh connections through a server because you don’t have direct access to your final destination or you’re planning a web server migration, traffic forwarding comes in handy in many situations.
This is easily achieved on Linux distributions that come with IPtables. Yes, Iptables isn’t just a firewall but can provide nat and rewritting features.
Allow IP forwarding through the server
# echo 1 >/proc/sys/net/ipv4/ip_forward
The next step is to tell IPTables to redirect the traffic to the new server (http, port 80 in this case):
# iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination dst_srv_IP
Here’s where the IPTables magic begins. With the third and final step we tell IPTables to return the traffic to the original client.
# iptables -t nat -A POSTROUTING -d dst_srv_IP -p tcp -m tcp --dport 80 -j MASQUERADE