Iptables Redirect: Difference between revisions

From D3xt3r01.tk
Jump to navigationJump to search
New page: Useful for NAT-ing stuff... ==Redirecting== iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080 This would redirect anything going out on port 80 to the same ho...
 
mNo edit summary
 
(One intermediate revision by the same user not shown)
Line 15: Line 15:
This would redirect anything going out on port 80 but to another ip in the internal network on port 8080
This would redirect anything going out on port 80 but to another ip in the internal network on port 8080


   iptables -A POSTROUTING -s internalip -j SNAT --to-source externalip
   iptables -t nat -A POSTROUTING -s internalip -j SNAT --to-source externalip


This would change the source of the packet from the internal ip to external ip
This would change the source of the packet from the internal ip to external ip


  iptables -A PREROUTING -d externalip -j DNAT --to-destination internalip
  iptables -t nat -A PREROUTING -d externalip -j DNAT --to-destination internalip


This would redirect anything coming to external ip to the internalip
This would redirect anything coming to external ip to the internalip
Line 27: Line 27:


[[Category:Linux]]
[[Category:Linux]]
[[Category:IPTables]]
[[Category:Iptables]]

Latest revision as of 19:50, 19 September 2013

Useful for NAT-ing stuff...

Redirecting

 iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

This would redirect anything going out on port 80 to the same host but on port 8080

 iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-port 8080

This would redirect anything going out on port 80 to port 8080

 iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination internalip:8080

This would redirect anything going out on port 80 but to another ip in the internal network on port 8080

 iptables -t nat -A POSTROUTING -s internalip -j SNAT --to-source externalip

This would change the source of the packet from the internal ip to external ip

iptables -t nat -A PREROUTING -d externalip -j DNAT --to-destination internalip

This would redirect anything coming to external ip to the internalip


Feel free to add -d destinationip ; -s sourceip ; -i interface or -o interface to filter how that rule applies !