Iptables Redirect

From D3xt3r01.tk
Jump to navigationJump to search

Useful for NAT-ing stuff...

Redirecting

 iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

This would redirect anything going out on port 80 to the same host but on port 8080

 iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-port 8080

This would redirect anything going out on port 80 to port 8080

 iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination internalip:8080

This would redirect anything going out on port 80 but to another ip in the internal network on port 8080

 iptables -A POSTROUTING -s internalip -j SNAT --to-source externalip

This would change the source of the packet from the internal ip to external ip

iptables -A PREROUTING -d externalip -j DNAT --to-destination internalip

This would redirect anything coming to external ip to the internalip


Feel free to add -d destinationip ; -s sourceip ; -i interface or -o interface to filter how that rule applies !