Iptables Redirect

From D3xt3r01.tk
Jump to navigationJump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Useful for NAT-ing stuff...

Redirecting

 iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

This would redirect anything going out on port 80 to the same host but on port 8080

 iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-port 8080

This would redirect anything going out on port 80 to port 8080

 iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination internalip:8080

This would redirect anything going out on port 80 but to another ip in the internal network on port 8080

 iptables -t nat -A POSTROUTING -s internalip -j SNAT --to-source externalip

This would change the source of the packet from the internal ip to external ip

iptables -t nat -A PREROUTING -d externalip -j DNAT --to-destination internalip

This would redirect anything coming to external ip to the internalip


Feel free to add -d destinationip ; -s sourceip ; -i interface or -o interface to filter how that rule applies !