Posted by gobbo, 10-16-2012, 09:10 AM | Hi all,
I need some advice with iptables.
Lets say that I want to forward the port 4321 to my local pc.
So that I can see the port on some check tools like canyouseeme.org
I already know that I need two rules. But I don't know the exact rules. Can someone help me with this?
edit: OpenVPN already runs on the VPS so I must use the IP 10.8.0.6
Last edited by gobbo; 10-16-2012 at 09:16 AM.
|
Posted by CrystoneHosting, 10-16-2012, 09:19 AM | HAve you checked this site, http://linux.ardynet.com/ipmasq/ipmasq.php3?
|
Posted by gobbo, 10-16-2012, 09:29 AM | Thanks for this site. That's what I'm looking for.
I tried this command But I get this error: It's a XEN VPS if that helps.
edit: I tried the command with: iptables -t nat -A PREROUTING -p tcp --dport 8080 -i eth0 -j DNAT --to-destination 10.8.0.6:80
That works but I can't see the port.
Last edited by gobbo; 10-16-2012 at 09:35 AM.
|
Posted by CrystoneHosting, 10-16-2012, 09:33 AM | Try this as well, http://www.debiantutorials.com/port-...with-iptables/
|
Posted by Infinitnet, 10-16-2012, 09:36 AM | removed, as OP edited his post.
|
Posted by gobbo, 10-16-2012, 09:42 AM | Thank you!
Before I try this a have a questions.
What is local ip and port and what is destination ip and port in my case?
|
Posted by CrystoneHosting, 10-16-2012, 10:16 AM | Here is soem info on finding your local IP, http://lifehacker.com/5833108/how-to...nal-ip-address
|
Posted by gobbo, 10-16-2012, 10:52 AM | What a pity. It doesn't work. I really don't know why.
|
Posted by CrystoneHosting, 10-16-2012, 12:25 PM | try googling "iptables forums" maybe you can find somthing there
|
Posted by RobertJP, 10-17-2012, 08:26 AM | First you need to enable ipv4 forwarding, you can do so by editing /etc/sysctl.conf and set net.ipv4.ip_forward = 1 ( this is for permanent setup )or you can just do sysctl -w net.ipv4.ip_forward=1 to apply it untill server reboots.
The editing of sysctl.conf is advised if you with to have this enabled after reboot.
The iptables rule would be :
iptables -A PREROUTING -d yourIP -i eth0 -p tcp --dport yourport -j DNAT --to-destination destinationip:port
iptables -A POSTROUTING -o eth0 -j MASQUERADE
Note :
Replace eth0 with your current interface and yourport with your port that you wish to be forwarded.
Save the iptables rule / if centos do service iptables save .
Last edited by RobertJP; 10-17-2012 at 08:33 AM.
|
|
Add to Favourites
Print this Article |