I want to redirect all traffic coming to a server to another machine behind the firewall. The traffic is coming to a particular IP address (e.g. http://mybox.mydomain.com). I want to redirect all traffic coming to http://mybox to another machine (say, 192.168.1.50). Can I do this using iptables?
Sign in to OStatic
close
Answers
Add AnswerYes - you should be able to. You will need to use the iptables PREROUTING rule. What this will do is route all incoming traffic to a given port, to another destination IP address and port.
Issue the following:
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to $DEST_IP:$DEST_PORT
In this case, $DEST_IP and $DEST_PORT will need to be set based on what you need.
Thanks! Unfortunately that does not seem to work for me. I regenerated the iptables file and see the rule in there, but nothing seems to be going through...
Make sure that you have IP Forwarding turned on in the kernel! It is 'OFF' by default, and you will have to enable it.
To check its status, issue:
sysctl net.ipv4.ip_forward
If it shows up as "1", you are set. If "0", that means you don't have forwarding enabled in the kernel.
To enable, issue:
sysctl -w net.ipv4.ip_forward=1
Edit sysctl.conf to make the changes permanent.
HTH
Share your knowledge