Difference between revisions of "Iptables"
From Leaky
(Created page with 'To forward packets sent to one IP over to a different IP on a different server, you can use iptables. OLD_IP=92.48.119.131 NEW_IP=213.229.103.79 iptables -t nat -A PREROUTI…') |
(No difference)
|
Revision as of 23:59, 14 August 2013
To forward packets sent to one IP over to a different IP on a different server, you can use iptables.
OLD_IP=92.48.119.131 NEW_IP=213.229.103.79 iptables -t nat -A PREROUTING -d $OLD_IP -p tcp -m tcp --dport 80 -j DNAT --to-destination $NEW_IP:80 iptables -t nat -A POSTROUTING -s ! $OLD_IP -d $NEW_IP -p tcp -m tcp --dport 80 -j SNAT --to-source $OLD_IP
Blanket allow all packets being forwarded to the new IP.
iptables -A FORWARD -d $NEW_IP -j ACCEPT
Things to watch for if it doesn't work - IP forwarding needs to be enabled (sysctl -w net.ipv4.ip_forward=1) and you may need to allow the specific port in the INPUT chain. Not sure about this as I had already allowed port 80 prior to setting up the forwarding.
