1

iptables port redirection.

view story
linux-howto

https://bbs.archlinux.org – Hello all, I've set up a virtual machine via VirtualBox (both host/guest are Arch x64) as a small development webserver. The VM is connected via NAT and has ports forwarded to the host for SSH and HTTP. HTTP has been linked to the host's 8080 but I would like to redirect this to the host's 80 via iptables, as assigning it to 80 directly needs root privileges on the VM.So: VM port 80 -> Host port 8080 -> Iptables -> Host port 80.My iptables.rules is as follows:# Generated by iptables-save v1.4.12 on Mon Sep 5 06:25:32 2011 *filter :INPUT ACCEPT [40:2890] :FORWARD ACCEPT (HowTos)

Shoutmeloud's picture
Submitted by Shoutmeloud on 09/05/2011

Stories similar to iptables port redirection.

Possible Duplicate: iptables: forward port 80 to port 8080

I'd like to forward port 80 to 8080. So I tried to edit /etc/syscongfig/iptables:

-A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080

But got:

# service iptables restart iptables: Flushing firewall rules: [ OK ] iptables: Setting chains to policy ACCEPT: filter [ OK

I'm trying to find out why changing my default iptables policy is affecting what nmap sees when it scans my host.

Consider the following iptables setup:

iptables -F iptables -A INPUT -p tcp -s 10.1.0.0/20 --dport 22 -j ACCEPT

iptables -P INPUT ACCEPT iptables -P FORWARD DROP iptables -P OUTPUT ACCEPT

iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j AC

I'm trying to open up port 8080 on my CentOS 5, Apache 2.2.3 server. When I go to ip:8080/mydirectory - it times out.

I'm trying to open up port 8080 on my CentOS 5, Apache 2.2.3 server. When I go to ip:8080/mydirectory - it times out.

Hey guys,

I don't understand whats going on with my rootserver... I have reset iptables and just opened the port for ssh. Now suddenly over night I see that there are a various of ports open: 21,80, 135, 139, 445, 3128

Could it be that vsftpd for example put rules in automatically to allow input on port 21?

I also tried disabling iptables with this command:

Code: # iptables -X # iptables

I am setting up tomcat server on my Centos 5.5 machine. I've been advised to run tomcat on 8080 as non root user and redirect traffic to it from port 80.

I searched and found the following iptables commands for this:# iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT -to-ports 8080 # iptables -I INPUT -p tcp --dport 8080 -j ACCEPTI have a doubt:

i have this iptables and working.

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 0:20 -j REDIRECT --to-port 8080 #bypass SSH iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 23:442 -j REDIRECT --to-port 8080 #bypass SSL iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 444:2082 -j REDIRECT --to-port 8080 #Cpanel SSL iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 2084:2086 -j RE

I used an online tool to create an iptables firewall. Basically I just need port 22 and 1194 open to the outside world. But I noticed this bash script has input, forward and output chains as accept by default. Is it blocking all traffic but those two ports? Thanks.

I need to reject all incoming packets in port 1723 and redirect all packets that incoming to port:xxxx to port:1723 in localhost.

I tried this rules but not works until i allow 1723 on INPUT chain of filter table.

# iptables -A INPUT -i eth0 -p tcp --dport xxxx -j ACCEPT # iptables -A PREROUTING -t nat -i eth0 -p tcp --dport xxxx -j REDIRECT --to-port 1723

after adding this rule it works fine: