[CentOS] iptables port forwarding

Sun Jun 26 15:38:58 UTC 2011
Marian Marinov <mm at yuhu.biz>

On Sunday 26 June 2011 12:53:07 muiz wrote:
> Dear all,
>   I would like to forward a port to an internet server, but failed. can you
> help me? Server:  eth0: 192.168.1.250, Port: 8080 TCP, CentOS 5.6
> Remote server:   IP: a.b.c.d  Port: 8181
> 
> 
> Forward path:  client1(192.168.1.10) -> 192.168.1.250:8080 (forward) ->
> a.b.c.d  Port: 8181 -----------------------------------------
> In Fedora, I successfully to config the firewall using
> system-config-firewall and iptables command: 1. Run system-config-firewall
>  1.1 open local port 8080
>  1.2 add a forward rule: local 8080 to remote a.b.c.d:8181, tcp
> 2. echo 1 > /proc/sys/net/ipv4/ip_foward
> 3. add a iptables rule: /sbin/iptables -t nat -A POSTROUTING -d  a.b.c.d -p
> tcp --dport 8181 -j MASQUERADE That's all.
> 
> 
> 
> 
> Thanks !
You have to use Destination NAT for the job:

iptables -t nat -A PREROUTING -j DNAT -p tcp --dport 8080 --to a.b.c.d:8181
echo 1 > /proc/sys/net/ipv4/ip_foward

If you have more then one IPs on the local machine its a good idea to specify 
the destination -d 192.168.1.250 

Marian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.centos.org/pipermail/centos/attachments/20110626/2f3f2edf/attachment-0005.sig>