How to forward port tun0 to local adress via eth0?

Low-voltage systems engineer

12/31/22, 1:16 PM

IPTABLES

Me 10.8.0.7 Debian

Linux server cent8 eth0 192.168.88.11 tun0 10.8.0.6

How to connect 10.8.0.6:8888 port forwarding to Local 192.168.88.10:443 machine?

Enable forwarding

echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward
sudo sysctl -w net.ipv4.ip_forward=1
echo '1' | sudo tee /proc/sys/net/ipv4/conf/eth0/forwarding ;
echo '1' | sudo tee /proc/sys/net/ipv4/conf/tun0/forwarding
sudo iptables -A FORWARD -i tun0 -o eth0 -j ACCEPT

# forward 10.8.0.6:8888 to local 192.168.88.10:443 
sudo iptables -t nat -A PREROUTING -p tcp -d 10.8.0.6 --dport 8888-j DNAT --to-destination 192.168.88.10:443
#  return
sudo iptables -t nat -A POSTROUTING -p tcp --dst 192.168.88.10 -j SNAT --to-source 10.8.0.6:8888

# remove
sudo iptables -t nat -D PREROUTING 2
sudo iptables -t nat -D POSTROUTING 2

What that not working?

1 + 1

openvpn

Nikita Kipriyanov

12/31/22, 1:59 PM

Is this a complete Netfiler? You've added a single rule into each chain, but remove them as no. 2, which is strange, they must have been no. 1 if this is all you have. Also you permitted traffic in the FORWARD in one direction, but no in the other. Also there could be a routing issue on the 192.168.88.10 — does it have a route towards 10.8.0.6?

Score:0

Server

raj

12/31/22, 5:19 PM

If you need to forward only a single port, I would not turn on IP forwarding in the kernel, and not mess with iptables, but rather use a specialized program like socat to do the port forwarding (on the linked page you have an example how to do the port forwarding with socat). My favorite port forwarding tool is tcppm from the 3proxy package.

0 + 0

Low-voltage systems engineer

7/9/23, 9:00 AM

socat -d -d TCP-LISTEN:888,fork,reuseaddr TCP:ifconfig.me:80 Curl localhost:888 But I have error: 2022/03/08 12:45:12 socat[601400] W ioctl(5, IOCTL_VM_SOCKETS_GET_LOCAL_CID, ...): Inappropriate ioctl for device 2022/03/08 12:45:12 socat[601400] N1405] N socket 1 (fd 6) is at EOF 2022/03/08 12:45:22 socat[601405] N socket 2 (fd 5) is at EOF 2022/03/08 12:45:22 socat[601405] N exiting with status 0 2022/03/08 12:45:22 socat[601400] N childdied(): handling signal 17 Can you help me?

raj

7/9/23, 10:11 AM

@Low-voltagesystemsengineer I can't too much, not knowing your system. Many things may be wrong. Did you run this as root? What does the name `Curl` mean in your command? Aren't there too many parameters (basic socat syntax is `socat [options] <address> <address>`, I see more than 2 addresses here)? Is anything already occupying port 888? Is `ifconfig.me:80` available and responding? Try without `,fork,reuseaddr` first - does it work?

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How to forward port tun0 to local adress via eth0?

TH: จะส่งต่อ port tun0 ไปยัง local address ผ่าน eth0 ได้อย่างไร?

RO: Cum se transmite portul tun0 la adresa locală prin eth0?

RU: Как перенаправить порт tun0 на локальный адрес через eth0?

VI: Làm cách nào để chuyển tiếp cổng tun0 đến địa chỉ cục bộ qua eth0?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.