Join Log in
Score:0
user9123 avatar Server

iptables forwarding not working when service listening on main interface IP address

in flag
user9123

I have a VPS with 3 IP addresses (say, 1.1.1.1, 1.1.1.2 and 1.1.1.3). 1.1.1.1 is the IP address for eth0 while 1.1.1.2 and 1.1.1.3 are assigned to eth0:0 and eth0:1 respectively.

I have followed a solution from another SF post to redirect all incoming traffic for 1.1.1.2 to an internal IP address. This works fine when I attempt to access a port on 1.1.1.2 on which there isn't a service listening, but when there's a service listening on 0.0.0.0 on that port, that service will reply.

I'm wondering if there's a way to always redirect all traffic from that IP to the private IP regardless of whether a service is listening or not.

I currently use:

iptables -t nat -A PREROUTING -i eth0 -d 1.1.1.2 -j DNAT --to-destination 10.0.0.2
iptables -t nat -A POSTROUTING -j MASQUERADE
28
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.