Join Log in
Score:0
avatar Server

iptables forward port to new destination ipaddress

cn flag
farhadf

I'm trying to simply forward all requests to port 8080 to a new server destination port 80 so I set up the following iptables rule:

sudo iptables -t nat -A PREROUTING -p tcp --dport 8080 -j DNAT --to-destination  10.0.1.5:80
sudo iptables -t nat -A POSTROUTING -j MASQUERADE

but then

> curl 127.0.0.1:8080
curl: (7) Failed connect to 127.0.0.1:8080; Connection refused

I know that 10.0.1.5:80 is open and can read from it via curl

$ sudo iptables -t nat --list
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
DNAT       tcp  --  anywhere             anywhere             tcp dpt:webcache to:10.0.1.5:80

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  anywhere             anywhere

I don't have anything listening at port 8080.

23
0 + 0
cn flag
farhadf
I have realized that it is working from another machine on the subnet, that is, If I do curl 10.2.0.6:8080 it does forward to port 80 on the destination machine. Not sure why it doesn't work on 127.0.0.1 though
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.