Score:0

iptables loses source address when forwarding to an internal virtual machine (Proxmox)

th flag

I have a Proxmox hypervisor. This proxmox is running a VM with HAProxy load balancer.

I am now trying to forward to this HAProxy via iptables port 80 and 443. Unfortunately the source address is lost and every request comes from 192.168.0.1 (Proxmox).

Am I missing a setting or is my forwarding wrong?
Forward:

iptables -A PREROUTING -t nat -i enp2s0 -d 148.XXX.XX.XX -p tcp --dport 80 -j DNAT --to-destination 192.168.0.140:80
iptables -A PREROUTING -t nat -i enp2s0 -d 148.XXX.XX.XX -p tcp --dport 443 -j DNAT --to-destination 192.168.0.140:443

iptables -A FORWARD -p tcp -d 192.168.1.140 --dport 80 -j ACCEPT
iptables -A FORWARD -p tcp -d 192.168.1.140 --dport 443 -j ACCEPT
Martin avatar
kz flag
The rules you posted are changing only the destination address (```DNAT``` target), not the source address. This happens somewhere else...
us flag
Please add output of `iptables-save` to the question.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.