Join Log in
Score:0
n00dle avatar Server

iptables loses source address when forwarding to an internal virtual machine (Proxmox)

th flag
n00dle

I have a Proxmox hypervisor. This proxmox is running a VM with HAProxy load balancer.

I am now trying to forward to this HAProxy via iptables port 80 and 443. Unfortunately the source address is lost and every request comes from 192.168.0.1 (Proxmox).

Am I missing a setting or is my forwarding wrong?
Forward:

iptables -A PREROUTING -t nat -i enp2s0 -d 148.XXX.XX.XX -p tcp --dport 80 -j DNAT --to-destination 192.168.0.140:80
iptables -A PREROUTING -t nat -i enp2s0 -d 148.XXX.XX.XX -p tcp --dport 443 -j DNAT --to-destination 192.168.0.140:443

iptables -A FORWARD -p tcp -d 192.168.1.140 --dport 80 -j ACCEPT
iptables -A FORWARD -p tcp -d 192.168.1.140 --dport 443 -j ACCEPT
24
0 + 0
nat
Martin avatar
kz flag
Martin
The rules you posted are changing only the destination address (```DNAT``` target), not the source address. This happens somewhere else...
0
Reply
us flag
Tero Kilkanen
Please add output of `iptables-save` to the question.
1
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.