I have a Debian 11 VM on a Windows machine. It has 3 network adapters. One is external (WAN), one internal (LAN) and another private (experimental).
I am using the box as a router which in turn uses my DSL router back through via the WAN NIC which is actually connected to the Hyper-V box. Everything works routing-wise.
What I'm trying to achieve, and having read many articles have failed this far, is I am trying to intercept a single port (4444) for example, to a single public internet IP address, and reroute that back to a machine on my LAN. Sounds simple, and I'm sure it is but I can't get it working.
To be clear, this is NOT trying to expose a public port and get it routed internally. This is to intercept one single port (the application in question connects to multiple ports). I want all communication to go to the target server normally, but I want this port directed to my machine where I have a socket server configured to deal with communication.
I know the answer involves iptables but I just can't get the commands right. Whenever I do
iptables -t nat -A OUTPUT -p tcp --dport 4444 -j DNAT --to-destination 10.0.0.111:4444
it doesn't even show up in my iptables -L. Forwarding is enabled. I have also tried:
iptables -t nat -A PREROUTING -p tcp -i eth1 --dport 4444 -j DNAT --to-destination 10.0.0.111:4444
I even applied it to eth0 which is the default gateway.
eth0 - Public WAN
eth1 - LAN
eth2 - Experimenting with assigning the public IP in question but this screws routing for all ports so gave up on that
