iptables forward tcp port to another port on same host after connection already established

Andrey Obruchkov

8/29/23, 9:31 AM

i have a tcp server that prints messages it gets(without sending back) on port 1234 and another tcp server on port 5678. i have a client that already communicates with the 1234 server and i want to redirect it to the 5678 server.

i know how to redirect packet (with the connection request) ip tables -t nat -I PREROUTING -p tcp --dport 1234 -j REDIRECT --to-ports 5678 but it not works if the connection already established on previous server, my question is how to enforce reconnection without the client to hang

0 + 0

networking

linux

iptables

A.B

8/29/23, 11:50 AM

If a *different* connection from the same client (ie: different source port) happens this won't alter the established connection and the new one(s) will be redirected. If you wanted to alter the established connection, supposing you had a way to do this, this wouldn't work for TCP because it's a connection-oriented protocol which keeps connection state. For UDP there could be options, but all of this doesn't make sense to me until you give a concrete example explaining what you want to do with an example and especially *why* you want to do it.

Andrey Obruchkov

8/29/23, 12:00 PM

@A.B i want to scan payload of a tcp connection(data that goes to some server on my machine) and drop packets that contain the word "hello" in it.

A.B

8/29/23, 12:02 PM

Edit your question to clarify it. Dropping isn't redirecting. Anyway redirecting probably not possible with iptables for TCP.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: iptables forward tcp port to another port on same host after connection already established

TH: iptables ส่งต่อพอร์ต tcp ไปยังพอร์ตอื่นบนโฮสต์เดียวกันหลังจากสร้างการเชื่อมต่อแล้ว

RO: iptables redirecționează portul tcp către un alt port de pe aceeași gazdă după ce conexiunea este deja stabilită

RU: iptables перенаправляет TCP-порт на другой порт на том же хосте после того, как соединение уже установлено

VI: iptables chuyển tiếp cổng tcp sang một cổng khác trên cùng một máy chủ sau khi kết nối đã được thiết lập

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.