Score:0

Port forwarding in Ubuntu, from public ip to a client

cn flag

On a VPS with installed Ubuntu server 20.04 and OpenVPN, I need to forward all the traffic from a specific port of the vps public ip, to the same port of a VPN client.

VPS IPs:

vps public ip: 1.1.1.1
vps vpn ip: 10.8.0.1

Client IP:

vpn client ip: 10.8.0.2

Port forwarding for the port 587:

1.1.1.1:587 >> 10.8.0.2:587

I have tried to run the commands on the VPS (1.1.1.1):

sudo iptables -t nat -A PREROUTING -p tcp --dport 587 -j DNAT --to-destination 10.8.0.2:587
sudo iptables -t nat -A POSTROUTING -p tcp -d 10.8.0.2 --dport 587 -j SNAT --to-source 1.1.1.1

But the packets are not forwarded to the ip 10.8.0.2.

Any idea how iptables should be configured to make a correct port forwarding?

Score:1
cn flag

I have found this solution which is working as expected:

sudo sysctl net.ipv4.ip_forward=1
sudo iptables -t nat -A PREROUTING -p tcp --dport 587 -j DNAT --to-destination 10.8.0.2:587
#exclude "lo" interface, otherwise dns service stop working
sudo iptables -t nat -A POSTROUTING ! -o lo -j MASQUERADE
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.