iptables port forwarding is not working

I have a domestic server, and there are two public IPs on this server: One is domestic IP: 1.1.1.1 One is the IP of Hong Kong: 2.2.2.2

The default route of the server is to go out from the Hong Kong side of 2.2.2.2. I now have a server 3.3.3.3 in the United States as a scientific server. The port is 2080.

I want to access port 1080 of 1.1.1.1 and redirect the traffic to 3.3.3.3:2080 in the United States through DNAT.

How should it be written?

iptables -t nat -A PREROUTING -p tcp -d 1.1.1.1 --dport 1080 -j DNAT --to-destination 3.3.3.3:2080

iptables -t nat -A POSTROUTING -j MASQUERADE

This statement has no effect. Server forwarding is enabled.

1. Verify that the iptables rule is actually being applied by running the following command:

iptables -t nat -L -n

2. Verify that the default route of the server is correct and that the traffic is going out from the Hong Kong side of 2.2.2.2:

ip route

3. Verify that server 3.3.3.3 in the United States is able to receive traffic on port 2080:

telnet 3.3.3.3 2080

If the connection is successful, the server can receive traffic on port 2080.

4. Verify that any firewalls on server 3.3.3.3 in the United States are not blocking port 2080 traffic.

If those steps didng't resolve the issue, you have to add some logging to your iptables rule to see if the traffic is being matched and forwarded as expected:

-j LOG --log-prefix "Port Forwarding: "

This will add a log message to the kernel log whenever the rule is matched:

dmesg