Redirect specific traffic over another interface

murga

7/10/24, 3:28 PM

I have a router (with iptables support) with 2 WAN interfaces (wan0 and wan1) and I am trying to redirect calls of specific IPs (for ex: 8.8.8.8) over second interface (wan1) using ip tables. Traffic is coming from single LAN interface (eth0). I tried to mark the network packets like this:

iptables -t mangle -I PREROUTING -d $PUBLIC_IP -p tcp --dports 80,443 -j MARK --set-mark 0x77

and then create a rule through UI of router based on markings. But no luck.

Can this be done using only iptables?

I am sorry I am not coming from networking field so any help appreciate.

Thanks in advance!

1 + 0

networking

iptables

Score:0

Server

larsks

7/10/24, 10:05 PM

It sounds like you want to create a DNAT rule. Maybe something like:

iptables -t nat -A PREROUTING \
  -d $ORIGINAL_IP \
  -p tcp --dports 80,443 \
  -j DNAT --to-destination $NEW_IP

+ 1

murga

7/11/24, 9:27 AM

I solved my problem using static routes, but interested in DNAT rule you provided. So, this rule will forward complete traffic from ORIGINAL_IP to NEW_IP? This implies that the WAN IP is known?

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Redirect specific traffic over another interface

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.