{"id":4200,"date":"2017-03-02T12:34:02","date_gmt":"2017-03-02T10:34:02","guid":{"rendered":"https:\/\/adrhc.go.ro\/wordpress\/?p=4200"},"modified":"2018-03-23T21:46:33","modified_gmt":"2018-03-23T19:46:33","slug":"iptables","status":"publish","type":"post","link":"https:\/\/adrhc.go.ro\/blog\/iptables\/","title":{"rendered":"iptables"},"content":{"rendered":"
\r\niptables processing steps (original image link)<\/a>\r\n\r\n\"\"<\/a>\r\n\r\nRedirect eth0:3240 to 127.0.0.1:32400<\/strong>\r\nsudo sysctl -w net.ipv4.ip_forward=1\r\nsudo sysctl -a | grep 'net.ipv4.ip_forward'\r\nsysctl net.ipv4.ip_forward -> this reads the value\r\nsudo sysctl -w net.ipv4.conf.eth0.route_localnet=1\r\nsudo sysctl -a | grep 'net.ipv4.conf.eth0.route_localnet'\r\n# you'll need the rule below when using ufw\r\nsudo ufw allow to 127.0.0.1 port 32400\r\n\r\nSuppose we have a server with an eth0 with the ip 192.168.1.31.\r\n\r\nSet this iptables rule on the server:\r\nsudo sysctl -w net.ipv4.conf.eth0.route_localnet=1\r\nthen\r\nsudo iptables -t nat -I PREROUTING -p tcp -i eth0 --dport 3240 -j DNAT --to-destination 127.0.0.1:32400\r\nor using the ip for eth0:\r\nsudo iptables -t nat -I PREROUTING -p tcp -d 192.168.1.31 --dport 3240 -j DNAT --to-destination 127.0.0.1:32400\r\nin order to work this command on a client computer (but not on the server):\r\ncurl -kLD http:\/\/192.168.1.31:3240\/web\/index.html\r\n\r\nSet only this iptables rule on the server:\r\nsudo iptables -t nat -I OUTPUT -p tcp -o lo --dport 3240 -j REDIRECT --to-ports 32400\r\nin order to work these curl commands on the server:\r\ncurl -kLD - http:\/\/127.0.0.1:3240\/web\/index.html \r\ncurl -kLD - http:\/\/192.168.1.31:3240\/web\/index.html\r\n\r\nView and delete rules<\/strong>\r\nsudo iptables -t nat --line-number -L -v\r\nsudo iptables -t nat -D PREROUTING 1 -> deletes rule 1 from PREROUTING\r\nsudo iptables -t nat -D OUTPUT 1 -> deletes rule 1 from OUTPUT\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"
iptables processing steps (original image link) Redirect eth0:3240 to 127.0.0.1:32400 sudo sysctl -w net.ipv4.ip_forward=1 sudo sysctl -a | grep ‘net.ipv4.ip_forward’ sysctl net.ipv4.ip_forward -> this reads the value sudo sysctl -w net.ipv4.conf.eth0.route_localnet=1 sudo sysctl -a | grep ‘net.ipv4.conf.eth0.route_localnet’ # you’ll need […]<\/p>\n
Continue reading ➞ iptables<\/span><\/a><\/div>","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9,8,11,49],"tags":[79],"class_list":["post-4200","post","type-post","status-publish","format-standard","hentry","category-commands","category-howto","category-linux","category-network","tag-iptables"],"_links":{"self":[{"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/posts\/4200","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/comments?post=4200"}],"version-history":[{"count":0,"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/posts\/4200\/revisions"}],"wp:attachment":[{"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/media?parent=4200"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/categories?post=4200"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/tags?post=4200"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}