Linux – How to forward connection from one interface to another under linux

iptableslinuxroute

I have linux box which has two network interface, eth0, eth1. from eth1 I can access an internal website, say under port 8080. from outside the box, I can't access that network. my question is, is there a way I set up something so from outside the box, there appears to be a web server running in port 8080 and when I connect to it, it automatically forwards to eht1 the internal site? I tried to enable ip forward and add a static route, but it doesn't work. thanks.

Best Answer

Is this box routing the traffic between those interfaces? From what you wrote I assume that on eth0 there is a public network connected to the Internet, while there is a private local network on eth1.

If thats the setup and you want to access webserver on local network from the Internet you have to use Network Address Translation (NAT).

Basicly you need to figure an external IP address on the "outside" interface and add iptables rule:

iptables -t nat -A PREROUTING -p tcp -d X.X.X.X --dport 8080 -j DNAT --to Y.Y.Y.Y:8080

X.X.X.X is the external address while Y.Y.Y.Y is the internal one running webserver. In that scenario you also have to make sure you are allowing the traffic in the forward chain:

iptables -A FORWARD -p tcp -d Y.Y.Y.Y --dport 8080 -j ACCEPT

Your box has to have forwarding enabled for this:

sysctl net.ipv4.ip_forward=1

echo 1 > /proc/sys/net/ipv4/ip_forward

Not sure if thats answer your question, but gave very little details in you question.

Best Answer

Related Solutions

Copy Packets from One Interface to Another in Linux

Linux – One-to-One NAT using Linux IPTables Not Working

Related Topic