I'm having a VM where port 80 is consumed by apache tomcat (host.nvoids.com).
and I'm having apache2 php running at port 8020 which is a wordpress blog (host.nvoids.com:8020)
I want when somebody hits my server at blog.nvoids.com it should get forwared to 8020.
Please let me know if anything can be done with any rule based port forwarding program?
something like the below –
iptables -t nat -A PREROUTING -d blog.nvoids.com -p tcp -m multiport --dports 80,443 -j DNAT --to-destination blog.nvoids.com:8020
I did not try this as i do not know how to turn off the above command.
Is there any rule names or numbers that can be assigned to iptables rules? And can I switch it on/off?
Regards
Best Answer
The canonical way to undo
is just to replace
-Awith-D(replace add with delete):Kudos to you for being interested in "how can I break things and then clean up" and for providing actual domain name.
Also, you say host.nvoids.com:8020, but your command says blog.nvoids.com:8020, possibly a mistake.
I don't thing iptables/DNAT is going to work well for you. The reason is: with IP routing tables, the main thing to watch out is that not only packets should go one way, but also that the resulting packets should return (approximately) the same route. There is nothing in host.nvoids.com that would cause it to return the packets to the "iptables machine". The client doesn't expect to send a packet to one IP and receive a reply from a different IP - not workable.
Maybe use haproxy on blog.nvoids.com, or a similar uncomplicated reverse proxy?