What is Port Forwarding?
Port forwarding is a feature of the IPTables system. It allows one computer to forward connections made to it so that another computer can actually process the request. If you want a very simple metaphor you can think of it as mail forwarding. Each computer has a number of addresses called ports, and IPTables allows connections to these ports to be sent to another computer. With port forwarders, you can redirect data connections from the Internet to an internal, privately addressed machine behind your IP MASQ server. This forwarding ability includes network protocols such as TELNET, WWW, and SMTP. Protocols such as FTP, legacy ICQ, and others require special handling via kernel modules.
Setup
On Ubuntu you need to enable port forwarding. For doing this you have to be the root user.
root@shahid-laptop:~# echo 1 > /proc/sys/net/ipv4/ip_forward
After this you need to write iptable rule.
root@shahid-laptop:~# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE root@shahid-laptop:~# iptables -t nat -A PREROUTING -p tcp -i eth0 -d 192.168.0.10 --dport 555 -j DNAT --to 192.168.0.12:22 root@shahid-laptop:~# iptables -A FORWARD -p tcp -i eth0 -d 192.168.0.12 --dport 22 -j ACCEPT
In this rule, when we tries to connect to the IP 192.168.0.10 through the port 555 this system redirects the connection to the IP and 192.168.0.12 and port 22.
To see the iptables rule use the command ‘iptables -L’
root@shahid-laptop:~# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT tcp -- anywhere 192.168.0.12 tcp dpt:ssh Chain OUTPUT (policy ACCEPT) target prot opt source destination
Saving Data
When you reboot the system the iptables rules will be removed from the kernel module , so either you need to use iptables-save and iptables-restorefor saving and restoring iptable rules or you need to write a script which will execut on every boot for enabling and create the iptable rule.
No Comment Received
Leave A Reply