Linux - Redirect Ports Using IPTables
In order to redirect ports, we need to add our rules in PREROUTING
chain. So run below command:
1
[[email protected] ~]# iptables -t nat -A PREROUTING -i ens18 -p tcp --dport 80 -j REDIRECT --to-port 8080
If we have an interface name other than ens18
then we need to edit we command accordingly. We can even add we source and destinations as well in same command using --src
and --dst
options. Without them, it’s assumed to any source and any destination.
Check port redirection in iptable
Verify port redirect rule in iptables using below command:
1
2
3
4
[[email protected] ~]# iptables -t nat -L -n -v
Chain PREROUTING (policy ACCEPT 1 packets, 30 bytes)
pkts bytes target prot opt in out source destination
84 5000 REDIRECT tcp -- ens18 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 redir ports 8080
We can see port 80 is being redirected to port 8080 on the server. Note here target is REDIRECT. Do not get confused with port redirection with port forwarding.
Save IPTables rules
To save iptables rules and make them persistent over reboots use the following command:
1
[[email protected] ~]# iptables-save
This post is licensed under CC BY 4.0 by the author.