Posted on 2004-08-19
I'm working with RH 9 with several virtual interfaces bound to several ip addresses. My "main" IP is xxx.xxx.xxx.81 a second IP is xxx.xxx.xxx.82.
xxx.xxx.xxx.81 handles all "normal" requests on ports 80,443,25,110, etc.
I have an application running on port 24999. When connecting from another site without firewall restrictions I just can access it on xxx.xxx.xxx.81:24999.
On a third site there are firewall restrictions and I can only get out through port 80 and 443. So I managed to implement the following rerouting through the second interface on xxx.xxx.xxx.82:
-A PREROUTING -p tcp -m tcp -d xxx.xxx.xxx.82 --dport 443 -j REDIRECT --to-ports 24999
-A PREROUTING -p udp -m udp -d xxx.xxx.xxx.82 --dport 443 -j REDIRECT --to-ports 24999
The problem is that when the application answers to localhost so I don't get a reply.
How can I tell the server that the reply has to go via xxx.xxx.xxx.82 port 443 ? I tried several things but it didn't work. I guess it has to be something that looks like this:
-A PREROUTING -p tcp -m tcp -s xxx.xxx.xxx.82 --sport 24999 -j REDIRECT --to-ports 443
-A PREROUTING -p tcp -m udp -s xxx.xxx.xxx.82 --sport 24999 -j REDIRECT --to-ports 443
Who can help me?
Thanks in advance