How do i redirect all traffic from public IP to another public ip?

Posted on 2009-02-22
Last Modified: 2013-12-19
I have a machine in a shared hosting, it listen to varies udp ports.
I like to move it to a private cage, but the IP address can't move with it.
is there any way, maybe using linux or such,
to do a simple redirect to all traffic coming to the original IP to the new IP address?

I've checked IPTABLES, but I'm still not sure how can it be done...

Question by:bercko21
    LVL 16

    Accepted Solution

    Yes it can be done with linux. But note there are some limitations - specifically you need to do DNAT as well as SNAT on the linux machine, which means that you will not see source IPs on your hosting box - all traffic will come from your linux machine.

    a short script that will acomplish UDP port 2000 forwarding

    echo "1" > /proc/sys/net/ipv4/ip_forwarding
    iptables -t filter -A FORWARD -d <your hosting box IP> -p udp --dport 2000 -m state -state NEW,ESTABLISHED -j ACCEPT
    iptables -t filter -A FORWARD -m state -state ESTABLISHED -j ACCEPT
    iptables -t filter -A FORWARD -j DROP
    iptables -t nat -A PREROUTING -d <linux box IP> -p udp --dport 2000 -j DNAT --to-destination <your hosting box IP>
    iptables -t nat -A POSTROUTING -d <your hosting box IP> -p udp --dport 2000 -j SNAT --to-source <linux box IP>

    LVL 16

    Expert Comment

    If you wish to redirect all traffic you could drop the "-p udp --dport 2000" parts of the rules. Note that if this is the only public IP of the linux box you will not be able to connect to it at all (like SSH).

    iptables -t filter -A FORWARD -d <your hosting box IP> -m state -state NEW,ESTABLISHED -j ACCEPT
    iptables -t nat -A PREROUTING -d <linux box IP> -j DNAT --to-destination <your hosting box IP>
    iptables -t nat -A POSTROUTING -d <your hosting box IP> -j SNAT --to-source <linux box IP>

    Author Comment

    Thanks Blaz for your help!

    By ports or all trafiic, both are fine,
    I've tried typing the solution you brought and I'm getting "Bad argument `NEW,ESTABLISHED'"
    any ideas regarding it?
    LVL 16

    Expert Comment

    I think I made a typo. The rule should read:
    iptables -t filter -A FORWARD -d <your hosting box IP> -p udp --dport 2000 -m state --state NEW,ESTABLISHED -j ACCEPT

    Note the double hypen before state.

    Author Comment

    I notice the typo, it didn't make a difference...
    I still trying it here, but so far It's not working for some reason....
    LVL 27

    Assisted Solution

    Run: modprobe ip_conntrack
    then, this command should work...
    LVL 16

    Expert Comment

    I believe that I gave a working configuration to solve the question in comment #23708908. The only problem asker was having should be resolved by Nopius's comment #23733446 and the asker did not report any problems with the solution afterwards.

    Featured Post

    Live: Real-Time Solutions, Start Here

    Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

    Join & Write a Comment

    Suggested Solutions

    Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
    If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now