Solved

Advanced Policy Firewall localhost forwarding

Posted on 2013-06-24
3
352 Views
Last Modified: 2013-06-25
I am semi-familiar with advanced policy firewall (APF) routing chains, however I am having issues writing a rule to forward port localhost:139 to 10.0.0.1:139

I'm not sure where to put it. In the preroute, or postroute file?

I basically want something like:

$IPT -t nat [output?] -p tcp --dport 139 -d 127.0.0.1 -j DNAT --to-destination 10.0.0.1:139

Any advice?

Thanks!!
0
Comment
Question by:dr34m3rs
  • 2
3 Comments
 
LVL 6

Accepted Solution

by:
Vijay Pratap Singh earned 500 total points
Comment Utility
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport $srcPortNumber -j REDIRECT --to-port $dstPortNumber

#iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 25 -j REDIRECT --to-port 2525
0
 
LVL 1

Author Comment

by:dr34m3rs
Comment Utility
I'm using APF, which is a configuration script for iptables, your examples don't work unfortunately.

$IPT -t nat -A PREROUTING -p tcp --dport 139 -i lo -j DNAT --to-destination 10.0.0.1:139
0
 
LVL 1

Author Comment

by:dr34m3rs
Comment Utility
Ok after a lot of reading and such, I've discovered that this line of thinking is ridiculous. Although it seems "so simple" of an idea, it just isn't.

I've gone the SSH local to remote forwarding route:

Generating an SSH key with openssh, so I can login to localhost without a password, then using screen to forward my ports (so I can close the console window), and will have to use netcat to forward my UDP ports.

Thanks for the help.

I'll give you the points just because you tried!!

dr34m3r
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Have you ever been frustrated by having to click seven times in order to retrieve a small bit of information from the web, always the same seven clicks, scrolling down and down until you reach your target? When you know the benefits of the command l…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now