Solved

Port Forwarding with iptables

Posted on 2013-11-26
6
455 Views
Last Modified: 2013-11-27
I am a newbie with iptables.
I want to have all incoming traffic on port x redirect to internal ip address 192.168.136.55 on the same port x.
I have tried several syntaxes but they don't work.
Can you help me with the syntax for this please?
0
Comment
Question by:LostInWindows
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 23

Expert Comment

by:savone
ID: 39679688
You do not "forward" a port on iptables like you would on a netgear firewall.

If you have a service, let's say http (web server) running on port 80, you only need to open the port or allow traffic on that port like so:

iptables -I INPUT -p tcp --dport 80 -j ACCEPT

That will allow traffic on port 80 through to your web server.
0
 
LVL 1

Author Comment

by:LostInWindows
ID: 39679732
The Linux server is running as a firewall and mail server. That is why they are running iptables.
Can I forward port 3389 to my Windows machine so that I can Remote Desktop?
0
 
LVL 23

Accepted Solution

by:
savone earned 500 total points
ID: 39679767
iptables -t nat -A PREROUTING -p tcp -d <linux server ip> --dport 3389 -j DNAT --to-destination <windows ip>:3389
0
The Orion Papers

Are you interested in becoming an AWS Certified Solutions Architect?

Discover a new interactive way of training for the exam.

 
LVL 1

Author Comment

by:LostInWindows
ID: 39679826
I now have this entry in iptables:
iptables -t nat -A PREROUTING -p tcp -d 192.168.0.1 -dport 3389 -j DNAT --to-destination 192.168.0.55:3389
I restarted the Linux server because I didn't know if I had to refresh what is in the kernel.
I cannot reach the Windows server. I have checked to ensure the Windows server is accepting 3389.
Did I miss something?
0
 
LVL 1

Author Comment

by:LostInWindows
ID: 39679831
[root@serv ~]# nmap -v -sT 192.168.0.55

Starting Nmap 6.01 ( http://nmap.org ) at 2013-11-26 21:21 MST
Initiating ARP Ping Scan at 21:21
Scanning 192.168.0.55 [1 port]
Completed ARP Ping Scan at 21:21, 0.01s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 21:21
Completed Parallel DNS resolution of 1 host. at 21:21, 0.01s elapsed
Initiating Connect Scan at 21:21
Scanning 192.168.0.55 [1000 ports]
Discovered open port 3389/tcp on 192.168.0.55
Discovered open port 445/tcp on 192.168.0.55
Discovered open port 135/tcp on 192.168.0.55
Discovered open port 139/tcp on 192.168.0.55
Discovered open port 49160/tcp on 192.168.0.55
Completed Connect Scan at 21:21, 4.41s elapsed (1000 total ports)
Nmap scan report for 192.168.0.55
0
 
LVL 1

Author Closing Comment

by:LostInWindows
ID: 39680845
Thanks for the help. At least I have the IP tables correct. My RDP doesn't work but one step at a time. Thank you again.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
In the first part of this tutorial we will cover the prerequisites for installing SQL Server vNext on Linux.
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question