?
Solved

Port Forwarding with iptables

Posted on 2013-11-26
6
Medium Priority
?
493 Views
Last Modified: 2013-11-27
I am a newbie with iptables.
I want to have all incoming traffic on port x redirect to internal ip address 192.168.136.55 on the same port x.
I have tried several syntaxes but they don't work.
Can you help me with the syntax for this please?
0
Comment
Question by:LostInWindows
  • 4
  • 2
6 Comments
 
LVL 23

Expert Comment

by:savone
ID: 39679688
You do not "forward" a port on iptables like you would on a netgear firewall.

If you have a service, let's say http (web server) running on port 80, you only need to open the port or allow traffic on that port like so:

iptables -I INPUT -p tcp --dport 80 -j ACCEPT

That will allow traffic on port 80 through to your web server.
0
 
LVL 1

Author Comment

by:LostInWindows
ID: 39679732
The Linux server is running as a firewall and mail server. That is why they are running iptables.
Can I forward port 3389 to my Windows machine so that I can Remote Desktop?
0
 
LVL 23

Accepted Solution

by:
savone earned 2000 total points
ID: 39679767
iptables -t nat -A PREROUTING -p tcp -d <linux server ip> --dport 3389 -j DNAT --to-destination <windows ip>:3389
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
LVL 1

Author Comment

by:LostInWindows
ID: 39679826
I now have this entry in iptables:
iptables -t nat -A PREROUTING -p tcp -d 192.168.0.1 -dport 3389 -j DNAT --to-destination 192.168.0.55:3389
I restarted the Linux server because I didn't know if I had to refresh what is in the kernel.
I cannot reach the Windows server. I have checked to ensure the Windows server is accepting 3389.
Did I miss something?
0
 
LVL 1

Author Comment

by:LostInWindows
ID: 39679831
[root@serv ~]# nmap -v -sT 192.168.0.55

Starting Nmap 6.01 ( http://nmap.org ) at 2013-11-26 21:21 MST
Initiating ARP Ping Scan at 21:21
Scanning 192.168.0.55 [1 port]
Completed ARP Ping Scan at 21:21, 0.01s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 21:21
Completed Parallel DNS resolution of 1 host. at 21:21, 0.01s elapsed
Initiating Connect Scan at 21:21
Scanning 192.168.0.55 [1000 ports]
Discovered open port 3389/tcp on 192.168.0.55
Discovered open port 445/tcp on 192.168.0.55
Discovered open port 135/tcp on 192.168.0.55
Discovered open port 139/tcp on 192.168.0.55
Discovered open port 49160/tcp on 192.168.0.55
Completed Connect Scan at 21:21, 4.41s elapsed (1000 total ports)
Nmap scan report for 192.168.0.55
0
 
LVL 1

Author Closing Comment

by:LostInWindows
ID: 39680845
Thanks for the help. At least I have the IP tables correct. My RDP doesn't work but one step at a time. Thank you again.
0

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension . This reminded me of questions that come up here at EE along the lines of, "How can I tell the type of file from its cont…
I have written articles previously comparing SARDU and YUMI.  I also included a couple of lines about Easy2boot (easy2boot.com).  I have now been using, and enjoying easy2boot as my sole multiboot utility for some years and realize that it deserves …
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question