[Firehol-support] Port forwarding using dnat and traffic from localhost
Silvio Bierman
sbierman at jambo-software.com
Thu Jun 5 07:50:14 BST 2014
On 06/04/2014 09:13 PM, Phil Whineray wrote:
> On Wed, Jun 04, 2014 at 08:57:57AM +0200, Silvio Bierman wrote:
>>> # Redirect $ip:80 to port 8080, when generated on local machine
>>> iptables -t nat -A OUTPUT -d $ip -p tcp --dport 80 -j REDIRECT --to-port 8080
>>>
>>> Add this too, if you want http://localhost:80/ to also redirect:
>>>
>>> # Redirect port 80 to port 8080, when using loopback interface
>>> iptables -t nat -A OUTPUT -o lo -p tcp --dport 80 -j REDIRECT --to-port 8080
>> Thank you Phil,
>>
>> This works great, thank you.
>>
>> I have entered these commands manually logged in as root. Is this
>> something I could do from the firehol.conf line? If so, would these
>> redirects also be removed from iptables if I stop the firehol
>> service?
> Yes, you should just be able to include these as-is within the firehol.conf;
> they invoke the iptables helper (http://firehol.org/manual/firehol-iptables/)
> rather than iptables directly, so the rules are kept in the finished
> firewall.
>
> Also, yes, if you run "firehol stop", these rules will get cleared at
> the same time as any others.
>
> Cheers
> Phils
Great Phil,
Thank you very much. You have helped me to an elegant solution for a
problem I have been struggling with for a couple of years now.
Cheers,
Silvio
More information about the Firehol-support
mailing list