iptables port forwarding

Enable forwarding echo -e "net.ipv4.ip_forward=1" >> /etc/sysctl.conf sysctl -p Same port port forwarding iptables -t nat -A PREROUTING -p tcp --dport [local port] -j DNAT --to-destination [destination IP:destination port] iptables -t nat -A PREROUTING -p udp --dport [local port] -j DNAT --to-destination [destination IP:destination port] iptables -t nat -A POSTROUTING -p tcp -d [target IP] --dport [target port] -j SNAT --to-source [local server main network card binding IP] iptables -t nat -A POSTROUTING -p udp -d [target IP] --dport [target port] -j SNAT --to-source [local server main network card binding IP] #The local network card IP is subject to the IP bound to the server. Because many cloud hosts provide external IP addresses. But the connection is established using the private IP bound to the host. Theoretically, only DNAT rules can be configured. However, if DNAT fails to work properly during testing, you can try to configure the corresponding SNAT. Follow the process of configuring SNAT here.

iptables -t nat -A PREROUTING -p tcp -m tcp –dport 22029 -j DNAT –to-destination 67.56.60.198:22

Sometimes just setting the first step of DNAT does not succeed, you need to set SNAT

iptables -t nat -A POSTROUTING -d 67.56.60.198/32 -p tcp -m tcp –dport 22 -j SNAT –to-source 172.31.94.31 //Set the IP from which port 67.56.60.198 22 is connected< /p>

Open port 22029 and forward it to 67.56.60.198 port 22 (DNAT), and then establish a connection (SNAT) through the IP bound to the server and 67.56.60.198

Recommended site search: US anti-attack server, free website domain name registration, host discount code, IP rental, registration number query, cloud virtual host, server, independent IP, Hong Kong server recommendation, Taiwan online proxy server,