Firewall - redirect all traffic from single IP to internal IP and port
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Firewall - redirect all traffic from single IP to internal IP and port
I am using IPfire.
I would like to redirect all traffic from (external) 1.2.3.4 to (internal) 4.5.6.7:62000 This way the source machine is met with a default page, but the rest of the world roams freely. Is this possible?
I've been trying different things, but not having any luck.
Location: Montreal, Quebec and Dartmouth, Nova Scotia CANADA
Distribution: Arch, AntiX, ArtiX
Posts: 1,364
Rep:
Quote:
Originally Posted by mpyusko
I am using IPfire.
I would like to redirect all traffic from (external) 1.2.3.4 to (internal) 4.5.6.7:62000 This way the source machine is met with a default page, but the rest of the world roams freely. Is this possible?
I've been trying different things, but not having any luck.
thanks.
Hey mpyusko,
Not sure I understand 100% what you're asking, but I'll take a stab at it. Sounds to me like typical port-forwarding - and again, please correct me if I'm wrong. Here are my assumptions and comments:
1) by "internal" you mean your LAN and by "external" you are referring to the Internet
2) You want to direct certain external traffic to an internal IP address and port
3) This is usually done not based on the incoming IP address (which may be anything), but based on the port specified. You would then redirect external traffic coming in over port 11111, for example to an internal IP address and port number 22222.
Again, please confirm if I've understood your question correctly.
Correct. In this case I need to do it by IP. The machine in question has a fixed ip 1.2.3.4, but I do not have access to the machine to redirect it. So I want to take all traffic coming from it using Ports 80 and 443 and redirect them to 62000 and 62001 respectively on 4.5.6.7. I tried port forwarding using IPfires's interface, but it didn't work. Perhaps iptables?
Location: Montreal, Quebec and Dartmouth, Nova Scotia CANADA
Distribution: Arch, AntiX, ArtiX
Posts: 1,364
Rep:
Quote:
Originally Posted by mpyusko
Correct. In this case I need to do it by IP. The machine in question has a fixed ip 1.2.3.4, but I do not have access to the machine to redirect it. So I want to take all traffic coming from it using Ports 80 and 443 and redirect them to 62000 and 62001 respectively on 4.5.6.7. I tried port forwarding using IPfires's interface, but it didn't work. Perhaps iptables?
OK I understand. I am unfortunately familiar with neither iptables nor IPFire. I only use the basic firewall / forwarding capabilities of my router - they cover my needs.
Hopefully other members with the appropriate expertise will chime in. I quickly looked at the wiki page of my own distro (Arch), and the information on iptables is quite extensive. Perhaps your distro has something similar or worst case, the information in the Arch wiki may seamlessly apply since iptables is a generic linux utility.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.