LinuxQuestions.org
Page 1 of 2 1 2
Show 50 post(s) from this thread on one page

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   How Can I forward all incoming Traffic to other address? (https://www.linuxquestions.org/questions/linux-networking-3/how-can-i-forward-all-incoming-traffic-to-other-address-4175534581/)

hack3rcon 02-20-2015 12:32 AM
How Can I forward all incoming Traffic to other address?
 
Hello.
How can I forward all incoming Traffic to other IP with iptables?

Tnx.

pan64 02-20-2015 01:02 AM
do you mean NAT? https://en.wikipedia.org/wiki/Networ...ss_translation
https://www.howtoforge.com/nat_iptables

hack3rcon 02-20-2015 04:11 AM
No, I means is that "When anyone want to connect to my system, iptables forward it to other IP". Like Scanning and etc.

pan64 02-20-2015 04:30 AM
I'm sorry, I do not know what do you mean by scanning. Probably you need port forwarding or nat, but still unclear.

hack3rcon 02-20-2015 05:33 AM
Thus, I can't Forward all incoming connections to other address? I blocked all incoming connections but how can I forward it?
Scanning means that when a person want to scan my IP with some tools like Nmap, All Nmap requests forward to other IP.

pan64 02-20-2015 05:35 AM
I still think that can be solved using nat. But remember, if you redirect all the requests to another host you will not be able to login too.

hack3rcon 02-21-2015 12:09 AM
What is your idea to solve my problem?
I just want if anyone wants to Scan my PC, all his/her requests forward to other IP.

snowman81 02-21-2015 12:40 PM
How are you planning on determining what constitutes scanning? Is there a threshold of some kind?

hack3rcon 02-22-2015 07:39 AM
I don't know why I can't login to Linux if block all incoming connection :(

pan64 02-22-2015 12:36 PM
?
what is the problem with that? login (ssh) is one kind of connection. You blocked all connections, therefore this one was blocked too.

hack3rcon 02-23-2015 03:58 AM
OK. Just Just open SSH and forward other connections.

What is your idea about it?

iptables -t nat -A PREROUTING -j DNAT --to 1.2.3.4

pan64 02-23-2015 04:17 AM
I would say first you need to nat ssh (port 22) to localhost and after that everything can be forwarded to another host. But probably there is another solution too.
And also you can also use another port for ssh.

hack3rcon 02-23-2015 04:37 AM
can you change above command for it?

cengbrecht 02-23-2015 12:04 PM
If you are behind a router, and you a getting traffic forwarded directly to your computer then you should re-enable the firewall in the router, and clean your traffic there.

Though; It sounds like your computer is directly connected to the internet without a router, I would first suggest getting a DD-WRT, Onion Router, or PFSense Router running and controlling your internet before forwarding any traffic.

NAT is what you want if you want to forward traffic, but if its a scan of your ports, then DD-WRT, and PFSense would be excellent solution's to this since they will detect and stop replying to a scan request.

If you are trying to forward local traffic on a server with dual connections and you want to pass the traffic from one to the other, then you need to setup the server as a pass-through device, or a forwarding device, almost like a switch.

hack3rcon 02-24-2015 06:25 AM
I don't like BSD "PFSense".
I changed above command to just Open port 22, What is your idea?


All times are GMT -5. The time now is 07:34 AM.
Page 1 of 2 1 2
Show 50 post(s) from this thread on one page