How Can I forward all incoming Traffic to other address?

hack3rcon · 02-20-2015, 12:32 AM

Hello.
How can I forward all incoming Traffic to other IP with iptables?

Tnx.

pan64 · 02-20-2015, 01:02 AM

do you mean NAT? https://en.wikipedia.org/wiki/Networ...ss_translation
https://www.howtoforge.com/nat_iptables

hack3rcon · 02-20-2015, 04:11 AM

No, I means is that "When anyone want to connect to my system, iptables forward it to other IP". Like Scanning and etc.

pan64 · 02-20-2015, 04:30 AM

I'm sorry, I do not know what do you mean by scanning. Probably you need port forwarding or nat, but still unclear.

hack3rcon · 02-20-2015, 05:33 AM

Thus, I can't Forward all incoming connections to other address? I blocked all incoming connections but how can I forward it?
Scanning means that when a person want to scan my IP with some tools like Nmap, All Nmap requests forward to other IP.

pan64 · 02-20-2015, 05:35 AM

I still think that can be solved using nat. But remember, if you redirect all the requests to another host you will not be able to login too.

hack3rcon · 02-21-2015, 12:09 AM

What is your idea to solve my problem?
I just want if anyone wants to Scan my PC, all his/her requests forward to other IP.

snowman81 · 02-21-2015, 12:40 PM

How are you planning on determining what constitutes scanning? Is there a threshold of some kind?

hack3rcon · 02-22-2015, 07:39 AM

I don't know why I can't login to Linux if block all incoming connection

pan64 · 02-22-2015, 12:36 PM

?
what is the problem with that? login (ssh) is one kind of connection. You blocked all connections, therefore this one was blocked too.

hack3rcon · 02-23-2015, 03:58 AM

OK. Just Just open SSH and forward other connections.

What is your idea about it?

iptables -t nat -A PREROUTING -j DNAT --to 1.2.3.4

pan64 · 02-23-2015, 04:17 AM

I would say first you need to nat ssh (port 22) to localhost and after that everything can be forwarded to another host. But probably there is another solution too.
And also you can also use another port for ssh.

hack3rcon · 02-23-2015, 04:37 AM

can you change above command for it?

cengbrecht · 02-23-2015, 12:04 PM

If you are behind a router, and you a getting traffic forwarded directly to your computer then you should re-enable the firewall in the router, and clean your traffic there.

Though; It sounds like your computer is directly connected to the internet without a router, I would first suggest getting a DD-WRT, Onion Router, or PFSense Router running and controlling your internet before forwarding any traffic.

NAT is what you want if you want to forward traffic, but if its a scan of your ports, then DD-WRT, and PFSense would be excellent solution's to this since they will detect and stop replying to a scan request.

If you are trying to forward local traffic on a server with dual connections and you want to pass the traffic from one to the other, then you need to setup the server as a pass-through device, or a forwarding device, almost like a switch.

hack3rcon · 02-24-2015, 06:25 AM

I don't like BSD "PFSense".
I changed above command to just Open port 22, What is your idea?