LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 02-20-2015, 12:32 AM   #1
hack3rcon
Senior Member
 
Registered: Jan 2015
Posts: 1,432

Rep: Reputation: 11
Post How Can I forward all incoming Traffic to other address?


Hello.
How can I forward all incoming Traffic to other IP with iptables?

Tnx.
 
Old 02-20-2015, 01:02 AM   #2
pan64
LQ Addict
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 22,182

Rep: Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394
do you mean NAT? https://en.wikipedia.org/wiki/Networ...ss_translation
https://www.howtoforge.com/nat_iptables
 
1 members found this post helpful.
Old 02-20-2015, 04:11 AM   #3
hack3rcon
Senior Member
 
Registered: Jan 2015
Posts: 1,432

Original Poster
Rep: Reputation: 11
No, I means is that "When anyone want to connect to my system, iptables forward it to other IP". Like Scanning and etc.
 
Old 02-20-2015, 04:30 AM   #4
pan64
LQ Addict
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 22,182

Rep: Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394
I'm sorry, I do not know what do you mean by scanning. Probably you need port forwarding or nat, but still unclear.
 
Old 02-20-2015, 05:33 AM   #5
hack3rcon
Senior Member
 
Registered: Jan 2015
Posts: 1,432

Original Poster
Rep: Reputation: 11
Thus, I can't Forward all incoming connections to other address? I blocked all incoming connections but how can I forward it?
Scanning means that when a person want to scan my IP with some tools like Nmap, All Nmap requests forward to other IP.
 
Old 02-20-2015, 05:35 AM   #6
pan64
LQ Addict
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 22,182

Rep: Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394
I still think that can be solved using nat. But remember, if you redirect all the requests to another host you will not be able to login too.
 
Old 02-21-2015, 12:09 AM   #7
hack3rcon
Senior Member
 
Registered: Jan 2015
Posts: 1,432

Original Poster
Rep: Reputation: 11
What is your idea to solve my problem?
I just want if anyone wants to Scan my PC, all his/her requests forward to other IP.
 
Old 02-21-2015, 12:40 PM   #8
snowman81
Member
 
Registered: Aug 2006
Location: Michigan
Distribution: Ubuntu
Posts: 282

Rep: Reputation: 30
How are you planning on determining what constitutes scanning? Is there a threshold of some kind?
 
Old 02-22-2015, 07:39 AM   #9
hack3rcon
Senior Member
 
Registered: Jan 2015
Posts: 1,432

Original Poster
Rep: Reputation: 11
I don't know why I can't login to Linux if block all incoming connection
 
Old 02-22-2015, 12:36 PM   #10
pan64
LQ Addict
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 22,182

Rep: Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394
?
what is the problem with that? login (ssh) is one kind of connection. You blocked all connections, therefore this one was blocked too.
 
Old 02-23-2015, 03:58 AM   #11
hack3rcon
Senior Member
 
Registered: Jan 2015
Posts: 1,432

Original Poster
Rep: Reputation: 11
OK. Just Just open SSH and forward other connections.

What is your idea about it?

iptables -t nat -A PREROUTING -j DNAT --to 1.2.3.4
 
Old 02-23-2015, 04:17 AM   #12
pan64
LQ Addict
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 22,182

Rep: Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394Reputation: 7394
I would say first you need to nat ssh (port 22) to localhost and after that everything can be forwarded to another host. But probably there is another solution too.
And also you can also use another port for ssh.
 
Old 02-23-2015, 04:37 AM   #13
hack3rcon
Senior Member
 
Registered: Jan 2015
Posts: 1,432

Original Poster
Rep: Reputation: 11
can you change above command for it?
 
Old 02-23-2015, 12:04 PM   #14
cengbrecht
LQ Newbie
 
Registered: Feb 2015
Location: Canada
Distribution: Ubuntu, Gnomebuntu, others.
Posts: 4

Rep: Reputation: 2
If you are behind a router, and you a getting traffic forwarded directly to your computer then you should re-enable the firewall in the router, and clean your traffic there.

Though; It sounds like your computer is directly connected to the internet without a router, I would first suggest getting a DD-WRT, Onion Router, or PFSense Router running and controlling your internet before forwarding any traffic.

NAT is what you want if you want to forward traffic, but if its a scan of your ports, then DD-WRT, and PFSense would be excellent solution's to this since they will detect and stop replying to a scan request.

If you are trying to forward local traffic on a server with dual connections and you want to pass the traffic from one to the other, then you need to setup the server as a pass-through device, or a forwarding device, almost like a switch.

Last edited by cengbrecht; 02-23-2015 at 12:07 PM. Reason: Spelling. Paragraph arrangement.
 
Old 02-24-2015, 06:25 AM   #15
hack3rcon
Senior Member
 
Registered: Jan 2015
Posts: 1,432

Original Poster
Rep: Reputation: 11
I don't like BSD "PFSense".
I changed above command to just Open port 22, What is your idea?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Routing return traffic based on the NIC of the incoming traffic? adamk75 Linux - Networking 3 12-11-2011 04:27 AM
Incoming mail service with .forward processing frank09 Linux - Server 2 01-07-2009 07:37 AM
Forward incoming requests to another server ajaimes Linux - Networking 4 06-04-2007 01:43 PM
FC4 forward specific incoming connections Letheli Linux - Networking 4 12-27-2005 04:36 AM
Allow Incoming Traffic clarence1720 Mandriva 15 12-06-2004 11:26 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 02:33 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration