IPtables redirect 127.0.0.1 to 192.168.1.113
Hi to the forums wizards!
On my Debian 5 system, I'm trying to redirect the TCP traffic directed towards the 127.0.0.1:5432 address (local PostgreSQL daemon) to the 192.168.1.113:5432 (LAN PostgreSQL server). Any idea on how to achieve this result with iptables? |
I *THINK* this is what you are looking for - unfortunately I am unable to test the below but -i specifies what interface is being matched for the rule... so any connections on the lo interface that are tcp and destined for port 5432 will be nat'd to 192.168.1.113 port 5432
Try it and see how you go. /sbin/iptables -t nat -I PREROUTING -i lo -p tcp --dport 5432 -j DNAT --to-destination 192.168.1.113 |
You cannot redirect loopback traffic with iptables.
|
Quote:
The problem is on the localhost traffic. |
Quote:
These are the workarounds I came: Code:
ssh localhost -L ${local_port}:${remote_host}:${remote_port} For example, -j REDIRECT works redirecting the port for the local traffic; why it is not possible with iptables to redirect the localhost traffic? references: http://lists.debian.org/debian-user/.../msg00542.html http://lists.debian.org/debian-itali.../msg00148.html http://lists.debian.org/debian-itali.../msg00170.html |
Quote:
|
I was thinking about your problem, permanent solution would be to use xinetd and the redirect option.
|
Quote:
Code:
REDIRECT target The best solution is to find how to enforce application to send packets to the LAN, instead of local server. |
I tested the xinetd settings for you, this should work.
Code:
service postgresql |
Quote:
|
Quote:
I was trying to understand what's the technical and undocumented reason because it is not possible to do the same think for the loopback traffic. Quote:
ssh, netcat, socat or as suggested by SuperJediWombat!, using xinetd. |
Quote:
Quote:
Thanks! |
xnetd works like a charm! ;)
Simply fantastic. Thanks SuperJediWombat! |
All times are GMT -5. The time now is 05:03 AM. |