How to route port 80 to another ip

gubak · 11-09-2009, 06:09 AM

Hi!

I have a LAN with a linux server (CentOS 5.4 connected to internet on PPP)
I want to route port 80 on linux server to another machine on the LAN. So my webserver is on another machine on LAN.
Steps I've already made:

Changed Apache port from 80 to 8080 on linux server (on httpd.conf file)
Restarted Apache (service httpd restart)
Switched off iptables (service iptables stop)
Enter the following 4 rows on consol:

Code:

sysctl -w net.ipv4.ip_forward=1
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
iptables -t nat -A PREROUTING -i ppp0 -p tcp -m tcp --destination-port 22 -d x.x.x.x -j DNAT --to-destination 5.2.2.231
iptables -t nat -A PREROUTING -i ppp0 -p tcp -m tcp --destination-port 80 -d x.x.x.x -j DNAT --to-destination 5.2.2.231

5.2.2.231 is my web server's ip inside of my LAN.
The webserver works, I can see website inside my LAN if I type 5.2.2.231 into the browser, but If I want to reach the website through my public IP , I cant!

Can somebody tell me what can be the problem?

vishesh · 11-09-2009, 06:33 AM

On which interface you public ip is configured.
Do you started iptables after iptables entries? I mean instead of stopping iptables, just Flush its contents using following command
iptables -F
then do your iptables entries. After that save iptables configuration using command
service iptables save

Thanks

gubak · 11-09-2009, 07:11 AM

Quote:

Originally Posted by vishesh

On which interface you public ip is configured.
Do you started iptables after iptables entries? I mean instead of stopping iptables, just Flush its contents using following command
iptables -F
then do your iptables entries. After that save iptables configuration using command
service iptables save

Thanks

My public ip is configured on ppp0 interface.
I not started iptables after iptables entries. So iptables is stopped!

vishesh · 11-11-2009, 02:47 AM

To implement iptables rules, you must start iptables

thnks

gubak · 11-11-2009, 03:35 AM

Quote:

Originally Posted by vishesh

To implement iptables rules, you must start iptables

thnks

I was started iptables, but prerouting still don't work.

Here is my iptables:

First iptables -L:

Code:

Chain INPUT

target  prot opt source     destination
ACCEPT  all  --  anywhere   anywhere
ACCEPT  tcp  --  anywhere   anywhere          tcp dpt: 80
ACCEPT  tcp  --  anywhere   anywhere          tcp dpt: 8080


other chains are empty

iptables -t nat -L

Code:

Chain PREROUTING

target   prot  opt  source     destination
DNAT     tcp   --   anywhere   x.x.x.x            tcp dpt:http to: 5.2.2.231


Chain POSTROUTING
target       prot  opt  source     destination
MASQUERADE   all   --   anywhere   anywhere

other chains are empty

x.x.x.x is my static ip on the linux server.

vishesh · 11-12-2009, 05:38 AM

does Ip forwarding option in on on your server ?

thnks

gubak · 11-12-2009, 05:51 AM

If you mean "net.ipv4.ip_forward=1", then yes ip forwarding is on!

mrlinux2000 · 11-12-2009, 08:36 AM

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 192.168.**.**:8080
this will solve it