iptables -t nat -A PREROUTING -p tcp --dport 4000 -j DNAT --to-destination 1.1.1.1:3000
iptables -t nat -A POSTROUTING -p tcp -d 2.2.2.2 --dport 4000 -j SNAT --to-source 1.1.1.1
iptables -t nat -A POSTROUTING -j MASQUERADE
Below will show you how to redirect port ip 2.2.2.2
and port 4000
on one machone to 1.1.1.1
on port 3000
of another machine.
This can be useful for firewall related reasons.
iptables -t nat -A PREROUTING -p tcp --dport 4000 -j DNAT --to-destination 1.1.1.1:3000
iptables -t nat -A POSTROUTING -p tcp -d 2.2.2.2 --dport 4000 -j SNAT --to-source 1.1.1.1
This will route traffic incoming on ip 2.2.2.2
and port 4000
to 1.1.1.1
on port 3000
.
You can put in any port or IP address you need there.
iptables -t nat -A POSTROUTING -j MASQUERADE
We set MASQUERADE to mask the IP address of the connecting system and use the gateway IP address instead. This is necessary for it to communicate back to the gateway, then to your client.
That is all that is required to get this to work.
service iptables save
This will save the changes, so they are persistent after a reboot.