Skip to content

Instantly share code, notes, and snippets.

Last active Sep 1, 2020
What would you like to do?
Foward traffic (filter by source ip and dst port) to other public ip
# run all these on the bastion vm
# iptables can not directly route traffic to public ip ( in my test )
# so I insert a socat here to help get the job done
iptables -t nat -F # flush all the current NAT rule ( be careful )
iptables -t nat -A PREROUTING -s -p tcp --dport 443 -j DNAT --to-destination :4433 # all traffic to port 443 from get routed to port 4433
iptables -t nat -A POSTROUTING -j MASQUERADE # let iptables do the NAT work
iptables -t nat -nL # double check if iptables are correctly showing the rules
nohup socat TCP4-LISTEN:4433,reuseaddr,fork TCP4: & # use socat to forward traffic to final destination, in the demo here,
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment