Foward traffic (filter by source ip and dst port) to other public ip
# run all these on the bastion vm | |
# iptables can not directly route traffic to public ip ( in my test ) | |
# so I insert a socat here to help get the job done | |
iptables -t nat -F # flush all the current NAT rule ( be careful ) | |
iptables -t nat -A PREROUTING -s 1.1.1.1 -p tcp --dport 443 -j DNAT --to-destination :4433 # all traffic to port 443 from 1.1.1.1 get routed to port 4433 | |
iptables -t nat -A POSTROUTING -j MASQUERADE # let iptables do the NAT work | |
iptables -t nat -nL # double check if iptables are correctly showing the rules | |
nohup socat TCP4-LISTEN:4433,reuseaddr,fork TCP4:2.2.2.2:443 & # use socat to forward traffic to final destination, in the demo here, 2.2.2.2:443 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment