Port Translation via iptables?

04-19-2007, 06:40 PM

Hi, is there a way using iptables to perform port translation, i.e.

Have a service listening on port 343 on the server box, but have
public users reach the server via port 8080 using iptables to route
traffic to port 343 on the server box.

Do I need to create a rule for incoming traffic, as well as outgoing
traffic? Or is this even possible?

Thanks for any help.

-iptables newb

04-19-2007, 08:17 PM

Hello,

d a v i d a écrit :
> Hi, is there a way using iptables to perform port translation, i.e.
>
> Have a service listening on port 343 on the server box, but have
> public users reach the server via port 8080 using iptables to route
> traffic to port 343 on the server box.

Of course. Have a look at the DNAT and REDIRECT targets.

> Do I need to create a rule for incoming traffic,

Yes. For example :

iptables -t nat -A PREROUTING -d <box_ip_address> -p tcp --dport 8080 \
-j REDIRECT --to-ports 343

or :

iptables -t nat -A PREROUTING -d <box_ip_address> -p tcp --dport 8080 \
-j DNAT --to :343

Actually "-d <box_ip_address>" is not needed if the box does not act as
a router.

> as well as outgoing traffic?

No. Netfilter will automatically translate the return traffic as needed.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
iptables problem with port translation	jblumenkrantz@gmail.com	Linux Networking	2	10-31-2007 07:46 PM
tcp checksum after port translation	Giacomo	Linux Networking	0	09-14-2005 06:31 PM
port translation on same network	gene bene	Linux Networking	1	07-16-2004 10:26 PM
WIndows 2003 firewall port translation!	KK	Windows Networking	1	05-21-2004 08:24 PM
Port Address Translation	Sherwin	Windows Networking	8	01-06-2004 06:27 AM