Forwarding Traffic To Particular IP using IPTABLES [closed]

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
2
down vote

favorite












I am dealing with 3 machines (VMs):



  • A: 172.20.10.1 (Client)

  • B: 172.20.10.2 (Original Server)

  • C: 172.20.10.5 (Redirect Server)

Now I want A to visit B and B to forward that to C.



I was able to achieve this by using:



iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 172.20.10.5:80
iptables -t nat -A POSTROUTING -j MASQUERADE


But now I want to do this for one IP only (I.E) 172.20.10.1 to 172.20.10.5 when it tries to access 172.20.10.2. I have already tried The answer here.



And yes, net.ipv4.ip_forward = 1 is also set.







share|improve this question













closed as off-topic by slm♦ Jun 14 at 0:21


This question appears to be off-topic. The users who voted to close gave this specific reason:


  • "This question has been posted on multiple sites. Cross-posting is strongly discouraged; see the help center and community FAQ for more information." – slm












  • This is a crosspost of superuser.com/questions/1331115/…. Make up your mind where you want it.
    – Tomasz
    Jun 13 at 22:50














up vote
2
down vote

favorite












I am dealing with 3 machines (VMs):



  • A: 172.20.10.1 (Client)

  • B: 172.20.10.2 (Original Server)

  • C: 172.20.10.5 (Redirect Server)

Now I want A to visit B and B to forward that to C.



I was able to achieve this by using:



iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 172.20.10.5:80
iptables -t nat -A POSTROUTING -j MASQUERADE


But now I want to do this for one IP only (I.E) 172.20.10.1 to 172.20.10.5 when it tries to access 172.20.10.2. I have already tried The answer here.



And yes, net.ipv4.ip_forward = 1 is also set.







share|improve this question













closed as off-topic by slm♦ Jun 14 at 0:21


This question appears to be off-topic. The users who voted to close gave this specific reason:


  • "This question has been posted on multiple sites. Cross-posting is strongly discouraged; see the help center and community FAQ for more information." – slm












  • This is a crosspost of superuser.com/questions/1331115/…. Make up your mind where you want it.
    – Tomasz
    Jun 13 at 22:50












up vote
2
down vote

favorite









up vote
2
down vote

favorite











I am dealing with 3 machines (VMs):



  • A: 172.20.10.1 (Client)

  • B: 172.20.10.2 (Original Server)

  • C: 172.20.10.5 (Redirect Server)

Now I want A to visit B and B to forward that to C.



I was able to achieve this by using:



iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 172.20.10.5:80
iptables -t nat -A POSTROUTING -j MASQUERADE


But now I want to do this for one IP only (I.E) 172.20.10.1 to 172.20.10.5 when it tries to access 172.20.10.2. I have already tried The answer here.



And yes, net.ipv4.ip_forward = 1 is also set.







share|improve this question













I am dealing with 3 machines (VMs):



  • A: 172.20.10.1 (Client)

  • B: 172.20.10.2 (Original Server)

  • C: 172.20.10.5 (Redirect Server)

Now I want A to visit B and B to forward that to C.



I was able to achieve this by using:



iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 172.20.10.5:80
iptables -t nat -A POSTROUTING -j MASQUERADE


But now I want to do this for one IP only (I.E) 172.20.10.1 to 172.20.10.5 when it tries to access 172.20.10.2. I have already tried The answer here.



And yes, net.ipv4.ip_forward = 1 is also set.









share|improve this question












share|improve this question




share|improve this question








edited Jun 13 at 21:57









Tomasz

8,03052560




8,03052560









asked Jun 13 at 20:36









Coding_Karma

111




111




closed as off-topic by slm♦ Jun 14 at 0:21


This question appears to be off-topic. The users who voted to close gave this specific reason:


  • "This question has been posted on multiple sites. Cross-posting is strongly discouraged; see the help center and community FAQ for more information." – slm




closed as off-topic by slm♦ Jun 14 at 0:21


This question appears to be off-topic. The users who voted to close gave this specific reason:


  • "This question has been posted on multiple sites. Cross-posting is strongly discouraged; see the help center and community FAQ for more information." – slm











  • This is a crosspost of superuser.com/questions/1331115/…. Make up your mind where you want it.
    – Tomasz
    Jun 13 at 22:50
















  • This is a crosspost of superuser.com/questions/1331115/…. Make up your mind where you want it.
    – Tomasz
    Jun 13 at 22:50















This is a crosspost of superuser.com/questions/1331115/…. Make up your mind where you want it.
– Tomasz
Jun 13 at 22:50




This is a crosspost of superuser.com/questions/1331115/…. Make up your mind where you want it.
– Tomasz
Jun 13 at 22:50










1 Answer
1






active

oldest

votes

















up vote
0
down vote













Simply add something to match the ip you want the rule to match:



iptables -t nat -A PREROUTING -s 172.20.10.1 -p tcp --dport 80 -j DNAT --to-destination 172.20.10.5:80





share|improve this answer





















  • This doesn't work..
    – Coding_Karma
    Jun 13 at 21:07










  • I've copied my answer, with a follow-up to your comment on the cross-posted copy.
    – Henrik
    Jun 14 at 7:42

















1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
0
down vote













Simply add something to match the ip you want the rule to match:



iptables -t nat -A PREROUTING -s 172.20.10.1 -p tcp --dport 80 -j DNAT --to-destination 172.20.10.5:80





share|improve this answer





















  • This doesn't work..
    – Coding_Karma
    Jun 13 at 21:07










  • I've copied my answer, with a follow-up to your comment on the cross-posted copy.
    – Henrik
    Jun 14 at 7:42














up vote
0
down vote













Simply add something to match the ip you want the rule to match:



iptables -t nat -A PREROUTING -s 172.20.10.1 -p tcp --dport 80 -j DNAT --to-destination 172.20.10.5:80





share|improve this answer





















  • This doesn't work..
    – Coding_Karma
    Jun 13 at 21:07










  • I've copied my answer, with a follow-up to your comment on the cross-posted copy.
    – Henrik
    Jun 14 at 7:42












up vote
0
down vote










up vote
0
down vote









Simply add something to match the ip you want the rule to match:



iptables -t nat -A PREROUTING -s 172.20.10.1 -p tcp --dport 80 -j DNAT --to-destination 172.20.10.5:80





share|improve this answer













Simply add something to match the ip you want the rule to match:



iptables -t nat -A PREROUTING -s 172.20.10.1 -p tcp --dport 80 -j DNAT --to-destination 172.20.10.5:80






share|improve this answer













share|improve this answer



share|improve this answer











answered Jun 13 at 21:00









Henrik

3,1371416




3,1371416











  • This doesn't work..
    – Coding_Karma
    Jun 13 at 21:07










  • I've copied my answer, with a follow-up to your comment on the cross-posted copy.
    – Henrik
    Jun 14 at 7:42
















  • This doesn't work..
    – Coding_Karma
    Jun 13 at 21:07










  • I've copied my answer, with a follow-up to your comment on the cross-posted copy.
    – Henrik
    Jun 14 at 7:42















This doesn't work..
– Coding_Karma
Jun 13 at 21:07




This doesn't work..
– Coding_Karma
Jun 13 at 21:07












I've copied my answer, with a follow-up to your comment on the cross-posted copy.
– Henrik
Jun 14 at 7:42




I've copied my answer, with a follow-up to your comment on the cross-posted copy.
– Henrik
Jun 14 at 7:42


Popular posts from this blog

How to check contact read email or not when send email to Individual?

Displaying single band from multi-band raster using QGIS

How many registers does an x86_64 CPU actually have?