Forward udp and tcp to another external IP address.

Gavin Hamill gdh at acentral.co.uk
Tue Aug 23 13:53:09 CEST 2005


On Monday 22 August 2005 17:09, John Kielkopf wrote:
> We're planning on moving a server to another location and to ease to
> move we'd like to for forward all TCP and UDP traffic coming in on a
> particular IP address at location A to a different address at location
> B.  Note that these addresses are from two different hosts.

Here's a standard recipe I've used for doing this..

# Make the firewall act as a non-caching TCP proxy. Useful for machine moves 
whilst DNS propogates.

$IPTABLES -t nat -A PREROUTING -p tcp --dport 80 -d 194.200.209.137 -j DNAT 
--to 213.2.4.33
$IPTABLES -A FORWARD -p tcp --dport 80 -d 194.200.209.137 -j ACCEPT
$IPTABLES -t nat -A POSTROUTING -p tcp --dport 80 -d 213.2.4.33 -j SNAT --to 
194.200.209.137

In this case, a web server was runnning on 194.200.209.137 that we were 
physically moving to a new location at 213.2.4.33...

These rules were loaded onto the firewall at 194.200.209.254...

Cheers,
Gavin.



More information about the netfilter mailing list