Forwarding Ports in Subnets
Redirect traffic using iptables
Activate masquerading
We need to activate masquerading for outgoing traffic.
iptables -t nat -A POSTROUTING -j MASQUERADE
Forward ports
The following command redirects incoming TCP traffic on port 80 to port 8080 on the destination host with the IP 10.0.0.23.
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT \
--to-destination 10.0.0.23:8080
Forward IP adresses
We can also forward all traffic with a specific IP adress as its destination. For example, this command redirects all incoming traffic for the IP adress 123.123.123.123 to 10.0.0.23.
iptables -t nat -A PREROUTING -p tcp --destination 123.123.123.123 -j DNAT \
--to-destination 10.0.0.23