Post4VPS Forum | Free VPS Provider
Port Forwarding Problem - Public port to Private Port - Printable Version

+- Post4VPS Forum | Free VPS Provider (https://post4vps.com)
+-- Forum: VPS Discussion (https://post4vps.com/Forum-VPS-Discussion)
+--- Forum: VPS Support (https://post4vps.com/Forum-VPS-Support)
+--- Thread: Port Forwarding Problem - Public port to Private Port (/Thread-Port-Forwarding-Problem-Public-port-to-Private-Port)

Pages: 1 2


Port Forwarding Problem - Public port to Private Port - chanalku91 - 09-15-2019

Hello, I have a problem with port forwarding

I want to forward the connection from public zone port 22 to private zone port 2222 But I don't know why this command doesn't work

Terminal
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 22 -j DNAT --to 127.0.0.1:2222

I have also activated port forward on sysctl

But the problems I experienced could not be solved by members of the Indonesian Linux forum


RE: Port Forwarding Problem - Public port to Private Port - deanhills - 09-15-2019

Moved from Hardware Forum to Support Forum.  Let's see whether our Guru Think Tank at post4vps can beat the Indonesian Linux Forum with coming up with a solution!  Tongue


RE: Port Forwarding Problem - Public port to Private Port - LightDestory - 09-15-2019

(09-15-2019, 08:20 AM)chanalku91 Wrote: Hello, I have a problem with port forwarding

I want to forward the connection from public zone port 22 to private zone port 2222 But I don't know why this command doesn't work

Terminal
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 22 -j DNAT --to 170.0.0.1:2222

I have also activated port forward on sysctl

But the problems I experienced could not be solved by members of the Indonesian Linux forum

You created the routing rule, that's good. But you are missing a very important thing: by default forwarding is set to block the traffic. You need to enable the traffic.

We can imagine the forwarding as two rules:
  • Forwarding rule to accept the traffic
  • Routing rule to redirect the traffic
So you should create a rule like this:
Code:
iptables -A FORWARD -i eth0 -p tcp –dport 22 -j ACCEPT
This command is based on your original command, using eth0 and tcp protocol

Can you tell me how to creates terminal style images like you? I know carbon but I am unable to get html code  Eh


RE: Port Forwarding Problem - Public port to Private Port - Mashiro - 09-15-2019

"Public Zone" & "Private Zone" are two technical terms you will never hear or find if you are using just pure iptables. These terms are usually only used when you have a server with Redhat Enterprise Linux, CentOS or Fedora with firewalld. Just saying this to avoid confusion. You might not catch the relation now but maybe later you will. Especially important if as said you use one of the OSs I mentioned.

Anyway... A few questions to clear things up:
a) Does your server have a eth0 interface? OpenVZ for example doesn't have such interfaces. If you use KVM with newer OSs they usually have different interface names like enp0s1 and such.
b) 170.0.0.1 is what? Is that supposed to be a internal address? Is that assigned inside your server? Are you trying to forward to loopback? The loopback address is 127.0.0.1 but not 170.0.0.1. You most likely don't even own this IP address: https://www.ipaddress.com/ipv4/170.0.0.1
c) Which OS are you using and what kind of server do you have? Virtual? Dedicated? OpenVZ? KVM?
d) What is your current firewall configuration?


RE: Port Forwarding Problem - Public port to Private Port - chanalku91 - 09-15-2019

(09-15-2019, 02:10 PM)Hidden Refuge Wrote: "Public Zone" & "Private Zone" are two technical terms you will never hear or find if you are using just pure iptables. These terms are usually only used when you have a server with Redhat Enterprise Linux, CentOS or Fedora with firewalld. Just saying this to avoid confusion. You might not catch the relation now but maybe later you will. Especially important if as said you use one of the OSs I mentioned.

Anyway... A few questions to clear things up:
a) Does your server have a eth0 interface? OpenVZ for example doesn't have such interfaces. If you use KVM with newer OSs they usually have different interface names like enp0s1 and such.
b) 170.0.0.1 is what? Is that supposed to be a internal address? Is that assigned inside your server? Are you trying to forward to loopback? The loopback address is 127.0.0.1 but not 170.0.0.1. You most likely don't even own this IP address: https://www.ipaddress.com/ipv4/170.0.0.1
c) Which OS are you using and what kind of server do you have? Virtual? Dedicated? OpenVZ? KVM?
d) What is your current firewall configuration?
1. My server has an eth0 interface
2. That typo I should write 127.0.0.1 
3. Ubuntu 18.04 (KVM)
4. Firewalls only allow incoming connections from ports 22 & 22022


RE: Port Forwarding Problem - Public port to Private Port - chanalku91 - 09-16-2019

(09-15-2019, 04:16 PM)chanalku91 Wrote: 1. My server has an eth0 interface
2. That typo I should write 127.0.0.1 
3. Ubuntu 18.04 (KVM)
4. Firewalls only allow incoming connections from ports 22 & 22022

I will add a screenshot of the firewall configuration on the VPS Maybe it will help


RE: Port Forwarding Problem - Public port to Private Port - chanalku91 - 09-16-2019

(09-15-2019, 02:07 PM)LightDestory Wrote: You created the routing rule, that's good. But you are missing a very important thing: by default forwarding is set to block the traffic. You need to enable the traffic.

We can imagine the forwarding as two rules:
  • Forwarding rule to accept the traffic
  • Routing rule to redirect the traffic
So you should create a rule like this:
Code:
iptables -A FORWARD -i eth0 -p tcp –dport 22 -j ACCEPT
This command is based on your original command, using eth0 and tcp protocol

Can you tell me how to creates terminal style images like you? I know carbon but I am unable to get html code  Eh
You only need to add the terminal code at the beginning and / terminal at the end! It is very easy !

 Yes, the command doesn't work properly


RE: Port Forwarding Problem - Public port to Private Port - Mashiro - 09-16-2019

Your forward chain is set to DROP and has no rule that allows forwarding port 22 and 2222. Obviously this way it cannot work.


RE: Port Forwarding Problem - Public port to Private Port - chanalku91 - 09-16-2019

(09-16-2019, 06:14 AM)Hidden Refuge Wrote: Your forward chain is set to DROP and has no rule that allows forwarding port 22 and 2222. Obviously this way it cannot work.

I also changed POLICY from FORWARD to ACCEPT but port forward still doesn't work? Is it because the target port 2222 closed at INTERFACE eth0 can affect Port Forwarding?


RE: Port Forwarding Problem - Public port to Private Port - chanalku91 - 09-17-2019

This thread can be closed, because Dwi Cahyo already provided a solution to my problem!
And thanks to @"Hidden Refuge" and @LightDestory for wanting to help me!