I want to forward traffic with iptables without showing a different ip/port to sending host.
My application listens on host x.x.15.42, port 23555 using TCP. The client will be connecting to x.x.15.42:5555. I want the connection to be forwarded to port 23555 without exposing that port to the client.
I already tried using DNAT:
iptables -t nat -A PREROUTING -p tcp --dport 5555 -j DNAT --to-destination x.x.15.42:23555
But to the client it will show that they're connecting to port 23555.
I also tried using REDIRECT, but for some reason that doesn't work at all. The client can't connect.
iptables -t nat -A PREROUTING -p tcp --dport 5555 -d x.x.15.42 -j REDIRECT --to-port 23555
How do I forward this traffic while making it look like the application is listening on port 5555?