Redirect output to dynamic IP and change port

Asked Sep 08 '20 at 13:21

Active Sep 08 '20 at 13:21

Viewed 54 times

I have an application that needs to communication with two external hosts. For various reasons the host has now become a dynamic IP address. Since iptables communications via IP, simply using a straight DNAT won't do. I can change the hostname/IP address for the two external connection hosts in the application. So for one of the hosts I could set a bogus IP, 1.1.1.1. It seems ipset may help.

What I need to do is something like

iptables -t nat -A OUTPUT -p tcp -d 1.1.1.1 --dport 80 -j DNAT --to-destination -m set --set externalhostip_port

asked Sep 08 '20 at 13:21

Don Bivens

2

Use a VPN tunnel. – Gerald Schneider Sep 08 '20 at 13:25
Certainly that would work. Setting up a VPN infrastructure is a good bit more complicated than rewriting packets if a rule or 2 will do it. – Don Bivens Sep 08 '20 at 13:57
it's a lot less work than constantly changing IP addresses – Gerald Schneider Sep 08 '20 at 13:59
Not really. It's trivial for have a cron job change the address in a table in ipsets – Don Bivens Sep 08 '20 at 14:17
Ya know, I haven't had an opportunity to use wireguard yet- and I never did care for OpenVPN, so I'm giving that a shot. – Don Bivens Sep 08 '20 at 14:53

Redirect output to dynamic IP and change port

0 Answers0