Conditional port forwarding with ufw as a default policy

Asked Jun 27 '21 at 01:01

Active Jun 27 '21 at 01:45

Viewed 209 times

Is there a way such that: when a connection is denied (by the rule set) in ufw, it forwards that traffic to another port on the local machine, rather than dropping (by default)?

I can see two potential ways for port forwarding in ufw, I am wondering how to modify these so that it is conditional.

Adding -A PREROUTING rule to /etc/ufw/before.rules. But I need that rule only to be applied when the connection should not be allowed (as defined in the ufw rules). In other words, as the default rule (to forward instead of block).
sudo ufw route, but how to apply that route only for denied connections? The example I see does not have a condition set. (set that as a catch-all default policy). Is it possible to add route as the default rule for connections?

edited Jun 27 '21 at 01:45

asked Jun 27 '21 at 01:01

Stephen Willson

In that case you are not dropping the traffic at all! You are just port forwarding. – Michael Hampton Jun 27 '21 at 01:17
@MichaelHampton That's right. I have updated the title and content accordingly. Thanks! – Stephen Willson Jun 27 '21 at 01:20

Conditional port forwarding with ufw as a default policy

0 Answers0