iptables 53 redirect to another port, not working

Question

I am running DNS server on 8053 and HTTP server on 8080. I have 2 lines:

iptables -A PREROUTING -t nat -p tcp --dport 80  -j REDIRECT --to-ports 8080
iptables -A PREROUTING -t nat -p udp --dport 53  -j REDIRECT --to-ports 8053

The first line works, I can go to port 80 and get http. But second one does not. If I run my DNS on 53 as root, it works. But if I run as non root and iptables REDIRECT, it does not answer dig:

dig @127.0.0.1 -p53 pro.uptime.com

Help?

this should help.. https://serverfault.com/questions/140622/how-can-i-port-forward-with-iptables#140626 — frisbee23, Sep 28 '17 at 18:08

score 0 · Answer 1 · answered Sep 28 '17 at 21:57

you need also to allow those packages, not only redirect them.

iptables -A PREROUTING -t nat -p tcp --dport 80 -j REDIRECT --to-ports 8080
iptables -A INPUT -p tcp --dport 8080

iptables -A PREROUTING -t nat -p udp --dport 53 -j REDIRECT --to-ports 8053    
iptables -A INPUT -p udp --dport 8053

iptables 53 redirect to another port, not working

1 Answers1