Iptables forward incoming traffic multiple ip

Question

I have a server with 5 ipv4

95.x.y.1
95.x.y.2
95.x.y.3
95.x.y.4
95.x.y.5

and I need to forward only the incoming traffic from port 80 to port 8080 (and same ip) so

95.x.y.1:80 --> 95.x.y.1:8080
95.x.y.2:80 --> 95.x.y.2:8080
95.x.y.3:80 --> 95.x.y.3:8080
95.x.y.4:80 --> 95.x.y.4:8080
95.x.y.5:80 --> 95.x.y.5:8080

Besides iptables it's possible to make something similar with nginx(reverse proxy)? The main issue is to have with Ubuntu18 "different" servers with nginx for each ip that route traffic to a specific Ubuntu user. Any guide/help/example will be greatly appreciated

Anton Danilov · Answer 1 · 2019-07-12T14:18:46.173

The DNAT target can rewrite only destination port number without change of a destination ip address.

iptables -t nat -A PREROUTING --dst 95.x.y.1 -p tcp --dport 80 -j DNAT --to :8080
iptables -t nat -A PREROUTING --dst 95.x.y.2 -p tcp --dport 80 -j DNAT --to :8080
iptables -t nat -A PREROUTING --dst 95.x.y.3 -p tcp --dport 80 -j DNAT --to :8080
iptables -t nat -A PREROUTING --dst 95.x.y.4 -p tcp --dport 80 -j DNAT --to :8080
iptables -t nat -A PREROUTING --dst 95.x.y.5 -p tcp --dport 80 -j DNAT --to :8080

Replied packets should pass through the same linux box for reverse translation.

To troubleshoot use the tcpdump and the conntrack tools.

Iptables forward incoming traffic multiple ip

1 Answers1