IPTables KVM NAT port forward goes to wrong VM

0

Good day,

I have 2 VMs running with libvirt.

Machine 1 : PostgreSQL on port 5432
Machine 2 : Attempting to use psql to connect to a PostgreSQL server on the internet.

I forwarded port 5432 so that I can access the PostgreSQL on Machine 1 from outside/as a service.

The problem I have: Machine 2 tries to connect to a PostgreSQL server on the internet, but when the packets come back they are forwarded to Machine 1 which then responds to Machine 2. So I never establish a proper connection to the outside PostgreSQL.

How do I change my port forward rules to accomodate for this?

(I used to use nat-networking on VirtualBox that took care of that for me, but KVM is cooler right :-)

Current rules Machine 1:

/sbin/iptables -I FORWARD -o virbr66 -d  192.168.223.115 -j ACCEPT
/sbin/iptables -t nat -I PREROUTING -p tcp --dport 5432 -j DNAT --to 192.168.223.115:5432

Nevar

Posted 2019-09-17T01:57:36.243

Reputation: 1

Answers

0

Figured it out.

All I needed was to add -d to my rule so it doesn't route for any destination, but only if the destination was the localhost, in this case 10.10.10.10.

/sbin/iptables -t nat -I PREROUTING -p tcp -d 10.10.10.10 --dport 5432 -j DNAT --to 192.168.223.115:5432

Nevar

Posted 2019-09-17T01:57:36.243

Reputation: 1

Asked: 2019-09-17T01:57:36.243

Viewed: 48 times

Active: 2019-09-19T03:08:56.667