iptables how to forward localhost port to remote public IP

iptables -t nat -A OUTPUT -m addrtype --src-type LOCAL --dst-type LOCAL -p tcp --dport 3306 -j DNAT --to-destination ip.ip.ip.ip
iptables -t nat -A POSTROUTING -m addrtype --src-type LOCAL --dst-type UNICAST -j MASQUERADE

sysctl -w net.ipv4.conf.all.route_localnet=1

Make sure you substitute "ip.ip.ip.ip" for your real public IP and also the "--dport 3306" for the port you want to forward.

Finally run the sysctl command and also update your /etc/sysctl.conf

You can update sysctl.ctl to allow the routing of localhost with the following command:

echo "net.ipv4.conf.all.route_localnet=1" >> /etc/sysctl.conf

Now this all seems simple and good but it did take some research and hunting down.  Be warned and understand that forwarding localhost/127.0.0.1 requires this method and the typical other examples do not work.  Some examples of solutions that do not work with localhost:

 

iptables -t nat -A PREROUTING -p tcp --dport 3306 -j DNAT --to ip.ip.ip.ip:3306
iptables -t nat -A POSTROUTING -d ip.ip.ip.ip -j MASQUERADE


 

iptables -t nat -A PREROUTING -p tcp --dport 3306 -j DNAT --to ip.ip.ip.ip
iptables -A FORWARD -p tcp -d ip.ip.ip.ip --dport 3306 -j ACCEPT
iptables -t nat -A POSTROUTING -j MASQUERADE


Tags:

iptables, localhost, ipiptables, nat, output, addrtype, src, dst, tcp, dport, dnat, destination, ip, postrouting, unicast, masquerade, sysctl, ipv, conf, route_localnet, substitute, quot, update, etc, ctl, routing, echo, forwarding, requires, method, examples, solutions, prerouting,

Latest Articles

  • VMWare Pro Workstation Nic Disconnected and No IP Using NAT
  • Linux How To Create A RamDisk
  • mdadm force resync when resync=PENDING solution
  • Proxmox Breaks Storage/LVM Backing If Killing QEMU-IMG
  • Proxmox trying to acquire lock... TASK ERROR: can't lock file '/var/lock/qemu-server/lock-102.conf' - got timeout
  • Debian 9 SSH root password authentication failure password not working problem / solution
  • QEMU / KVM How To Manually Create Basic Virtual Machine VM
  • Linux wlan0 check all wireless clients
  • PHP Issues With Decoding Strange Smart Quotes And Non-Standard ASCII Characters
  • /etc/iproute2/rt_tables default settings file in Linux Centos 6,7 and most other NIX's
  • bind named error solutions named[2169]: error (no valid DS) resolving / error (broken trust chain) resolving / : error (no valid RRSIG) resolving 'com/DS/IN':
  • iptables how to log ALL dropped incoming packets
  • How To Edit Linux Based NM Network Manager Connection Settings Without GUI
  • Linux Disable IPV6 Centos / Debian / Mint Howto
  • Linux use growisofs to burn a larger file on a BD-R / Bluray Disc
  • Linux partprobe/partx cannot access last and 4th partition
  • DRBD Errors Caused By Physical Corruption
  • mdadm: add new device failed for /dev/sdb4 as 3: Invalid argument solution
  • Linux named / bind how to dump, view and clear the cache!
  • Centos 6 / 7 / 8 How To Change Default nameservers in /etc/resolv.conf when using DHCP / dhclient