How to change IP address to point to localhost?

hosts
41,278

Hosts file can only be used to associate a domain name with an IP; it cannot map IP to IP.

Altering IPs can be done by a firewall. On Linux, the default firewall is controlled by iptables commands. "man iptables" is the documentation. Google "explain iptables" for introductory explanations.

Some links:

http://linux.die.net/man/8/iptables

http://www.linuxnix.com/2009/12/iptables-in-linux-explained.html

http://blog.adityapatawari.com/2011/12/ip-packet-filtering-iptables-explained.html

Specifically, you want to change OUTGOING requests from your PC to an IP address (<my_ip_address>), so that they instead go to a different IP address, in this case 127.0.0.1. You want to perform NAT (Network Address Translation), given the "destination IP" (<my_ip_address>; e.g. 123.45.67.89), changing it to a different "destination IP" (127.0.0.1).

Try this (in place of 123.45.67.89, put the ip_address that needs to be altered):

iptables -t nat -A OUTPUT -p all -d 123.45.67.89 -j DNAT --to-destination 127.0.0.1

Details:

-t nat = table for translating one address to another

-A OUTPUT = append to the list of rules for locally-generated, outgoing, packets. SECURITY WARNING: Make sure the rule includes this OUTPUT directive. If you don't, the rule would create a possible security hole, because matching Incoming packets from remote locations would also be directed to localhost.

-p all = apply to all protocols (tcp, udp, and icmp).

-d 123.45.67.89 = the original IP address that the packet was going to (its destination).

-j DNAT = if the rule matches (in this case, if an outgoing packet has destination IP 123.45.67.89), then handle it with DNAT, which alters the destination.

--to-destination 127.0.0.1 = tells DNAT what to do; replace the original destination with "127.0.0.1".

(NOTE: If you had a more complex situation, such as intercepting requests for specific web pages, an alternative solution might be to use "proxy" software.)

Share:
41,278

Related videos on Youtube

Mike
Author by

Mike

Updated on September 18, 2022

Comments

  • Mike
    Mike almost 2 years

    A sandbox enviroment of a web app is reachable directly by an IP address: http://<my_ip_address> without a login name.

    Is there a way to make a virtual host in my local machine, named as <my_ip_address>, and change /etc/hosts so it will "redirect" to my localhost?

    127.0.0.1 <my_ip_address>

    So when I load the url http://<my_ip_address> the browser will point to my localhost? The way I can already redirect domain names.

  • Slartibartfast
    Slartibartfast over 10 years
    Note that there is a security concern here. 127.0.0.1 is commonly understood to be unreachable from any remote host. If you change that without adding filtering, you may unintentionally defeat a security measure.
  • ToolmakerSteve
    ToolmakerSteve over 7 years
    @Slartibartfast - Note that we only change OUTGOING requests. And we are making the change in a firewall on this PC. (Some requests, that would have gone out to an external site, we are looping back to ourself.) This does not change INCOMING requests, so it does not effect what anyone remote can see/do. Given this, do you still see a security concern?
  • ToolmakerSteve
    ToolmakerSteve over 7 years
    ... the essential safety measure, is the inclusion of "-A OUTPUT" in the rule. Per your comment, people need to be aware that OMITTING that would have the danger you describe. I will add a comment to emphasize this.
  • Filip Stefanov
    Filip Stefanov over 7 years
    It is working fine but i can't see it listed anywhere iptables --list or --list-rules. How can i list it and delete it afterwards when no longer needed?
  • Richard Walton
    Richard Walton over 5 years
    @FilipStefanov (Bit late I know!): List the nat rules with a number next to them: iptables -t nat --list --line-numbers Then delete which never rule by that number: iptables -t nat -D OUTPUT <number>

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

SSH: How to handle missing: /home/USER/.ssh/known_hosts
Need to grep /etc/hosts with a known hostname, and then capture the ip address for the hostname from /etc/hosts
python - get hostname values from each line /etc/hosts
wildcard in hosts file
Run my php files from outside htdocs
Redirect Addresses to localhost by Pattern on Mac OS X
Format of ipv6 address in hosts.allow for sshd
Is it possible to use multiple IP addresses for the same host name in a linux hosts file?
Blocking multiple sites with /etc/hosts
How to add entry to /etc/hosts with a built-in command line