iptables: forward port 80 to port 8080
Solution 1
You cannot specify the table like that in/etc/sysconfig/iptables
. Each table is set with an asterisk then the table name. Here is a skeleton of what you'd do:
*nat
:PREROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination :8080
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
Instead of editing the file you could also manually set up the rules you like using the iptables
command and then execute iptables-save > /etc/sysconfig/iptables
or service iptables save
.
Solution 2
you were close
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination :8080
It has to do NAT so that when the reply is sent back to the client, it appears to come from port 80, not 8080.
Related videos on Youtube
Comments
-
Caffeine Coma over 1 year
How can I port-forward port 80 internally to port 8080?
My goal is to have a web app server (Glassfish) running on port 8080, but for the outside world to access it normally on port 80. This is being done so that I don't have to run Glassfish as root.
I tried adding the following rule to my /etc/sysconfig/iptables:
-A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
but this results in the following error:
Applying iptables firewall rules: iptables-restore v1.3.5: Line 21 seems to have a -t table option.
-
Caffeine Coma over 13 yearsHmm, while this works on the command line, I still get the above error when I add the rule to /etc/sysconfig/iptables.
-
phemmer over 13 yearsOnce its added, just do /etc/init.d/iptables save