0

I have a service that listens only on a port on localhost. In this case TCP 6464. This machine splits traffic between a NIC (eth0) and a VPN (tun0) interface, while some ports only listen on localhost (lo). Is it possible, using iptables, to start listening on TCP port 6464 on eth0 and forward that to TCP 6464 on lo? I have been able to do it with socat, but iptables would be preferable since all the other rules are defined there.

Here is the socat cmd:

sudo socat TCP-LISTEN:6464,fork,bind=<IP of eth0> TCP:127.0.0.1:6464

I have tried different examples found online but not been successful.

Thanks!

Improve this question
3
  • Try sudo sysctl -w net.ipv4.conf.all.route_localnet=1, sudo iptables -t nat -I PREROUTING -p tcp --dport 6464 -j DNAT --to 127.0.0.1:6464 Commented Dec 15, 2024 at 19:12
  • @user202311 answer looks good but it is missing the detail that only traffic from eth0 supposed to dnat-ed to localhost:6464. So: sudo iptables -t nat -I PREROUTING -i eth0 -p tcp --dport 6464 -j DNAT --to 127.0.0.1:6464 Commented Dec 17, 2024 at 9:49
  • Thanks. I have tried these variants but unfortunately they did not work... Next step for me is to turn on logging in iptables and see where the packets go. Commented Dec 18, 2024 at 11:32

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.