Port redirection to 127.0.0.1 in network namespace with iptables
Clash Royale CLAN TAG#URR8PPP up vote
0
down vote
favorite
I use custom protocol server inside network namespace. It listens for some port on localhost only. Network namespace contains virtual Ethernet device with IP 192.168.0.2. I want to redirect incoming packets to 192.168.0.2 to my custom server. I use following iptables configuration in my network namespace:
# Filter settings. We are isolated virtual network, so we allow all
*filter
:INPUT ACCEPT
:FORWARD ACCEPT
:OUTPUT ACCEPT
COMMIT
# NAT settings
*nat
:PREROUTING ACCEPT
:INPUT ACCEPT
:OUTPUT ACCEPT
:POSTROUTING ACCEPT
# Required to forward
-A POSTROUTING -j MASQUERADE
# Forward external IP to custom server
-A PREROUTING -d 192.168.0.2 -p tcp -m tcp --dport 1080:1095 -j DNAT --to-destination 127.0.0.1:1080-1095
COMMIT
I set following environment variables:
net.ipv4.ip_forward=1
net.ipv4.conf.veth1.route_localnet=1
net.ipv4.conf.veth1.log_martians=1
Forwarding doesn't work for any reason.
Does anyone know how to forward incoming veth packets to lo in network namespace?
networking server iptables firewall
asked May 17 at 15:24
Vitaliy
1064
add a comment |Â
up vote
0
down vote
favorite
I use custom protocol server inside network namespace. It listens for some port on localhost only. Network namespace contains virtual Ethernet device with IP 192.168.0.2. I want to redirect incoming packets to 192.168.0.2 to my custom server. I use following iptables configuration in my network namespace:
# Filter settings. We are isolated virtual network, so we allow all
*filter
:INPUT ACCEPT
:FORWARD ACCEPT
:OUTPUT ACCEPT
COMMIT
# NAT settings
*nat
:PREROUTING ACCEPT
:INPUT ACCEPT
:OUTPUT ACCEPT
:POSTROUTING ACCEPT
# Required to forward
-A POSTROUTING -j MASQUERADE
# Forward external IP to custom server
-A PREROUTING -d 192.168.0.2 -p tcp -m tcp --dport 1080:1095 -j DNAT --to-destination 127.0.0.1:1080-1095
COMMIT
I set following environment variables:
net.ipv4.ip_forward=1
net.ipv4.conf.veth1.route_localnet=1
net.ipv4.conf.veth1.log_martians=1
Forwarding doesn't work for any reason.
Does anyone know how to forward incoming veth packets to lo in network namespace?
networking server iptables firewall
asked May 17 at 15:24
Vitaliy
1064
add a comment |Â
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I use custom protocol server inside network namespace. It listens for some port on localhost only. Network namespace contains virtual Ethernet device with IP 192.168.0.2. I want to redirect incoming packets to 192.168.0.2 to my custom server. I use following iptables configuration in my network namespace:
# Filter settings. We are isolated virtual network, so we allow all
*filter
:INPUT ACCEPT
:FORWARD ACCEPT
:OUTPUT ACCEPT
COMMIT
# NAT settings
*nat
:PREROUTING ACCEPT
:INPUT ACCEPT
:OUTPUT ACCEPT
:POSTROUTING ACCEPT
# Required to forward
-A POSTROUTING -j MASQUERADE
# Forward external IP to custom server
-A PREROUTING -d 192.168.0.2 -p tcp -m tcp --dport 1080:1095 -j DNAT --to-destination 127.0.0.1:1080-1095
COMMIT
I set following environment variables:
net.ipv4.ip_forward=1
net.ipv4.conf.veth1.route_localnet=1
net.ipv4.conf.veth1.log_martians=1
Forwarding doesn't work for any reason.
Does anyone know how to forward incoming veth packets to lo in network namespace?
networking server iptables firewall
asked May 17 at 15:24
Vitaliy
1064
I use custom protocol server inside network namespace. It listens for some port on localhost only. Network namespace contains virtual Ethernet device with IP 192.168.0.2. I want to redirect incoming packets to 192.168.0.2 to my custom server. I use following iptables configuration in my network namespace:
# Filter settings. We are isolated virtual network, so we allow all
*filter
:INPUT ACCEPT
:FORWARD ACCEPT
:OUTPUT ACCEPT
COMMIT
# NAT settings
*nat
:PREROUTING ACCEPT
:INPUT ACCEPT
:OUTPUT ACCEPT
:POSTROUTING ACCEPT
# Required to forward
-A POSTROUTING -j MASQUERADE
# Forward external IP to custom server
-A PREROUTING -d 192.168.0.2 -p tcp -m tcp --dport 1080:1095 -j DNAT --to-destination 127.0.0.1:1080-1095
COMMIT
I set following environment variables:
net.ipv4.ip_forward=1
net.ipv4.conf.veth1.route_localnet=1
net.ipv4.conf.veth1.log_martians=1
Forwarding doesn't work for any reason.
Does anyone know how to forward incoming veth packets to lo in network namespace?
networking server iptables firewall
asked May 17 at 15:24
Vitaliy
1064
asked May 17 at 15:24
Vitaliy
1064
asked May 17 at 15:24
Vitaliy
1064
asked May 17 at 15:24
Vitaliy
1064
1064
add a comment |Â
add a comment |Â
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1037439%2fport-redirection-to-127-0-0-1-in-network-namespace-with-iptables%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password