How to setting up iptables for traffic fowarding on port 80 from specific sources

Im running a web server on port80, but i want traffic coming from ip 212.333.111.222 on port 80 to be fowarded to port 9020 on the same server that my web server is rinning at that is my sshd port


Solution 1:

This is untested, but should be very close to what you need:

iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 --source 212.333.111.222 -j REDIRECT --to-port 9020

Essentially, you're intercepting the packet as it enters your network interface (eth0, in this case), but before any routing decisions have been made about it. You're then performing a translation on the packet: if the source is 212.333.111.222 and the destination port is 80, then redirect the packet to port 9020 instead.

In all other cases, traffic will flow as it normally would; ie. if the source address and destination port do not match both 212.333.111.222 and port 80, the packet will be left untouched.