iptables port redirect not working for localhost

linux firewall iptables port-forwarding

Solution 1:

PREROUTING isn't used by the loopback interface, you need to also add an OUTPUT rule:

iptables -t nat -I PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 8080
iptables -t nat -I OUTPUT -p tcp -o lo --dport 443 -j REDIRECT --to-ports 8080

Solution 2:

To redirect packets from localhost to another machine the rule:

 iptables -t nat -A OUTPUT -o lo -d 127.0.0.1 -p tcp --dport 443 -j DNAT  --to-destination 10.x.y.z:port

will work, BUT you also need to enable this option in the kernel:

sysctl -w net.ipv4.conf.all.route_localnet=1

Without that kernel setting it wont work.

Solution 3:

How about this?

iptables -t nat -A OUTPUT -d 127.0.0.1 -p tcp --dport 443 -j REDIRECT --to-port 8080

Related

Why is Enterprise Storage so expensive?
Outgoing mail from linux not being delivered
Website and Active Directory domain share the same name
Permission denied in vhost document root
Redirect non-www requests to www on Amazon Route 53
Cygwin SSHd Autoblock Failed Logins
Reinstall after a Root Compromise?
Why would I need a firewall if my server is well configured?
Overriding some DNS entries in BIND for internal networks
HP Proliant DL380 G4 - Can this server still perform in 2011?
Why would a server not send a SYN/ACK packet in response to a SYN packet
Software vs hardware RAID performance and cache usage