UFW Forwarding on Port 80 to port 3000 on Single VPS [duplicate]
The following is on a Virtual Private Server online and only one machine. I have tried a number of ideas using UFW on Ubuntu 15.10 to forward an incoming request on port 80 to a simple app I have running on 3000. My current ufw status looks like this.
To Action From
-- ------ ----
22/tcp (OpenSSH) ALLOW IN Anywhere
80 (HTTP) ALLOW IN Anywhere
22/tcp (OpenSSH (v6)) ALLOW IN Anywhere (v6)
80 (HTTP (v6)) ALLOW IN Anywhere (v6)
162.243.39.90 3000 ALLOW FWD 162.243.39.90 80
To achieve that last line I used
ufw route allow from 162.243.39.90 port 3000 to 162.243.39.90 port 80
I tried several other combinations including
in on eth0
and
out on xxx
But,unless I open port 3000 directly, I can't access the app. My browser just spins it's wheels for a while before returning "web page not available error."
Any ideas?
Solution 1:
route rules are meant for packets traversing the firewall in a multihomed setup (more than one network), so not going to work in your setup.
http://manpages.ubuntu.com/manpages/trusty/man8/ufw.8.html
Rules for traffic not destined for the host itself but instead for traffic that should be routed/forwarded through the firewall should specify the route keyword before the rule (routing rules differ significantly from PF syntax and instead take into account netfilter FORWARD chain conventions). For example:
ufw route allow in on eth1 out on eth2This will allow all traffic routed to eth2 and coming in on eth1 to traverse the firewall.
For your case, the answer is here: Can I use ufw to setup a port forward?