Question Details


iptables Firewall rules on Fedora?

By Randy Clark - Sep. 21, 2008

I want to redirect all traffic coming to a server to another machine behind the firewall. The traffic is coming to a particular IP address (e.g. I want to redirect all traffic coming to http://mybox to another machine (say, Can I do this using iptables?


Add Answer
  1. By Jesse Babson on Sep. 21, 2008

    Yes - you should be able to. You will need to use the iptables PREROUTING rule. What this will do is route all incoming traffic to a given port, to another destination IP address and port.

    Issue the following:

    iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to $DEST_IP:$DEST_PORT

    In this case, $DEST_IP and $DEST_PORT will need to be set based on what you need.

    1 Votes
  2. By Randy Clark on Sep. 22, 2008

    Thanks! Unfortunately that does not seem to work for me. I regenerated the iptables file and see the rule in there, but nothing seems to be going through...

    0 Votes
  3. By Jesse Babson on Sep. 22, 2008

    Make sure that you have IP Forwarding turned on in the kernel! It is 'OFF' by default, and you will have to enable it.

    To check its status, issue:

    sysctl net.ipv4.ip_forward

    If it shows up as "1", you are set. If "0", that means you don't have forwarding enabled in the kernel.

    To enable, issue:

    sysctl -w net.ipv4.ip_forward=1

    Edit sysctl.conf to make the changes permanent.


    1 Votes
Share your knowledge

Promote Open Source Knowledge by sharing your thoughts, listing Alternatives and Answering Questions!