enable kernel ipv4 forward
add net.ipv4.ip_forward=1 to sysctl.conf
|
1 2 |
vi /etc/sysctl.conf sysctl -p |
add tcp and udp forward to iptables
|
1 2 3 4 |
iptables -t nat -A PREROUTING -p tcp --dport PORT -j DNAT --to-destination DSTIP iptables -t nat -A PREROUTING -p udp --dport PORT -j DNAT --to-destination SOURIP iptables -t nat -A POSTROUTING -p tcp -d DSTIP --dport PORT -j SNAT --to-source LOCIP iptables -t nat -A POSTROUTING -p udp -d DSTIP --dport PORT -j SNAT --to-source LOCIP |
save iptables configuration and set boot in Debian
|
1 2 3 |
iptables-save /etc/iptables.up.rules echo -e '#!/bin/bash\n/sbin/iptables-restore /etc/iptables.up.rules' /etc/network/if-pre-up.d/iptables chmod +x /etc/network/if-pre-up.d/iptables |