Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

Configuring Linux as a Router

Linux Kernel, Network, and Services configuration.
Post Reply
Message
Author
ANewHome
Posts: 1
Joined: 2021-07-21 14:43

Configuring Linux as a Router

#1 Post by ANewHome »

Trying to setup a little AWS Box (Debian Linux) to act as a router taking public traffic (eth0 - single network interface) and redirecting it to a different public IP address, different ports and then send the traffic back to the clients.

The port mappings (TCP & UDP):
Src-IP, Src-Port, Dest-IP, Dest-Port
ALL, 27106,168.119.149.150,27015
ALL, 8000,168.119.149.150,7777
ALL, 8001,168.119.149.150,7778

What I am trying to get to happen:
Traffic in:
Public IP (Client App) [27106,8000,8001] -> Linux Box -> Destination Public Server (AA) [27015,7777,7778]

Return Traffic:
Public Server (AA) [27015,7777,7778] -> Linux Box -> Public IP (Client App) [27106,8000,8001]

The problem, is it doesn't seem to be working as I'm expecting it to - can anyone give some pointers on what I'm doing wrong?

The /etc/iptables/rules.v4 is currently:
# Generated by xtables-save v1.8.2 on Wed Jul 21 09:48:33 2021
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A PREROUTING -p tcp -m tcp --dport 27106 -j DNAT --to-destination 168.119.149.150:27015
-A PREROUTING -p udp -m udp --dport 27106 -j DNAT --to-destination 168.119.149.150:27015
-A PREROUTING -p tcp -m tcp --dport 8000 -j DNAT --to-destination 168.119.149.150:7777
-A PREROUTING -p udp -m udp --dport 8000 -j DNAT --to-destination 168.119.149.150:7777
-A PREROUTING -p tcp -m tcp --dport 8001 -j DNAT --to-destination 168.119.149.150:7778
-A PREROUTING -p udp -m udp --dport 8001 -j DNAT --to-destination 168.119.149.150:7778
-A POSTROUTING -p tcp -m tcp --dport 27015
-A POSTROUTING -p udp -m udp --dport 27015
-A POSTROUTING -p tcp -m tcp --dport 7777
-A POSTROUTING -p udp -m udp --dport 7777
-A POSTROUTING -p tcp -m tcp --dport 7778
-A POSTROUTING -p udp -m udp --dport 7778

COMMIT
# Completed on Wed Jul 21 09:48:33 2021
# Generated by xtables-save v1.8.2 on Wed Jul 21 09:48:33 2021
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
# Completed on Wed Jul 21 09:48:33 2021

The AWS Firewall end-points are configured to accept all traffic [TCP/UDP] - so its not that, I can only think I've not setup the rules file incorrectly?

Post Reply