问题
I want to redirect all requests made to a particular ip to localhost (127.0.0.1). I need it because I have a local replica of a server and want to test some things
How can I write a iptables rule to do that?
Thanks
回答1:
Did you mean "I want all requests made from machine A to machine B, to be redirected to machine A"? If so, I believe the command you are looking for is
sudo iptalbes -t nat -A PREROUTING -d <DESTINATION_IP> -p <PROTOCOL> --dport <DESTINATION_PORT_NUMBER> -j DNAT --to 127.0.0.1
回答2:
iptables -t mangle -A PREROUTING -p tcp ''otherconditions'' -j TPROXY --on-port ''dst''
Quoting manpage: This target is only valid in the mangle table, in the PREROUTING chain and user-defined chains which are only called from this chain. It redi- rects the packet to a local socket without changing the packet header in any way.
回答3:
I know this is a pretty old thread... But still without an answer. The main change required will be to append an OUTPUT rule rather than PREROUTING rule.
From the man page:
nat:
This table is consulted when a packet that creates a new connection is encountered. It consists of three built-ins: PREROUTING (for altering packets as soon as they come in), OUTPUT (for altering locally-generated packets before routing), and POSTROUTING (for altering packets as they are about to go out).
So, this might be the command required:
iptables -t nat -A OUTPUT -p tcp --src <SOURCE PORT TO BE REDIRECTED> --dst 127.0.0.1 --dport 9090 -j REDIRECT --to-ports 9090
来源:https://stackoverflow.com/questions/8583004/iptables-redirect-all-requests-to-localhost