Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




1262 posts

Uber Geek
+1 received by user: 166


Topic # 87441 29-Jul-2011 04:27
Send private message

I want in plain english, attempts from localhost to connect to localhost:12345 to be nat'd to remotehost:12345

Before 2.6.11, this was possible if you had CONFIG_IP_NF_NAT_LOCAL in your kernel.  After 2.6.11 this went away and I can not find a working solution (apart from using a SSH port forward or other user-level daemon based forwarding).

This is about as close as I have managed (remote is a google server for this example)....

YourIP=127.0.0.1
YourExternalIP=192.168.10.10
YourPort=12345
TargetIP=203.97.30.147
TargetPort=80

iptables -t nat -F
iptables -t nat -A PREROUTING --dst $YourIP -p tcp --dport $YourPort -j DNAT --to-destination $TargetIP:$TargetPort
iptables -t nat -A POSTROUTING -p tcp --dst $TargetIP --dport $TargetPort -j SNAT --to-source $YourExternalIP
iptables -t nat -A OUTPUT --dst $YourIP -p tcp --dport $YourPort -j DNAT --to-destination $TargetIP:$TargetPort



Anybody got any ideas?




---
James Sleeman
I sell lots of stuff for electronic enthusiasts...


Create new topic
8029 posts

Uber Geek
+1 received by user: 387

Trusted
Subscriber

  Reply # 499442 29-Jul-2011 14:35
Send private message

Can you explain why you need to do this, what application/service etc? Might be able to suggest a better alternative.



1262 posts

Uber Geek
+1 received by user: 166


  Reply # 499514 29-Jul-2011 17:50
Send private message

It's actually what I have found is very typical (but unanswered) desire to intercept mysql connections (from a website) heading to localhost where there is no mysql and forwarding them to a remote mysql.  

In this case I'm working on an EC2 AMI setup so that performance-struggling but legacy websites can with as little modification as possible be dropped into these instances and become a load balanced cluster - using a big EC2 instance as a central NFSv4 server and MySQL server, and then having smaller EC2 instances as necessary come up, without MySQL and using the NFSv4 mounted as their document_root.

Of course, I could "do it properly" and modify the deployed instances configuration systems per-instance to connect to the appropriate remote host's mysql, but in the spirit of abstraction and dealing with labyrinthine legacy stuff, it would be much nicer to just know that localhost gets you to mysql.

That said, I think it's just not nicely possible, perhaps by looping from lo out and back into eth0 and then out again, but, well, gross.  

A user space daemon will probably have to do, at least as a fallback if changing the configs is not so suitable on a given site.


 




---
James Sleeman
I sell lots of stuff for electronic enthusiasts...


Create new topic


Donate via Givealittle


Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Huawei unveils the P30 series
Posted 27-Mar-2019 05:13


Kordia announces recipient of inaugural Women in Technology Scholarship
Posted 26-Mar-2019 22:48


T&G Global and Abundant Robotics show first commercial robotic apple harvester
Posted 26-Mar-2019 21:34


Amazon introduces new Kindle with adjustable front light
Posted 21-Mar-2019 20:14


A call from the companies providing internet access for the great majority of New Zealanders, to the companies with the greatest influence over social media content
Posted 19-Mar-2019 15:21


Two e-scooter companies selected for Wellington trial
Posted 15-Mar-2019 17:33


GeForce GTX 1660 available now
Posted 15-Mar-2019 08:47


Artificial Intelligence to double the rate of innovation in New Zealand by 2021
Posted 13-Mar-2019 14:47


LG demonstrates smart home concepts at LG InnoFest
Posted 13-Mar-2019 14:45


New Zealanders buying more expensive smartphones
Posted 11-Mar-2019 09:52


2degrees Offers Amazon Prime Video to Broadband Customers
Posted 8-Mar-2019 14:10


D-Link ANZ launches D-Fend AC2600 Wi-Fi Router Protected by McAfee
Posted 7-Mar-2019 11:09


Slingshot commissions celebrities to design new modems
Posted 5-Mar-2019 08:58


Symantec Annual Threat Report reveals more ambitious, destructive and stealthy attacks
Posted 28-Feb-2019 10:14


FUJIFILM launches high performing X-T30
Posted 28-Feb-2019 09:40



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.