Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


1241 posts

Uber Geek
+1 received by user: 156


Topic # 87441 29-Jul-2011 04:27
Send private message

I want in plain english, attempts from localhost to connect to localhost:12345 to be nat'd to remotehost:12345

Before 2.6.11, this was possible if you had CONFIG_IP_NF_NAT_LOCAL in your kernel.  After 2.6.11 this went away and I can not find a working solution (apart from using a SSH port forward or other user-level daemon based forwarding).

This is about as close as I have managed (remote is a google server for this example)....

YourIP=127.0.0.1
YourExternalIP=192.168.10.10
YourPort=12345
TargetIP=203.97.30.147
TargetPort=80

iptables -t nat -F
iptables -t nat -A PREROUTING --dst $YourIP -p tcp --dport $YourPort -j DNAT --to-destination $TargetIP:$TargetPort
iptables -t nat -A POSTROUTING -p tcp --dst $TargetIP --dport $TargetPort -j SNAT --to-source $YourExternalIP
iptables -t nat -A OUTPUT --dst $YourIP -p tcp --dport $YourPort -j DNAT --to-destination $TargetIP:$TargetPort



Anybody got any ideas?




---
James Sleeman
I sell lots of stuff for electronic enthusiasts...


Create new topic
8027 posts

Uber Geek
+1 received by user: 387

Trusted
Subscriber

  Reply # 499442 29-Jul-2011 14:35
Send private message

Can you explain why you need to do this, what application/service etc? Might be able to suggest a better alternative.



1241 posts

Uber Geek
+1 received by user: 156


  Reply # 499514 29-Jul-2011 17:50
Send private message

It's actually what I have found is very typical (but unanswered) desire to intercept mysql connections (from a website) heading to localhost where there is no mysql and forwarding them to a remote mysql.  

In this case I'm working on an EC2 AMI setup so that performance-struggling but legacy websites can with as little modification as possible be dropped into these instances and become a load balanced cluster - using a big EC2 instance as a central NFSv4 server and MySQL server, and then having smaller EC2 instances as necessary come up, without MySQL and using the NFSv4 mounted as their document_root.

Of course, I could "do it properly" and modify the deployed instances configuration systems per-instance to connect to the appropriate remote host's mysql, but in the spirit of abstraction and dealing with labyrinthine legacy stuff, it would be much nicer to just know that localhost gets you to mysql.

That said, I think it's just not nicely possible, perhaps by looping from lo out and back into eth0 and then out again, but, well, gross.  

A user space daemon will probably have to do, at least as a fallback if changing the configs is not so suitable on a given site.


 




---
James Sleeman
I sell lots of stuff for electronic enthusiasts...


Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.