Why is this iptables rule that does port forwarding not working?

Posted by videoguy on Super User See other posts from Super User or by videoguy
Published on 2011-11-30T16:22:46Z Indexed on 2011/11/30 18:01 UTC
Read the original article Hit count: 214

I have a server bound to localhost:7060. It is using ipv6 socket instead of ipv4. Below is netstat outout.

# netstat -an
Proto Recv-Q Send-Q Local Address          Foreign Address        State
 tcp       0      0 10.200.32.98:1720      0.0.0.0:*              LISTEN
 tcp       0      0 0.0.0.0:4122           0.0.0.0:*              LISTEN
 tcp       0      0 0.0.0.0:4123           0.0.0.0:*              LISTEN
 tcp       0      0 127.0.0.1:4123         127.0.0.1:43051        ESTABLISHED
 tcp       0      0 10.200.32.98:5555      10.200.32.44:53162     ESTABLISHED
tcp6       0      0 :::5060                :::*                   LISTEN
tcp6       0      0 ::ffff:127.0.0.1:7060  :::*                   LISTEN
tcp6       0      0 :::23                  :::*                   LISTEN
tcp6       0      0 ::ffff:10.200.32.98:23 ::ffff:10.200.32.142:43505 ESTABLISHED
tcp6       0      0 ::ffff:127.0.0.1:43051 ::ffff:127.0.0.1:4123  ESTABLISHED
tcp6       0      0 ::ffff:10.200.32.98:23 ::ffff:10.200.32.44:53195 ESTABLISHED
udp6       0      0 :::5060                :::*                   CLOSE
# 

I want to setup a port forwarding rule that accepts connections on port 24 (on all interfaces loopback as well as eth0) and forward the data to localhost:7060.

This is how I am setting up the iptables rule:

iptables -t nat -A PREROUTING -p tcp --dport 24 -j DNAT --to 127.0.0.1:7060**

It is not working. When I telnet from different box, I see the following

$telnet 10.200.32.98 24
Trying 10.200.32.98...

If I change the server to bind to *:7060 and set the following rule, it seems to work fine.

iptables -t nat -A PREROUTING -p tcp --dport 24 -j REDIRECT --to-port 7060

But that will make my server available on WAN interface which I don't like.

I feel it had something to do with ipv6 socket (tcp6 line in netstat output). This whole thing is done on an Android device with custom built Android platform image.

How do I get this working?

© Super User or respective owner

Related posts about port-forwarding

Related posts about android