share
Unix & Linuxiptable nat rules working on ubuntu16.04 but not on redhat7.6
[0] [1] Vedant Aggrawal
[2020-04-16 16:06:56]
[ ubuntu rhel iptables ]
[ https://unix.stackexchange.com/questions/580492/iptable-nat-rules-working-on-ubuntu16-04-but-not-on-redhat7-6 ]

I need to use iptable nat rules on a rhel7 vm to route packets to a certain ip address.

For development I tested the rules on ubuntu 16.04 vm with ip-address 192.168.150.4:

sysctl net.ipv4.ip_forward=1

rules:

iptables -t nat -A PREROUTING -p tcp --dport 9000 -j DNAT --to-destination 192.168.150.35:6443
iptables -t nat -A POSTROUTING -j MASQUERADE

From a remote vm I tested it working successfully:

telnet 192.168.150.4 9000
curl https://192.168.150.4:9000 -kv

Similarly, used the same rules for production on rhel7 vm (with different set of ips, obviously) but the rules don't seem to work

Working on openstack with all security group rules in place.

Please help. thanks in advance.

usual suspects: the firewall (rules beside the one you're adding) and selinux. Disable both (for selinux don't disable, set to permissive), try again. That's to eliminate probables causes first. - A.B
[+1] [2020-04-17 12:49:38] ctclibby

If JB's suggestions are not the cause, you might need to redirect the port first:

iptables -t nat -A PREROUTING -p tcp --dport 9000 -j REDIRECT --to-port 6443
iptables -t nat -A PREROUTING -p tcp --dport 6443 -j DNAT --to-destination 192.168.150.35

Hope this helps!


1