Simple trick to use iptables for port forwarding. I use Debian as my OS, but should work on most Linux systems with iptables.
Lets assume we have a Minecraft server, and a SSH server behind a gateway on a public IP. The Minecraft and SSH is not accessable directly from the Internet. And here is how we solve that. We assume the Minecraft is running on default port 25565 and the SSH server is running on default port 22. We also assume the gateway have a SSH server on port 22, so we can’t use port 22 on our “Minecraft Server” behind the gateway. Looking at the port list, we find out port 14 is unassigned, and we will use that as SSH port on our Minecraft server.
In our "gateway" we set up the following rules (assuming Minecraft server is at 192.168.1.10):
iptables -t nat -A PREROUTING -p tcp –dport 25565 -j DNAT –to 192.168.1.10:25565
iptables -t nat -A PREROUTING -p tcp –dport 14 -j DNAT –to 192.168.1.10:22
iptables -t nat -A POSTROUTING -d 192.168.1.10 -j MASQUERADE
Now your gateway will forward Minecraft traffic to 192.168.1.10, along with SSH traffic on port 14. If you decide to change the SSH port on the Minecraft server. You will have to change the second rule, and change 22 to 14 at the very end.
If you want to remove the rule that goes to the SSH you just replace the -A with -D :
iptables -t nat -D PREROUTING -p tcp –dport 14 -j DNAT –to 192.168.1.10:22
Then we assume you change the SSH server on your minecraft server to listen to port 14 instead:
iptables -t nat -A PREROUTING -p tcp –dport 14 -j DNAT –to 192.168.1.10:14
To save your Iptables configuration, enter:
apt-get install iptables-persistent
iptables-save > /etc/iptables/rules.v4
Happy forwarding!
About Author
