csf (ConfigServer Security & Firewall) offers the possibility to redirect/forward traffic from one IP/port to another IP/port.
The requirements, as stated in the /etc/csf/csf.redirect
file, are:
Requirements:
nat tables
ipt_DNAT iptables module
ipt_SNAT iptables module
ipt_REDIRECT iptables module
The lines listed below need to be added to the file /etc/csf/csf.redirect
. You can edit the line from the command-line or from your control panel -> csf plugin.
To redirect an IP to another IP (same port or a different port):
# DNAT (redirect from one IP address to a different one):
# IPx|*|IPy|*|tcp/udp - To IPx redirects to IPy
# IPx|portA|IPy|portB|tcp/udp - To IPx to portA redirects to IPy portB
Example 1 – redirect 23.23.23.23 to 23.23.23.35, all TCP ports
23.23.23.23|*|23.23.23.35|*|tcp
Example 2 – redirect 23.23.23.23 port 25 to 23.23.23.35 port 25, TCP protocol
23.23.23.23|25|23.23.23.35|25|tcp
To redirect from one port to another:
# REDIRECT (redirect from port to a different one):
# IPx|portA|*|portB|tcp/udp - To IPx to portA redirects to portB
# *|portA|*|portB|tcp/udp - To portA redirects to portB
Example 3 – redirect port 8080 to port 443, all IPs, TCP protocol
*|8080|*|443|tcp
Example 4 – redirect 23.23.23.23:8080 to 23.23.23.35:443, TCP protocol
23.23.23.23|8080|23.23.23.35|443|tcp