[root@boobalserver ~]# service iptables status
Table: nat
Chain PREROUTING (policy ACCEPT)
num target prot opt source destination
1 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 redir ports 8443
2 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 redir ports 8080
/////////iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to 8443
/////////iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to 8080
Chain POSTROUTING (policy ACCEPT)
num target prot opt source destination
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
1 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 redir ports 8443
2 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 redir ports 8080
///////iptables -t nat -A OUTPUT -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8443
///////iptables -t nat -A OUTPUT -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5555
2 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
4 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
5 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
6 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:1270
7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
8 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:443
9 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:5555
10 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8443
11 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:8443
12 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:5667
13 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:5666
14 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5565
15 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:5565
///////iptables -t filter -A INPUT -p tcp -m tcp --dport 5555 -j ACCEPT
///////iptables -t filter -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
///////iptables -t filter -A INPUT -p icmp -j ACCEPT
///////iptables -t filter -A INPUT -i lo -j ACCEPT
///////iptables -t filter -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
///////iptables -t filter -A INPUT -p tcp -m state --state NEW -m tcp --dport 1270 -j ACCEPT
///////iptables -t filter -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
///////iptables -t filter -A INPUT -p udp -m state --state NEW -m udp --dport 443 -j ACCEPT
///////iptables -t filter -A INPUT -p tcp -m state --state NEW -m tcp --dport 5555 -j ACCEPT
///////iptables -t filter -A INPUT -p tcp -m state --state NEW -m tcp --dport 8443 -j ACCEPT
///////iptables -t filter -A INPUT -p udp -m state --state NEW -m udp --dport 8443 -j ACCEPT
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
///////iptables -t filter -A FORWARD -j REJECT --reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5555
2 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5565
///////iptables -t filter -A OUTPUT -p tcp -m tcp --dport 5555 -j ACCEPT
--------------------------------------------------------------------------
[root@boobalserver sysconfig]# cat iptables
# Generated by iptables-save v1.4.7 on Sat Aug 8 04:27:21 2020
*nat
:PREROUTING ACCEPT [6217687:906183670]
:POSTROUTING ACCEPT [239954:19806754]
:OUTPUT ACCEPT [237988:19688794]
-A PREROUTING -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8443
-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
-A OUTPUT -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8443
-A OUTPUT -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
COMMIT
# Completed on Sat Aug 8 04:27:21 2020
# Generated by iptables-save v1.4.7 on Sat Aug 8 04:27:21 2020
*filter
:INPUT ACCEPT [18594557:2163990021]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [8627773:8196309388]
-A INPUT -p tcp -m tcp --dport 5555 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 1270 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 443 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 5555 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 8443 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 8443 -j ACCEPT
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A OUTPUT -p tcp -m tcp --dport 5555 -j ACCEPT
COMMIT
# Completed on Sat Aug 8 04:27:21 2020
[root@boobalserver sysconfig]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5555
2 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
4 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
5 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
6 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:1270
7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
8 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:443
9 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:5555
10 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8443
11 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:8443
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5555
Table: nat
Chain PREROUTING (policy ACCEPT)
num target prot opt source destination
1 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 redir ports 8443
2 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 redir ports 8080
Chain POSTROUTING (policy ACCEPT)
num target prot opt source destination
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
1 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 redir ports 8443
2 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 redir ports 8080
------------------------------------------------
//add iptable ports
#iptables -I INPUT 1 -p tcp --dport 80 -j ACCEPT
//for delte the iptable prot
# /sbin/iptables -L -v -n --line-numbers
Chain INPUT (policy ACCEPT 10475 packets, 1677K bytes)
num pkts bytes target prot opt in out source destination
1 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:20
######## /sbin/iptables -D INPUT 1
//deleted
---------------------------------------------
// add rules
[root@boobalserver sysconfig]# iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to 8080
[root@boobalserver sysconfig]# service iptables restart
[root@boobalserver sysconfig]# service iptables status
[root@boobalserver sysconfig]# cat iptables
# Generated by iptables-save v1.4.7 on Mon Oct 19 15:25:44 2020
*nat
:PREROUTING ACCEPT [22:4430]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A PREROUTING -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8443
-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
COMMIT
# Completed on Mon Oct 19 15:25:44 2020
# Generated by iptables-save v1.4.7 on Mon Oct 19 15:25:44 2020
*filter
:INPUT ACCEPT [40403:6574025]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [15496:2733591]
COMMIT
# Completed on Mon Oct 19 15:25:44 2020
#iptables -t nat -D PREROUTING -p tcp --dport 80 -j REDIRECT --to 8080 ///here -D is used for deleting
0 Comments