Iptables is the standard firewall service on Linux, allowing management of rules for incoming and outgoing network traffic. In this article, you'll learn how to set up iptables on CentOS 7 to redirect all traffic incoming on port 80 (standard for HTTP) to port 8080. This can be useful when you have an application running on port 8080 and want it to be accessible without specifying the port in the URL.
Prerequisites:
- Installed and running CentOS 7
- Logged in as a user with superuser privileges (e.g., using
sudo) - Installed iptables (if not already installed, you can install them with
sudo yum install iptables-services)
Steps for Port Redirection:
1. Ensure iptables are installed and running: Before starting any configuration, make sure the iptables service is installed and running on your system. You can do this with the following commands:
sudo yum install iptables-services
sudo systemctl start iptables
sudo systemctl enable iptables
2. Clear existing rules (optional): If you want to start with a clean slate, you can flush all existing iptables rules. Note that this will remove all current firewall configurations.
sudo iptables -F
3. Add a rule for port redirection: Now, we'll add a rule to redirect all traffic incoming on port 80 to port 8080. We'll use the nat table and the PREROUTING chain for manipulating incoming packets.
sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
4. Save the settings: To make our configuration persistent even after system restarts, we need to save the current iptables rules.
sudo service iptables save
5. Test the configuration: After setting up the rules, it's advisable to verify that the redirection is working. You can do this by opening a web browser and entering your server's address (without specifying the port). If the configuration is correct, you should be redirected to the application running on port 8080.
Using iptables on CentOS 7, you can easily redirect all traffic from port 80 to port 8080. This method is useful for various scenarios, such as running web applications on non-privileged ports without needing to specify the port in the URL. Always ensure you have a backup of your current firewall configuration before making any changes.
