'(Iodine) Route dns0 trafic to eth0

i have done a DNS server with Iodine installed. I have tried to access to my server on external server who ask to enter login/password to have access to internet. And it work i can ping my server outside. But now i want to access on internet and i have to route trafic of dns0 (iodine interface) to eth0 (my interface on the server who is connected to internet)

For doing this i need to :

-Enable ip forwading :

echo 1 > /proc/sys/net/ipv4/ip_forward

Accept trafic from eth0 to dns0 :

iptables -A FORWARD -i eth0 -o dns0 -m state --state RELATED,ESTABLISHED -j ACCEPT

Accept trafic from eth0 to dns0 :

iptables -A FORWARD -i dns0 -o eth0 -j ACCEPT

at this moment everything is okay, but :

route trafic between interface:

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Make no effect, there is no error, the rules is accepted but i can't see this last rules in iptables and obviously the dns0 interfaces don't redirect internet trafic to eth0...

I have tried eveything, enable tun module, disable ufw, clear iptables rules, reboot server... is there anyone who have an idea ?

dnsroutesiptables


Solution 1:[1]

For routing between interfaces, you might need to use routing table instead of just iptables. The iptables just allows the traffics to be redirected that way, and sometime you need routing table to do the redirecting part manually.

If the traffic you want to be redirected comes from different subnet than both dns0 and eth0 subnets, these are some thing you might try.

Creates two additional routing tables, say rt_dns0 and rt_eth0, in /etc/iproute2/rt_tables

Set up routing in these tables as follows:

ip route add $DNS0_NET dev dns0 src $IP1 table rt_dns0
ip route add default via $GATEWAY1 table rt_dns0
ip route add $ETH0_NET dev eth0 src $IP2 table rt_eth0
ip route add default via $GATEWAY2 table rt_eth0

Next, set up the routing rules to redirect trafic from dns0 to eth0

ip rule add from $REDIRECT_NET table rt_eth0
ip rule add to $REDIRECT_NET table rt_dns0

Check this link for more detail http://tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.rpdb.multiple-links.html

Solution 2:[2]

If client has the tunnel ip 10.0.0.2 and the server has 10.0.0.1 .

iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -o eth0 -j MASQUERADE

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 thks173
Solution 2 Dennis Earlyman

Related Questions

Redirect Elastic Beanstalk URL to domain name

Redirect my sub.my-domain.com to discord

Docker cannot resolve DNS on private network

How to access domain controller running on VMware from client pcs

Which cmdlet to use for creating a domain (folder) under a Primary Zone on the DNS-server?

How can I eliminate slow resolving/loading of localhost/virtualhost (a 2-3 second lag) on Mac OS X Lion?

DNS ERROR resolving MX

Error "Maximum DNS-interactive terms limit (10) exceeded"

Multiple DKIM and SPF records on Google Apps/G Suite/Google Workspace for MailChimp

Example URIs for unit testing IDN domains

OVH Api specific task sequence

preconnect vs dns-prefetch resource hints

Curl cant resolve host with kubernetes dns

Do I need a separate WAF if I want to use Azure Deployment Slot on production instance?

Do I need a separate WAF if I want to use Azure Deployment Slot on production instance?