If you are a web developer or learning any server-side languages like PHP , ASP then you must have done redirection several times. I am a PHP user so I know how to do this in PHP.
There is a header() function in PHP which can do this easily for you
Now you will see a different way of redirection.
All ubuntu systems have IPTABLES installed by default.If for any reason you can't find it you can install it by this command
sudo apt-get install iptables
Other Linux/Unix users can find installation instructions here
Note that IPTABLES is a FIREWALL and its a very important tool to learn ,so its worth spending time installing and learning about this tool.
Whatever I am gonna tell you here is a little use of it :)
So you can check whether IPTABLES installed successfully or not by running this command
It will give some help tips about this tool.If the command run successfully then you are good to go :)
The computer must have a public IP address.(I use Aircel GPRS .In my case the computer is given a public IP address every time I dial, though it changes after each dial).
The 2nd requirement means your IP address must NOT be in the range.
"10.0.0.0 - 10.255.255.255 , 172.16.0.0 - 172.31.255.255 , 192.168.0.0 - 192.168.255.255"
You can check your IP address by this command
OR as a shorcut try this on ubuntu.. not sure for other operating systems ,the address just after
inet addr : is your IP address
ifconfig |grep 'inet addr'|grep -v 127.0.0.1
And the last but not the least you must have a working network connection ;)
echo 1 > /proc/sys/net/ipv4/ip_forward
It enables packet forwarding which is necessary to forward those packets from your host which don't have there source IP address as yours.
Edit here also:
sudo vi /etc/sysctl.conf
In this file uncomment the line (if commented) which is something like this
It sets packet forwarding in system variables also.
Lets start 'Redirection To Google.com'
IP address : 184.108.40.206 (a public Ip address :) ) I used 8080 port for those incoming connections which are redirected to google.com Google.com's IP : 220.127.116.11 ( It is not an assumption though ; ) )
Fire up a terminal and run the following commands
sudo iptables -t nat -A PREROUTING -p tcp -d 18.104.22.168 --dport 8080 -j DNAT --to-destination 22.214.171.124:80
sudo iptables -t nat -A POSTROUTING -p tcp -d 126.96.36.199 --dport 80 -j SNAT --to-source 188.8.131.52
Now try to access http://184.108.40.206:8080 from ANOTHER PC connected to Internet AND NOT THE PC ON WHICH THESE COMMANDS WERE RUN.(Try to find out why;))
You will see google's homepage :)
First command : appends a rule(-A) to PREROUTING chain for those tcp (-p ->p for protocol) packets in the nat table (-t) whose destination (-d ) IP address is your IP address(220.127.116.11) and destination port (--dport ) 8080 and says that when such a packet comes jump (-j) to DNAT (Destination Network Address Translation ) Target and change that packet's destination IP address(-- to-destination) from 18.104.22.168 to 22.214.171.124:80 . ':80 ' specifies the destination port cause google.com opens on this port only which is default HTTP port.
Second command : appends a rule(-A) to POSTROUTING chain for those tcp (-p ->p for protocol) packets in the nat table (-t) whose destination (-d ) IP address is 126.96.36.199 (which applies for the packet whose destination address is changed by the first command) and destination port (--dport ) 80 (which is also changed to this by the first command) and says that when such a packet comes jump (-j) to SNAT (Source Network Address Translation ) Target and change that packet's source IP address(-- to-source) from earlier(whatever it may be) to 188.8.131.52. How it works: Any packet that comes to your host(PC) is first handled by nat table's prerouting chain(to modify incoming packet's destination IP addresse and port) and after that by the same table's postrouting chain(to modify outgoing packet's source IP address and port)
Reference: http://www.faqs.org/docs/iptables/traversingoftables.html The whole situation can be understood by this sample image.The image explains what is the need for modification of source IP address before releasing the packet .If source address modification is not done then the source host(the one which http://184.108.40.206:8080 accessed this in his browser ) which actually requested to your PC (host with DNAT rule) will finally get reply from google.com(destination host) (see the diagram) and the obvious reaction to this by the source host will be "Who the hell are you.I did not requested you ;) " or may be "What the hell do you want ? ;)".
Thats why the source address is modified by the second command so that the source feels that it get reply from the host with (DNAT ,SNAT rule) which was actually requested.
So this is how this redirection works :)
Hope you understood it well ,this is somewhat difficult for those who don't have much knowledge of IPTABLES.
Thanks to rvsjoen on #Netfilter :)The whole situation can be understood by this sample image