Port Forwarding dengan Ubuntu

Port forwarding pada Ubuntu:

Skenario:

IP source terhubung dengan IP Public sedangkan Komputer Destination hanya terhubung pada local area network tanpa adanya koneksi IP Public.

IP Source : 203.123.123.123:8080

IP Destination: 192.168.1.2:80

->203.123.123.123:8080 -> 192.168.1.2:80

  1. Edit sysctl.conf:
    • sudo nano /etc/sysctl.conf
    • Uncomment pada line #net.ipv4.ip_forward=0
    • Ubah menjadi net.ipv4.ip_forward=1
    • Uncomment pada line #net/ipv6/conf/default/forwarding=1
    • Ubah menjadi: net/ipv6/conf/default/forwarding=1
  2. Enable Forwarding pada UFW
    • sudo nano /etc/default/ufw
    • Ubah DEFAULT_FORWARD_POLICY=”DROP”
    • menjadi DEFAULT_FORWARD_POLICY=”ACCEPT”
  3. Hapus current nat tables bila diperlukan
    • iptables -t nat -F
  4. Set table nat
    • sudo iptables -t nat -A PREROUTING -d 203.123.123.123 -p tcp –dport 8080 -j DNAT –to 192.168.1.2:80
    • sudo iptables -t nat -A POSTROUTING -j MASQUERADE
  5. Buka port 8080 pada Komputer Source
    • sudo ufw allow 8080
  6. Enable NAT
    • iptables -A FORWARD -j ACCEPT
  7. Periksa table nat
    • sudo iptables -t nat -L

    Chain PREROUTING (policy ACCEPT)
    target prot opt source destination
    DNAT tcp — anywhere 203.123.123.123 tcp dpt:8080 to:192.168.1.2:80

    Chain INPUT (policy ACCEPT)
    target prot opt source destination

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination

    Chain POSTROUTING (policy ACCEPT)
    target prot opt source destination
    MASQUERADE all — anywhere anywhere

  8. Cek dari luar network dan akses ip 203.123.123.123:8080

 

Yohan Naftali

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.