iptables nat redirect to port if port open? – A server stack is the collection of software that forms the operational infrastructure on a given machine. In a computing context, a stack is an ordered pile. A server stack is one type of solution stack — an ordered selection of software that makes it possible to complete a particular task. Like in this post about iptables nat redirect to port if port open? was one problem in server stack that need for a solution. Below are some tips in manage your linux server when you find problem about linux, iptables, , , .
I’m running a router that I need filter some http request by proxy for blocked some domain request. so how can I make sure connection always available to destination even when proxy down?
I need:
iptables -t nat -A PREROUTING --dport 80 -j DNAT --to 127.0.0.1 # if 127.0.0.1:80 open
but if 127.0.0.1:80 is dead, how can I implement PREROUTING rule return like:
iptables -t nat -A PREROUTING --dport 80 -j RETURN # if 127.0.0.1:80 dead
its possible using NQA(Network Quality Analyzer)+ Track solve it?
AFAIK there is no option to let iptables determine if a port is up / working.
There are two ways to work arround that problem that come up my mind.
-
Run a script periodically to check the state of the port
You could write a little bash script that checks if the port is opened and perform the required tasks. An easy way to look up if TCP ports are opend via
ncis described here. This script could be run periodically via cron. -
Create a wrapper script for starting and stoping the actual service
This script would be used to start and stop the service running at port 80. if would add the first iptables rule and then call the actual script that starts the service. On the other way you would first remove the first rule, add the second rule and then call the script to stop the service.
