0

I need to forward all traffic from one AWS instance to another.

I am trying to set up a Bro monitor in the cloud. See the picture for an overview. At the moment I have it setup in such way that TestVM's traffic is rerouted to Bro worker (NAT) which forward everything to bro_master. However my problem is that the TestVM is in a private subnet where I need to replace it with a honeypot with a public IP-which still needs to forward ALL traffic to bro_worker. At this moment it's not possible as it's NATed and I can't assign an elasticIP.

How do forward all the traffic from TestVM to Bro_worker and make TestVM publicly available?

Thanks Overview

Vorsprung
  • 32,923
  • 5
  • 39
  • 63
Azibiz
  • 59
  • 2
  • 3

3 Answers3

3

For those of you who are searching AWS ec2 instance forward to another ip, it works like a charm, see below.

  1. You must be logged in as root, sudo will not work, so first use sudo su -
  2. Allow port 80 (dont forget to allow port 80 in your aws security group): iptables -I INPUT 1 -p tcp --dport 80 -j ACCEPT
  3. Forward to another IP (Use a -- instead of long dash, also not sure why above answer has D as that is for delete, use A):
    1. iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination <DESTINATION_IP>
    2. iptables -t nat -A POSTROUTING -p tcp -d <DESTINATION_IP> --dport 80 -j MASQUERADE
  4. Save if you want to keep settings after reboot: sh -c "iptables-save > /etc/iptables.rules"
Lelouch Lamperouge
  • 8,171
  • 8
  • 49
  • 60
user3140639
  • 509
  • 4
  • 3
0

I didn't fully understand the scenario but I think that what you need is a reverse proxy or a load balancer.

bukk530
  • 1,858
  • 2
  • 20
  • 30
0

You can configure IPTables on a Linux server to redirect all the traffic coming on one server to another server. Check: How to redirect traffic to another machine in linux for step to step process.

Below are the steps as are explained in the blog:

Step 1: 

# echo 1 >/proc/sys/net/ipv4/ip_forward

Step 2: Tell IPTables to redirect the traffic to the new server:

# iptables -t nat -D PREROUTING -p tcp –dport 80 -j DNAT –to-destination <DESTINATION IP>

Step 3: Here’s where the IPTables magic happens. With this step we tell IPTables to rewrite the origin of connections to the new server’s port 80 to appear to come from the old server.

# iptables -t nat -D POSTROUTING -p tcp -d <DESTINATION IP> –dport 80 -j MASQUERADE

The final step is required because if we don’t tell the web server of the new server that the connections are coming from the client machines, it would think that they are originating from the old server.

Other References:

Moinuddin Quadri
  • 46,825
  • 13
  • 96
  • 126
  • Thanks, tried your solution however it didn't work. I've done quite a lot of research and it seems that port forwarding is not possible in AWS. Any other suggestions ? – Azibiz Mar 02 '16 at 20:12