07 November 2011

Linux port forwarding (port 389, LDAP Proxy)

What I was trying to do this morning was to get my LDAP proxy going. By LDAP proxy I mean simple port 389 forwarding from one machine to the 389 port on actual LDAP server.

After intial attmpt to set up iptables to do what I wanted, I started to look through internet, as this posed to be non-trivial task, at least for me.

Eventually, after putting together instructions found on numerous web pages and forums I put together my Golden Instruction!!! TaDAM!

It looks like that:

echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -A INPUT -p tcp --dport 389 -j ACCEPT
iptables -t nat -A POSTROUTING -d ldap_ip_number -j MASQUERADE
iptables -t nat -A PREROUTING -i bond0 -d box_ip_number -p tcp --dport 389 -j DNAT --to

It does the following:

you connect on port 389 of the "box" machine and you can use LDAP running on "ldap" machine.

Simple as it is, but finally I got my satisfaction.

Hope this helps! Good luck.

No comments:

Post a Comment