how to redirect a specific loopback port to another address
I would like to redirect the postgres' port to another address which is running postgres. The postgres' instance is hosted on a virtualbox machine with host-only networking configuration. Unfortunately the following rule does not seem to make the job
echo "rdr pass inet proto tcp from any to 127.0.0.1 port 5432 ->
172.16.0.2 port 5432" | sudo pfctl -ef -
pfctl: Use of -f option, could result in flushing of rules
present in the main ruleset added by the system at startup.
See /etc/pf.conf for further details.
No ALTQ support in kernel
ALTQ related functions disabled
pfctl: pf already enabled
$ psql -h 127.0.0.1 -p 5432 -U em3local
psql: could not connect to server: Network is unreachable
what's wrong with it?
Of course if I try to connect to 172.16.0.2 I can reach it correctly:
$psql -h 172.16.0.2 -p 5432 -U em3local
Password for user em3local:
These are my current interfaces (notice te last one vboxnet0):
$ ifconfig
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=3<RXCSUM,TXCSUM>
inet6 ::1 prefixlen 128
inet 127.0.0.1 netmask 0xff000000
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 172.16.0.9 netmask 0xffff0000
nd6 options=1<PERFORMNUD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
en0: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=10b<RXCSUM,TXCSUM,VLAN_HWTAGGING,AV>
ether 38:c9:86:4f:bd:74
inet6 fe80::3ac9:86ff:fe4f:bd74%en0 prefixlen 64 scopeid 0x4
inet 10.0.0.2 netmask 0xffff0000 broadcast 10.0.255.255
nd6 options=1<PERFORMNUD>
media: autoselect (1000baseT <full-duplex,flow-control,energy-efficient-ethernet>)
status: active
en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 08:6d:41:e9:79:7e
inet6 fe80::a6d:41ff:fee9:797e%en1 prefixlen 64 scopeid 0x5
inet 10.0.1.2 netmask 0xffff0000 broadcast 10.0.255.255
nd6 options=1<PERFORMNUD>
media: autoselect
status: active
en2: flags=963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX> mtu 1500
options=60<TSO4,TSO6>
ether 2a:00:01:66:53:30
media: autoselect <full-duplex>
status: inactive
en3: flags=963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX> mtu 1500
options=60<TSO4,TSO6>
ether 2a:00:01:66:53:31
media: autoselect <full-duplex>
status: inactive
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
ether 0a:6d:41:e9:79:7e
media: autoselect
status: inactive
awdl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1484
ether 4a:00:05:4b:ef:d9
inet6 fe80::4800:5ff:fe4b:efd9%awdl0 prefixlen 64 scopeid 0x9
nd6 options=1<PERFORMNUD>
media: autoselect
status: active
bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=63<RXCSUM,TXCSUM,TSO4,TSO6>
ether 3a:c9:86:f4:af:00
Configuration:
id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
ipfilter disabled flags 0x2
member: en2 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 6 priority 0 path cost 0
member: en3 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 7 priority 0 path cost 0
nd6 options=1<PERFORMNUD>
media: <unknown type>
status: inactive
ppp0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280
inet 10.0.0.2 --> 10.0.2.3 netmask 0xffff0000
vboxnet0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
ether 0a:00:27:00:00:00
inet 172.16.0.1 netmask 0xfff00000 broadcast 172.31.255.255
Bertuz1 Answer
When You do the port forwarding from loopback device to other host (virtual host) the source address of the forwarded packet isn't changed. But it has the same loopback ip address 127.0.0.1. When other host (virtual host) recives the forwarded packet it answers to its own loopback device. That is why you haven't connection.
Use other ip (not from loopback's 127.0.0.0/8 network) on your host server for port forwarding.
Mikhail KhirgiyUser contributions licensed under CC BY-SA 3.0