A message for Linux.com registered users: We are in the process of making changes to the Linux forums. Starting Monday, 8/13/18 at 6:00 PM PT, you will be unable to access the forums. They will re-launch as soon as possible on Wednesday, 8/15/18 with new features and improved functionality. Thank you for your patience and stay tuned for the new improved forums.

September 4, 2017

nftables, how to redirect all traffic to port 8080 to another ip

Forums: 
Hi, my router is running on Arch Linux.
I am trying to redirect all the traffic to port 8080 to my laptop which is hosting http website.
 
Here is configuration I come up with so far:
table ip nat {
  chain post {
    type nat hook postrouting priority 0; policy accept;
  }

  chain pre {
    type nat hook prerouting priority 0; policy accept;
    dnat to tcp dport map { 8080 : 192.168.0.100 } # handle 3
  }
}

 

But when I am trying to connect I am being welcomed with this unfriendly message: "<ip address> took too long to respond."
 
Of course I am using nftables and the loaded modules are below:
 
Module                  Size  Used by
nft_masq_ipv4           1265  1
nf_nat_masquerade_ipv4  2616  1 nft_masq_ipv4
nft_masq                1783  1 nft_masq_ipv4
nft_reject_inet         1814  1
nf_reject_ipv4          2938  1 nft_reject_inet
nf_reject_ipv6          3368  1 nft_reject_inet
nft_reject              2451  1 nft_reject_inet
nf_conntrack_ipv6       8902  2
nf_defrag_ipv6         14899  1 nf_conntrack_ipv6
nft_ct                  4373  2
nf_tables_inet          1618  4
nf_tables_ipv6          2117  1 nf_tables_inet
nft_set_hash           11030  2
nft_set_rbtree          2883  0
nft_meta                5683  9
nft_nat                 2508  1
nft_chain_nat_ipv4      1618  2
nf_conntrack_ipv4       8376  3
nf_defrag_ipv4          1546  1 nf_conntrack_ipv4
nf_nat_ipv4             5204  1 nft_chain_nat_ipv4
nf_nat                 16628  3 nft_nat,nf_nat_masquerade_ipv4,nf_nat_ipv4
nf_conntrack           94166  6 nft_ct,nf_conntrack_ipv6,nf_conntrack_ipv4,nf_nat_masquerade_ipv4,nf_nat_ipv4,nf_nat
nf_tables_ipv4          2053  2 nf_tables_inet
nf_tables              66017  54 nft_ct,nft_nat,nft_chain_nat_ipv4,nft_reject,nft_set_hash,nf_tables_ipv6,nf_tables_ipv4,nft_masq,nft_reject_inet,nft_meta,nft_set_rbtree,nft_masq_ipv4,nf_tables_inet

 

#systemctl status nftables
Active: active (exited)
Main PID: 611 (code=exited, status=0/SUCCESS)
Click Here!