Dedicated Server Port Forwarding to VPS Using iptables (and OpenVPN)
Unused
Dedicated Server Port Forwarding to VPS Using iptables (and OpenVPN)๊ฐœ๋ฐœ&IT/Infra. & Arch. & Cloud2021. 7. 21. 12:26@Unused
Table of Contents

iptables๋ฅผ ์ด์šฉํ•˜์—ฌ ํฌํŠธ ํฌ์›Œ๋”ฉํ•˜๊ธฐ (feat. ๋ฐ๋””์ผ€์ดํ‹ฐ๋“œ ์„œ๋ฒ„, VPS, OpenVPN)

 

์›๋ž˜๋Š” Dedicated Server <==> Client ์ด๊ฒŒ ์ผ๋ฐ˜์ ์ด๋‹ค.
๊ทธ๋Ÿฐ๋ฐ ์œ„์ฒ˜๋Ÿผ Dedicated Server <==> VPS <==> Client ์ด๋ ‡๊ฒŒ ์ค‘๊ณ„ ์„œ๋ฒ„๋ฅผ ๋†“์•„์•ผ ํ•˜๋Š” ๊ฒฝ์šฐ๊ฐ€ ์žˆ๋‹ค.
์„œ๋ฒ„๋กœ ์“ธ PC๊ฐ€ ๊ธฐ์ˆ™์‚ฌ์— ์žˆ์–ด์„œ Public IP๋ฅผ ๋ชป ์“ด๋‹ค๋“ ๊ฐ€.

์ ์šฉํ•  ํ™˜๊ฒฝ์€ ๋‹ค์Œ๊ณผ ๊ฐ™๋‹ค.

  • ์„œ๋ฒ„ PC์™€ VPS๋Š” OpenVPN์œผ๋กœ ์—ฐ๊ฒฐ๋จ.
  • ์„œ๋ฒ„ PC๊ฐ€ OpenVPN Client / VPS๊ฐ€ OpenVPN Server
  • ์„œ๋ฒ„ PC์˜ OpenVPN Private IP๋Š” 10.8.100.2
  • VPS๋Š” iptables๋ฅผ ์“ฐ๋Š” Linux, TCP/UDP ๋‘˜ ๋‹ค ์ ์šฉ, ๋„คํŠธ์›Œํฌ ์ธํ„ฐํŽ˜์ด์Šค๋Š” eth0, Public IP๋Š” 12.34.56.78, OpenVPN Private IP๋Š” 10.8.100.1
  • ์„œ๋น„์Šคํ•  ํฌํŠธ๋Š” ์–‘์ชฝ ๋‹ค 33333
$ sudo iptables -t nat -A PREROUTING -d 12.34.56.78 -p tcp --dport 33333 -j DNAT --to-dest 10.8.100.2:33333
$ sudo iptables -t nat -A PREROUTING -d 12.34.56.78 -p udp --dport 33333 -j DNAT --to-dest 10.8.100.2:33333
$ sudo iptables -t nat -A POSTROUTING -p tcp --destination 10.8.100.2 --dport 33333 -o eth0 -j SNAT --to-source 10.8.100.1
$ sudo iptables -t nat -A POSTROUTING -p udp --destination 10.8.100.2 --dport 33333 -o eth0 -j SNAT --to-source 10.8.100.1
$ sudo iptables -t filter -A FORWARD -p tcp -d 10.8.100.2 --dport 33333 -j ACCEPT 
$ sudo iptables -t filter -A FORWARD -p udp -d 10.8.100.2 --dport 33333 -j ACCEPT 
$ sudo iptables-save

์žฌ๋ถ€ํŒ…ํ•˜๋ฉด ์ดˆ๊ธฐํ™”๋œ๋‹ค. ์ด๋ฅผ ๋ง‰์œผ๋ ค๋ฉด crontab ๋“ฑ ๋ถ€ํŒ…์‹œ ์ € ์Šคํฌ๋ฆฝํŠธ๋ฅผ ์ž๋™์‹คํ–‰ํ•˜๊ฒŒ ๋งŒ๋“ค์–ด์•ผ ํ•œ๋‹ค.

์™ธ๋ถ€์—์„œ 12.34.56.78:33333์œผ๋กœ ์ ‘์†ํ•˜๋ฉด ์—ฐ๊ฒฐ๋œ๋‹ค.

์ฐธ๊ณ ๋กœ ์†Œ์Šค ๋ฐ๋””์ผ€์ดํ‹ฐ๋“œ ์„œ๋ฒ„(Source Dedicated Server)์˜ ๊ฒฝ์šฐ status๋ฅผ ์ณ์„œ ๋‚ด๋ถ€ IP๋ฅผ ํ™•์ธํ•ด์•ผ ํ•œ๋‹ค.
๋‚ด๋ถ€ IP๊ฐ€ OpenVPN์˜ ๊ทธ๊ฒƒ๊ณผ ๋™์ผํ•ด์•ผ ์ œ๋Œ€๋กœ ์—ฐ๊ฒฐ๋œ ๊ฑฐ๋‹ค.

์ด๋ฅผ ์‘์šฉํ•˜๋ฉด Public IP๊ฐ€ ์ œ๊ณต๋˜์ง€ ์•Š๋Š” ํ™˜๊ฒฝ(๊ธฐ์ˆ™์‚ฌ, ๊ณต๊ณต์‹œ์„ค, ๋ชจ๋ฐ”์ผ, ...)์ด๋ผ๋„ VPS+OpenVPN+๋ผ์šฐํŒ…(iptables) ์กฐํ•ฉ์œผ๋กœ ํ•ด๋‹น VPS์˜ Public IP๋ฅผ ๋‚ด๊ฒƒ์ฒ˜๋Ÿผ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ๋‹ค. ๋ฌผ๋ก  VPS๋ฅผ ๋”ฐ๋กœ ์ž„๋Œ€ํ•ด์•ผ ๋˜์ง€๋งŒ.... ์–ด์ฐจํ”ผ ๋ผ์šฐํ„ฐ ์—ญํ• ๋งŒ ํ•˜๋ฏ€๋กœ ์„ฑ๋Šฅ์— ๊ตฌ์• ๋ฐ›์ง€ ์•Š์œผ๋‹ˆ ์ €๋ ดํ•œ VPS๋ฅผ ์ฐพ์•„๋ณด๋ฉด ๋  ๊ฒƒ์ด๋‹ค.

 

์ฐธ๊ณ ์ž๋ฃŒ
https://blog.kerus.net/2438/iptables-port-forward-to-another-public-ip
https://unix.stackexchange.com/questions/449853/port-forwarding-using-openvpn-client
https://whattheserver.com/openvpn-server-with-port-forwarding/

'๊ฐœ๋ฐœ&IT > Infra. & Arch. & Cloud' ์นดํ…Œ๊ณ ๋ฆฌ์˜ ๋‹ค๋ฅธ ๊ธ€

PowerShell์—์„œ ์ผ์‹œ์ ์œผ๋กœ ํ™˜๊ฒฝ๋ณ€์ˆ˜ ์ˆ˜์ •ํ•˜๊ธฐ  (0) 2024.04.02
Ubuntu ๋จธ์‹  ๋ณต์ œ ์‹œ IP ์ฃผ์†Œ ๊ฒน์นจ ๋ฌธ์ œ ํ•ด๊ฒฐ  (0) 2024.03.29
Ansible ์„ค์น˜ ๋ฐ Ansible๋กœ AWS EC2 ์ƒ์„ฑํ•˜๊ธฐ  (0) 2024.03.11
Nextcloud ์—…๋ฐ์ดํŠธ๋ฅผ ์›น ๋Œ€์‹  ์ฝ˜์†”์ฐฝ์—์„œ ํ•˜๊ธฐ  (0) 2023.06.22
SSH ์„œ๋ฒ„๋กœ SOCKS5 ํ”„๋ก์‹œ ๊ตฌ์„ฑํ•˜๊ธฐ  (0) 2022.02.07
CurrPorts - TCP/IP ์†ก์ˆ˜์‹ ๋ง ํฌํŠธ ๋ฐ ์—ฐ๊ฒฐ ์ƒํƒœ ๋ชจ๋‹ˆํ„ฐ๋ง ๋„๊ตฌ  (0) 2013.08.09
์šฐ๋ถ„ํˆฌ 12.04 ๋ฐ 13.10 ๋‹ค์šด๋กœ๋“œ  (0) 2013.06.29
Unused
@Unused :: โœจ NOT FOUND PAGE ๐Ÿ“š

์•ˆ๋…•ํ•˜์„ธ์š”.

ํฌ์ŠคํŒ…์ด ์ข‹์•˜๋‹ค๋ฉด "์ข‹์•„์š”โค๏ธ" ๋˜๋Š” "๊ตฌ๋…๐Ÿ‘๐Ÿป" ํ•ด์ฃผ์„ธ์š”!

๊ฐœ๋ฐœ&IT/Infra. & Arch. & Cloud ์ถ”์ฒœ ๊ธ€
more
image

ํ‹ฐ์Šคํ† ๋ฆฌํˆด๋ฐ”