outbound traffic on port 80 , 443


#1

I am moving from an IPTABLES Linux based firewall/router to VYOS.

I have the latest version of VyOS loaded and ready. I did the basic set up and am able to MASQ and NAT.

Now I would like to forward web traffic ( port 80 and 443 ) to an external service Web Filtering service.

In IPTABLES:

iptables --table nat --append PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination x.x.x.x:8080

On VYOS I would setup a firewall rule? Kind of lost on the syntax to accomplish this:

eth0 is the external interface.

I have been googling around with no luck.

Any help to some examples would be appreciated.

Thank you!


#2

Hi!

Vyos use own methode…

#set interfaces: eht1=WAN; eth2=LAN

set interfaces ethernet eth1 address ‘192.168.1.100/24’
set interfaces ethernet eth1 description ‘WAN’
set interfaces ethernet eth2 address ‘172.16.0.1/24’
set interfaces ethernet eth2 description ‘LAN’

#set masquarade:

set nat source rule 20 outbound-interface ‘eth1’
set nat source rule 20 source address ‘172.16.0.0/24’
set nat source rule 20 translation address masquerade

#port forward:

#Portforward:

#80
set nat destination rule 30 description ‘Eth1 Port Forward: 80 to 172.16.0.100’
set nat destination rule 30 destination port ‘80’
set nat destination rule 30 inbound-interface ‘eth1’
set nat destination rule 30 protocol ‘tcp’
set nat destination rule 30 translation address ‘172.16.0.100’

#443
set nat destination rule 35 description ‘Eth1 Port Forward: 443 to 172.16.0.100’
set nat destination rule 35 destination port ‘443’
set nat destination rule 35 inbound-interface ‘eth1’
set nat destination rule 35 protocol ‘tcp’
set nat destination rule 35 translation address ‘172.16.0.100’

Have a nice day :slight_smile: