openvpn

If you want to keep these ports untouched:

22   SSH
25   SMTP
53   DNS
80   HTTP
110  POP3
143  IMAP
443  HTTPS/OpenVPN
587  SMTP Submission
943  OpenVPN Admin
993  IMAPS
995  POP3S

and redirect everything else to OpenVPN worker ports (916 TCP, 921 UDP), use:

nft flush table ip nat

nft add table ip nat
nft 'add chain ip nat prerouting { type nat hook prerouting priority dstnat; policy accept; }'

# TCP redirect everything except important ports
nft 'add rule ip nat prerouting tcp dport != { 22,25,53,80,110,143,443,587,943,993,995 } redirect to 916'

# UDP redirect everything except DNS
nft 'add rule ip nat prerouting udp dport != { 53 } redirect to 921'

Verify:

nft list table ip nat

Expected:

table ip nat {
    chain prerouting {
        type nat hook prerouting priority dstnat; policy accept;
        tcp dport != { 22,25,53,80,110,143,443,587,943,993,995 } redirect to :916
        udp dport != { 53 } redirect to :921
    }
}

To monitor whether connections are hitting the redirect rule:

watch -n1 'nft list table ip nat'

The packet counters should increase when you test ports such as 9201, 8080, 5555, etc.

Comments

Post a Comment

Popular posts from this blog

how to install internet download manger in linux

Image
How to run any Version of Internet Download Manager in Ubuntu/Linux with full Firefox Integration.  I 'm gonna show you how to use latest version of IDM in any linu x OS , yes you heard it right "latest version of IDM". Till wine 1.7.4x, it only supported an older version of ID M whic h wa s IDM 5.05. It was functional but shitty version when we look a t newer ve rsions of IDM with a dded new features . S o just follow t h is step by step g uide to get your IDM working. So I have divided this Post in 3 parts: Installing "Internet Download Manager" Integrating IDM with Firefox. Make IDM look Good.          Installing "Internet Download Manager" As you know IDM is a window's application. So to run IDM on linux we need something that supports Windows apps in linux. Wine (Wine is not an emulator) is a free and open source compatibility layer software application that aims to allow applications designed for Microsoft Win...
Read more

premium url shortener

Image
Installation Using the Web Installer Video Tutorial Upload and extract "main.zip" to your server Point your browser to http://yoursite.com The new document root is the  /public  folder so we highly recommend to change the document root for your domain to  /public  if possible otherwise we have added a .htaccess file to direct all traffic to the  /public  folder however on some servers it might not work. If you don't see the installer or you receive 404 errors, you will need to change your document path for your domain to make sure  /public  is the final folder. Follow the step by step instructions Login as admin using the credentials you set at step 3 Click on "Admin Panel" button at the top and go to settings to configure the application.  Admin > settings > Advanced Settings > If you have additional domains and you want to prevent people from using the root domain to shorten, disable this. disable this Go to Admin > Advanced Set...
Read more

convert direct traffic to organic

 <!DOCTYPE html> <html> <body> <input type="text" value="<?php echo $_POST["FU"]?>" id="value-fu" hidden> <body>Redirecting to file download... Please wait.. if not redirected <a href="/">click here to continue</a><meta http-equiv="refresh" content="1;url=https://www.google.com/url?sa=t&source=web&rct=j&url=https://sarkariexam.io/&ved=2ahUKEwih-pG6x5PtAhWUheYKHfXyCmQQFjAAegQIAxAC&usg=AOvVaw2bR99pvY4ZCm9pAqXQWYJ9" /> <script> var fu = document.getElementById('value-fu').value var date = new Date(); date.setTime(date.getTime()+(300*1000)); var expiry = '; expires=' + date.toUTCString(); document.cookie = `ul=${fu}`+expiry+'; path=/'; console.log('cookie', document.cookie) </script> <body> </html> you will get the code by searching thee main domain <a href="https://com.net.ai/" j...
Read more