I am running nginx as a quadlet.
I have it listening on port 8080 as that is not a privileged port.
I want to direct the privileged port 80 to 8080.
I have used iptables to do this.
sudo iptables -t nat -F
sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
This gives:
sudo iptables -t nat -L PREROUTING -n -v
Chain PREROUTING (policy ACCEPT 5079 packets, 1010K bytes)
pkts bytes target prot opt in out source destination
0 0 REDIRECT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 redir ports 8080
Which to my eye looks correct.
However, while the following:
curl -I http://mcp.mil:8080
Produces the expected result:
HTTP/1.1 200 OK
Server: nginx/1.27.2
Date: Tue, 12 Nov 2024 19:49:13 GMT
Content-Type: text/html
Content-Length: 615
Last-Modified: Wed, 02 Oct 2024 15:13:19 GMT
Connection: keep-alive
ETag: "66fd630f-267"
Accept-Ranges: bytes
The following:
curl -I http://mcp.mil:80
does not
curl: (7) Failed to connect to mcp.mil port 80 after 3 ms: Could not connect to server
I have also run these commands with tcpdump running:
sudo tcpdump -i any 'tcp port 80 or tcp port 8080'
And, indeed, the traffic shows up on port 80 but is not redirected to port 8080.
This is all happening on lo so I suppose the issue must be with iptables?