I have KVM installed on Centos with one VM
Host ip: 192.168.1.108, Guest ip: 192.168.100.227, LAN: 192.168.1.4/24
here is all what i did:
i have disabled firewalld and installed iptables-services
systemctl disable firewalld yum install iptables-services systemctl enable iptables.service
here is my rules
iptables -t nat -A PREROUTING -p tcp -s 192.168.1.4/22 -d 192.168.1.108 --dport 8000 -j DNAT --to-destination 192.168.100.227:8888 iptables -t nat -A POSTROUTING -p tcp --dport 8888 -d 192.168.100.227 -j SNAT --to 192.168.100.1 iptables -I FORWARD -m state -d 192.168.100.0/24 --state NEW,RELATED,ESTABLISHED -j ACCEPT
And finally save my iptable rules (with a superuser)
(also tried "service iptables save")
For now everythings works well and i can get access to my python server (hosted in the VM on Port 8888) via 192.168.1.108:8000 But after a restart iptables still enabled but this rule
iptables -I FORWARD -m state -d 192.168.100.0/24 --state NEW,RELATED,ESTABLISHED -j ACCEPT
does not work anymore.I have to add it again to acces to my python server.
Is there another way to do this port fowarding (maybe with FirewallD) or am i missing something ?
As I was facing a similar issue a month ago, my workaround was to load my iptable rules from : etc/network/interfaces with the restore command :
iptables-restore < /etc/iptables.rules
Every time I reboot my iptables keep all updates included in iptables.rules.