Ubuntu – iptables forward port error – No chain/target/match by that name

iptablesport-forwarding

I am trying to configure iptables on my Ubuntu 12.04 LTS server to forward port 443 to 8443.

But when I run this command:

sudo iptables -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 8443

I get the following error:

iptables: No chain/target/match by that name.

My iptables current configuration:

$ sudo iptables -L

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:https
DROP       tcp  --  anywhere             anywhere             tcp dpt:http

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination 

What am I missing or doing wrong?

Best Answer

Because PREROUTING chain belongs to the NAT table, not the FILTER table. If you do not mention any table explicitly by -t option, then FILTER is assumed.

So, you need to mention the table type with -t nat:

sudo iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 8443

Note that, MANGLE and RAW tables also have PREROUTING chain but as you are redirecting ports only, you are presumably looking for the NAT table.