Internet restrictions in my country have essentially made it impossible for VPNs to work. As such, I wanted to circumvent this issue by using the following method.

Although "residential" internet is throttled, "commercial" internet is not. Meaning servers can still connect to other servers outside the country using various methods.

I have a client, server in side the country (IN server) and a server outside of the country (OUT server). I can connect to the IN server using l2tp, but now I want to reroute all the traffic to the OUT server. essentially, the schema is : client --l2tp--> IN server --iptables--> OUT server

I've used iptables, but to no avail. here's the script I used:

#!/bin/bash

set -x
set -e


OUT_server_ip="2.2.2.2"
OUT_server_port="22"


IN_server="1.1.1.1"
IN_server_port="11111"


echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward

sudo iptables -t nat -A PREROUTING -p tcp --dport "${IN_server}" -j DNAT --to-destination "${OUT_server}:${OUT_server_port}"
sudo iptables -t nat -A PREROUTING -p udp --dport "${IN_server_port}" -j DNAT --to-destination "${OUT_server}:${OUT_server_port}"

sudo iptables -t nat -A POSTROUTING -p tcp -d "${OUT_server}" --dport "${OUT_server_port}" -j SNAT --to-source "${IN_server}"
sudo iptables -t nat -A POSTROUTING -p udp -d "${OUT_server}" --dport "${OUT_server_port}" -j SNAT --to-source "${IN_server}"

How am I supposed to change the script to make this work? ip forwarding is enabled in the OUT_server

Internet restrictions in my country have essentially made it impossible for VPNs to work. As such, I wanted to circumvent this issue by using the following method.

Although "residential" internet is throttled, "commercial" internet is not. Meaning servers can still connect to other servers outside the country using various methods.

I have a client, server in side the country (IN server) and a server outside of the country (OUT server). I can connect to the IN server using l2tp, but now I want to reroute all the traffic to the OUT server. essentially, the schema is : client --l2tp--> IN server --iptables--> OUT server

I've used iptables, but to no avail. here's the script I used (via gfw-report from https://github.com/net4people/bbs/issues/126):

#!/bin/bash

set -x
set -e


OUT_server_ip="2.2.2.2"
OUT_server_port="22"


IN_server="1.1.1.1"
IN_server_port="11111"


echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward

sudo iptables -t nat -A PREROUTING -p tcp --dport "${IN_server}" -j DNAT --to-destination "${OUT_server}:${OUT_server_port}"
sudo iptables -t nat -A PREROUTING -p udp --dport "${IN_server_port}" -j DNAT --to-destination "${OUT_server}:${OUT_server_port}"

sudo iptables -t nat -A POSTROUTING -p tcp -d "${OUT_server}" --dport "${OUT_server_port}" -j SNAT --to-source "${IN_server}"
sudo iptables -t nat -A POSTROUTING -p udp -d "${OUT_server}" --dport "${OUT_server_port}" -j SNAT --to-source "${IN_server}"

How am I supposed to change the script to make this work? ip forwarding is enabled in the OUT_server

Internet restrictions in my country have essentially made it impossible for VPNs to work. As such, I wanted to circumvent this issue by using the following method.

Although "residential" internet is throttled, "commercial" internet is not. Meaning servers can still connect to other servers outside the country using various methods.

I have a client, server in side the country (IN server) and a server outside of the country (OUT server). I can connect to the IN server using l2tp, but now I want to reroute all the traffic to the OUT server. essentially, the schema is : client ----> IN server -----> OUT server

I've used iptables, but to no avail. here's the script I used:

#!/bin/bash

set -x
set -e


OUT_server_ip="2.2.2.2"
OUT_server_port="22"


IN_server="1.1.1.1"
IN_server_port="11111"


echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward

sudo iptables -t nat -A PREROUTING -p tcp --dport "${IN_server}" -j DNAT --to-destination "${OUT_server}:${OUT_server_port}"
sudo iptables -t nat -A PREROUTING -p udp --dport "${IN_server_port}" -j DNAT --to-destination "${OUT_server}:${OUT_server_port}"

sudo iptables -t nat -A POSTROUTING -p tcp -d "${OUT_server}" --dport "${OUT_server_port}" -j SNAT --to-source "${IN_server}"
sudo iptables -t nat -A POSTROUTING -p udp -d "${OUT_server}" --dport "${OUT_server_port}" -j SNAT --to-source "${IN_server}"

How am I supposed to change the script to make this work? ip forwarding is enabled in the OUT_server

Internet restrictions in my country have essentially made it impossible for VPNs to work. As such, I wanted to circumvent this issue by using the following method.

Although "residential" internet is throttled, "commercial" internet is not. Meaning servers can still connect to other servers outside the country using various methods.

I have a client, server in side the country (IN server) and a server outside of the country (OUT server). I can connect to the IN server using l2tp, but now I want to reroute all the traffic to the OUT server. essentially, the schema is : client --l2tp--> IN server --iptables--> OUT server

I've used iptables, but to no avail. here's the script I used:

#!/bin/bash

set -x
set -e


OUT_server_ip="2.2.2.2"
OUT_server_port="22"


IN_server="1.1.1.1"
IN_server_port="11111"


echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward

sudo iptables -t nat -A PREROUTING -p tcp --dport "${IN_server}" -j DNAT --to-destination "${OUT_server}:${OUT_server_port}"
sudo iptables -t nat -A PREROUTING -p udp --dport "${IN_server_port}" -j DNAT --to-destination "${OUT_server}:${OUT_server_port}"

sudo iptables -t nat -A POSTROUTING -p tcp -d "${OUT_server}" --dport "${OUT_server_port}" -j SNAT --to-source "${IN_server}"
sudo iptables -t nat -A POSTROUTING -p udp -d "${OUT_server}" --dport "${OUT_server_port}" -j SNAT --to-source "${IN_server}"

How am I supposed to change the script to make this work? ip forwarding is enabled in the OUT_server