Hairpinning in Linux

Question

I have a router in which I installed a Linux system.

I want my router to support NAT hairpinning.

Does a such feature exists in Kernel Linux? If yes how to activate it? Are there a patch to apply it on my kernel to support hairpinning?

Hairpinning explanation from Wikipedia:

Let us consider a private network with the following:

    Gateway address: 192.168.0.1
    Host 1: 192.168.0.5
    Host 2: 192.168.0.7

    The gateway has an external IP : 192.0.2.1
    Host 1 runs a P2P application P1 on its port 12345 which is externally mapped to 4444.
    Host 2 runs a P2P application P2 on its port 12345 which is externally mapped to 5555.

If the NAT device supports hairpinning, then P1 application can connect to the P2 application using the external endpoint 192.0.2.1:5555.
If not, the communication will not work.

Answer 1

As pointed out in the comments, the way to do this is to create two NAT rules for both internal services, like this:

iptables -t nat -A PREROUTING -d public.ip -p tcp --dport 4444 -j DNAT --to inthost1:12345
iptables -t nat -A PREROUTING -d public.ip -p tcp --dport 5555 -j DNAT --to inthost2:12345
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -d inthost1 -p tcp --dport 12345 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -d inthost2 -p tcp --dport 12345 -j MASQUERADE

This way if one internal host sends a packet to the other, it will appear to come from the "gateway" (the NAT box), so that the NAT box gets the reply and can forward it to the other internal box.