From 894a381f6d06fe4af357635165417749eb13eed3 Mon Sep 17 00:00:00 2001
From: Jerry Jacobs <jerry.jacobs@xor-gate.org>
Date: Fri, 5 Sep 2025 08:30:41 +0200
Subject: [PATCH] vault backup: 2025-09-05 08:30:41

---
 2025/durian.srv.xor-gate.org.md | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/2025/durian.srv.xor-gate.org.md b/2025/durian.srv.xor-gate.org.md
index 1e9f716..b780893 100644
--- a/2025/durian.srv.xor-gate.org.md
+++ b/2025/durian.srv.xor-gate.org.md
@@ -13,6 +13,17 @@
 
 ### IPv4 forwarding 
 
+Host ports < 1024 as normal user and use iptables firewall to forward between localhost and public IP.
+
+```
+/usr/sbin/iptables -F # flush all rules
+/usr/sbin/iptables -t nat -F # flush all nat rules
+/usr/sbin/iptables -X # Clear user defined chains
+/usr/sbin/iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to 127.0.0.1:8080
+/usr/sbin/iptables -t nat -A POSTROUTING -j MASQUERADE
+/usr/sbin/iptables -t nat -L -v
+```
+
 /etc/sysctl.conf: 
 ```
 net.ipv4.ip_forward = 1