梦想在左,生活在右。 
Linux下设置iptables实现端口转发
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/tcp_syncookies
echo "1" > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses
modprobe ip_conntrack_ftp
modprobe ip_nat_ftp
iptables -F -t filter
iptables -F -t nat
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -t nat -P PREROUTING ACCEPT
iptables -t nat -P OUTPUT ACCEPT
iptables -t nat -P POSTROUTING ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A PREROUTING -s IP1 -p tcp --dport 8001 -j DNAT --to IP2
iptables -t nat -A POSTROUTING -d IP2 -p tcp --dport 8001 -j SNAT --to LinuxIP
iptables -t nat -A PREROUTING -s IP2 -p tcp --dport 8002 -j DNAT --to IP1
iptables -t nat -A POSTROUTING -d IP1 -p tcp --dport 8002 -j SNAT --to LinuxIP
原文地址:
http://blog.chinaunix.net/u/21439/showart_432846.html
echo "1" > /proc/sys/net/ipv4/tcp_syncookies
echo "1" > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses
modprobe ip_conntrack_ftp
modprobe ip_nat_ftp
iptables -F -t filter
iptables -F -t nat
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -t nat -P PREROUTING ACCEPT
iptables -t nat -P OUTPUT ACCEPT
iptables -t nat -P POSTROUTING ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A PREROUTING -s IP1 -p tcp --dport 8001 -j DNAT --to IP2
iptables -t nat -A POSTROUTING -d IP2 -p tcp --dport 8001 -j SNAT --to LinuxIP
iptables -t nat -A PREROUTING -s IP2 -p tcp --dport 8002 -j DNAT --to IP1
iptables -t nat -A POSTROUTING -d IP1 -p tcp --dport 8002 -j SNAT --to LinuxIP
原文地址:
http://blog.chinaunix.net/u/21439/showart_432846.html
Track this back : http://www.koven.org/rserver.php?mode=tb&sl=379
name
password
homepage
隐藏评论(只有管理员可见)
▲
▼
