服务器评测
1. NAT服务
| echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -s 10.0.2.0/24 -j SNAT –to 218.222.22.124 |
# 解释
echo 1 > /proc/sys/net/ipv4/ip_forward
# 启用转发
iptables -t nat -A POSTROUTING -s 10.0.2.0/24 -j SNAT –to 218.222.22.124 # 将所有10.0.2.x的ip的数据包都转发到218.222.22.124这个公网ip,通过这两条命令,即可实现内网ip共享上网
2. 端口映射
| iptables -t nat -A PREROUTING –dst 218.222.22.124 -p tcp –dport 80 -j DNAT –to-destination 10.0.0.187:80 |
# 解释
如果访问218.222.22.124的80端口,则将数据包转发到10.0.0.187的80端口
例子:把10.20.192.75:9000的请求转到10.20.192.73:80上
在10.20.192.75上操作:
a.echo 1 > /proc/sys/net/ipv4/ip_forward
b. vi /etc/sysconfig/iptables
-A PREROUTING -p tcp -m tcp –dport 9000 -j DNAT –to-destination 10.20.192.73:80
-A POSTROUTING -d 10.20.192.73 -p tcp -m tcp –dport 80 -j SNAT –to-source 10.20.192.75
