\n\u7531\u4e8e\u67d0\u4e9b\u539f\u56e0\uff0c\u6211\u4eec\u9700\u8981\u5c06\u8bbf\u95ee\u5230\u672c\u673a\u7684\u6570\u636e\u8f6c\u53d1\u5230\u53e6\u5916\u4e00\u53f0\u673a\u5668\u4e0a
\n\u5e38\u89c1\u8f6c\u53d1\u662f\u5b9e\u7528\u65b9\u5f0f\u662f\u901a\u8fc7\u53ef\u4ee5\u8fde\u63a5\u5916\u90e8\u7f51\u7edc\u7684\u673a\u5668\u5c06\u8bbf\u95ee\u8f6c\u53d1\u81f3\u5185\u7f51\u7684\u673a\u5668<\/p>\n
\u57fa\u672c\u8bbe\u7f6e\u5982\u4e0b\uff1a<\/p>\n
\u5f00\u542f\u7aef\u53e3\u8f6c\u53d1\u529f\u80fd<\/p>\n
\u7f16\u8f91\/etc\/sysctl.conf \u6587\u4ef6\uff0cvi \/etc\/sysctl.conf
\n\u5c06net.ipv4.ip_forward=0 \u6539\u4e3anet.ipv4.ip_forward=1 \u4fdd\u5b58<\/p>\n
\u6216\u8005echo -e “net.ipv4.ip_forward=1” >> \/etc\/sysctl.conf<\/p>\n
\u8fd0\u884csysctl -p \u5373\u523b\u751f\u6548<\/p>\n
\n\u8fdb\u884c\u7aef\u53e3\u8f6c\u53d1<\/p>\n
\nA)\u5c06\u672c\u673a\u8f6c\u53d1\u81f3\u76ee\u6807\u673a\u5668
\niptables -t nat -A PREROUTING -p tcp -d [\u672c\u5730\u670d\u52a1\u5668\u4e3b\u7f51\u5361\u7ed1\u5b9aIP] –dport [\u672c\u5730\u7aef\u53e3] -j DNAT –to-destination [\u76ee\u6807IP:\u76ee\u6807\u7aef\u53e3]
\niptables -t nat -A PREROUTING -p udp -d [\u672c\u5730\u670d\u52a1\u5668\u4e3b\u7f51\u5361\u7ed1\u5b9aIP] –dport [\u672c\u5730\u7aef\u53e3] -j DNAT –to-destination [\u76ee\u6807IP:\u76ee\u6807\u7aef\u53e3]<\/p>\n
B)\u5c06\u76ee\u6807\u673a\u5668\u8fd4\u56de\u7684\u6570\u636e\u8f6c\u53d1\u81f3\u672c\u673a
\niptables -t nat -A POSTROUTING -p tcp -d [\u76ee\u6807IP] –dport [\u76ee\u6807\u7aef\u53e3] -j SNAT –to-source [\u672c\u5730\u670d\u52a1\u5668\u4e3b\u7f51\u5361\u7ed1\u5b9aIP]
\niptables -t nat -A POSTROUTING -p udp -d [\u76ee\u6807IP] –dport [\u76ee\u6807\u7aef\u53e3] -j SNAT –to-source [\u672c\u5730\u670d\u52a1\u5668\u4e3b\u7f51\u5361\u7ed1\u5b9aIP]<\/p>\n
\u4fdd\u5b58\u89c4\u5219
\nservice iptables save<\/p>\n
\u67e5\u770b\u5df2\u8bbe\u5b9a\u5185\u5bb9
\niptables -t nat -L -n –line-numbers <\/p>\n","protected":false},"excerpt":{"rendered":"
\u7531\u4e8e\u67d0\u4e9b\u539f\u56e0\uff0c\u6211\u4eec\u9700\u8981\u5c06\u8bbf\u95ee\u5230\u672c\u673a\u7684\u6570\u636e\u8f6c\u53d1\u5230\u53e6\u5916\u4e00\u53f0\u673a\u5668\u4e0a \u5e38\u89c1\u8f6c\u53d1\u662f\u5b9e\u7528\u65b9\u5f0f\u662f\u901a\u8fc7\u53ef\u4ee5\u8fde\u63a5\u5916\u90e8\u7f51\u7edc\u7684\u673a\u5668\u5c06 … \u9605\u8bfb\u66f4\u591a<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[64,65,66,51,46,47],"class_list":["post-219","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-centos","tag-ip","tag-iptables","tag-linux","tag-network","tag-services"],"_links":{"self":[{"href":"https:\/\/yeslq.com\/index.php?rest_route=\/wp\/v2\/posts\/219","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/yeslq.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/yeslq.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/yeslq.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/yeslq.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=219"}],"version-history":[{"count":1,"href":"https:\/\/yeslq.com\/index.php?rest_route=\/wp\/v2\/posts\/219\/revisions"}],"predecessor-version":[{"id":279,"href":"https:\/\/yeslq.com\/index.php?rest_route=\/wp\/v2\/posts\/219\/revisions\/279"}],"wp:attachment":[{"href":"https:\/\/yeslq.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=219"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/yeslq.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=219"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/yeslq.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=219"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}