iptables -t nat -I POSTROUTING -p tcp --dport 321 -d 172.17.28.68 -j MASQUERADE
设置转发:
iptables -t nat -I PREROUTING -s 171.0.0.0/8 --dport 1230 -j DNAT --to-destination 172.17.1.68:3344
iptables -t nat -I PREROUTING -p tcp -s 171.0.0.0/8 --dport 1230 -j DNAT --to-destination 172.17.1.68:3344
iptables -I INPUT ALL -j ACCEPT
iptables -I INPUT all -j ACCEPT
iptables -t nat -A OUTPUT -j DROP
vim /etc/sysconfig/iptables
iptables -A INPUT -s 0.0.0.0/0 -j ACCEPT
iptables -I -s 0.0.0.0/0 -j ACCEPT
iptables -I INPUT -j ACCEPT
iptables -A INPUT -j ACCEPT
删除某条记录:
iptables -D INPUT 1
iptables -D INPUT 6
iptables -t nat -D POSTROUTING 3 (删除某张分表的某条记录)
iptables -t nat -D POSTROUTING 1
iptables -nvL
iptables-save 保存
iptables -t nat -I PREROUTING -s 171.0.0.0/8 --dport 1230 -j DNAT --to-destination 172.17.28.1:3344
iptables -t nat -I PREROUTING -p tcp -s 171.0.0.0/8 --dport 1230 -j DNAT --to-destination 172.17.28.68:3344
-A :添加的规则在最后面:
-I 插入,添加的规则在最前面:
iptables路由转发ok:
iptables -t nat -I PREROUTING -p tcp -s 171.0.0.0/8 --dport 1230 -j DNAT --to-destination 192.168.1.68:3344
iptables -t nat -I PREROUTING -p tcp -s 0.0.0.0/0 --dport 1230 -j DNAT --to-destination 192.168.1.68:3344 (访问权限大小设置)
iptables -t nat -I POSTROUTING -p tcp -d 192.168.1.68 --dport 3344 -j MASQUERADE