iptables 端口转发功能简单例子
来源:互联网 发布:开淘宝网店怎么找货源 编辑:程序博客网 时间:2024/05/15 05:42
1.清空已有的清除预设表filter中的所有规则链的规则和filter中使用者自定链中的规则
root@localhost bin]# iptables -F[root@localhost bin]# iptables -X
2,设置端口转发功能,将192.168.91.129 10001端口的请求转发到 192.168.91.129的8080端口
[root@localhost bin]# iptables -t nat -A PREROUTING -p tcp -i eno16777736 -d 192.168.91.129 --dport 10001 -j DNAT --to 192.168.91.129:8080
3,查看定义的规则
[root@localhost bin]# iptables -t nat -L -n --line-numbersChain PREROUTING (policy ACCEPT)num target prot opt source destination 1 DNAT tcp -- 0.0.0.0/0 192.168.91.129 tcp dpt:10001 to:192.168.91.129:8080
4,现在可以在外部通过10001端口访问了。但在本机无法访问。需要执行下面的命令
[root@localhost bin]# iptables -t nat -A PREROUTING -p tcp -i lo -d 127.0.0.1 --dport 10001 -j DNAT --to 192.168.91.129:8080[root@localhost bin]# iptables -t nat -A OUTPUT -p tcp -d 127.0.0.1 --dport 10001 -j DNAT --to 192.168.91.129:8080[root@localhost bin]# iptables -t nat -A OUTPUT -p tcp -d 192.168.91.129 --dport 10001 -j DNAT --to 192.168.91.129:8080
5,看到下面的结果即成功(80端口要部署好应用)
[root@localhost bin]# wget http://127.0.0.1:10001--2015-06-10 05:04:27-- http://127.0.0.1:10001/Connecting to 127.0.0.1:10001... connected.HTTP request sent, awaiting response... 200 OKLength: unspecified [text/html]Saving to: ‘index.html.3’ [ <=> ] 11,230 --.-K/s in 0s 2015-06-10 05:04:27 (51.4 MB/s) - ‘index.html.3’ saved [11230][root@localhost bin]# wget http://192.168.91.129:10001--2015-06-10 05:04:42-- http://192.168.91.129:10001/Connecting to 192.168.91.129:10001... connected.HTTP request sent, awaiting response... 200 OKLength: unspecified [text/html]Saving to: ‘index.html.4’ [ <=> ] 11,230 --.-K/s in 0s 2015-06-10 05:04:42 (265 MB/s) - ‘index.html.4’ saved [11230]
备注:1,删除指定的规则。PREROUTING 后面的数字数 iptables -t nat -L -n --line-numbers查的编号
[root@localhost bin]# iptables -t nat -D PREROUTING 1
2,系统的ip转发功能:echo 1 > /proc/sys/net/ipv4/ip_forward
3,redhat7防火墙关闭
防火墙关闭root@localhost Desktop]# systemctl stop firewalld.service [root@localhost Desktop]# systemctl status firewalld.service firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled) Active: inactive (dead) since Tue 2015-06-09 21:58:35 EDT; 11s ago Process: 981 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS (code=exited, status=0/SUCCESS) Main PID: 981 (code=exited, status=0/SUCCESS)Jun 09 21:47:21 localhost.localdomain systemd[1]: Started firewalld - dynamic...Jun 09 21:58:34 localhost.localdomain systemd[1]: Stopping firewalld - dynami...Jun 09 21:58:35 localhost.localdomain systemd[1]: Stopped firewalld - dynamic...Hint: Some lines were ellipsized, use -l to show in full.[root@localhost Desktop]# firewall-cfirewall-cmd firewall-config [root@localhost Desktop]# firewall-cmd --reloadFirewallD is not running
0 0
- iptables 端口转发功能简单例子
- iptables设置端口转发
- iptables 端口转发实例
- iptables 实现端口转发
- iptables进行端口转发
- iptables 做端口转发
- iptables 端口转发
- iptables 做端口转发
- iptables 配置端口转发
- iptables 实现端口转发
- iptables端口转发
- iptables例:本地端口转发
- iptables学习 03 端口转发
- centos iptables 端口转发命令
- 配置iptables实现端口转发
- iptables 同网段 端口转发
- Linux运用iptables端口转发
- 利用iptables 做端口转发
- 课题第一天
- 获取 iPhone 设备上 /var/mobile/Library/Logs/CrashReporter 中的 Crash 报告文件
- sqlserver存储过程笔记
- mysql 更新sql脚本: you are using safe update mode and you tried to update a table
- 横屏代码:
- iptables 端口转发功能简单例子
- Xcode6.x+opencv配置成功
- 关于AlertDialog弹出后,触摸其他区域Dialog消失的问题
- Android strings.xml中空格符的标识步骤附xml特殊字符表示法
- 一般方式对手机强行设置横屏,会导致Activity的各个生命周期被调用两次。
- 游戏开发中常用的设计模式
- 【转】命令行启动虚拟机
- Java 命名规范
- hdu 4288 Coder