iptables实现端口转发实际案例

时间:2023-03-10 00:29:09
iptables实现端口转发实际案例 
拓扑

client

192.168.10.200   使用navicat连接192.168.10.:

跳板机

外网:192.168.10.194

内网:10.1.1.1

内网mysql:

10.1.1.2

[root@test194 network-scripts]# cat ../iptables

# Generated by iptables-save v1.4.7 on Thu Mar  ::

*nat

:PREROUTING ACCEPT [:]

:POSTROUTING ACCEPT [:]

:OUTPUT ACCEPT [:]

#-A PREROUTING -d 192.168.10.194/ -p tcp -m tcp --dport  -j DNAT --to-destination 10.1.1.2:

#-A POSTROUTING -d 10.1.1.2/ -p tcp -m tcp --dport  -j SNAT --to-source 10.1.1.1

-A PREROUTING -d 192.168.10.194/ -p tcp -m tcp --dport  -j DNAT --to-destination 10.1.1.2:

-A POSTROUTING -d 10.1.1.2/ -p tcp -m tcp --dport  -j SNAT --to-source 10.1.1.1

COMMIT

# Completed on Thu Mar  ::

# Generated by iptables-save v1.4.7 on Thu Mar  ::

*filter

:INPUT ACCEPT [:]

:FORWARD ACCEPT [:]

:OUTPUT ACCEPT [:]

-A INPUT -d 192.168.10.194/ -p tcp -m tcp --dport  -j ACCEPT

-A INPUT -d 192.168.10.194/ -p tcp -m tcp --dport  -j ACCEPT

-A INPUT -d 192.168.10.194/ -p tcp -m tcp --dport  -j ACCEPT

COMMIT

# Completed on Thu Mar  ::

[root@test194 network-scripts]#

相关文章