iptables配置端口转发

2018-01-23   服务器, Linux,

<!--markdown-->修改内容如下

*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A PREROUTING -p tcp -m tcp --dport 9011 -j DNAT --to-destination 10.12.1.86:24800
-A POSTROUTING -p tcp -m tcp --dport 24800 -d 10.12.1.86 -j SNAT --to-source 10.12.1.222
COMMIT

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -j ACCEPT
-A FORWARD -j ACCEPT
-A OUTPUT -j ACCEPT
COMMIT

修改 /etc/sysctl.conf

echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf 
sysctl -p
提交