Web Digest

还有众多网络文摘,仅供个人收藏和参考

iptables转发

leave a comment »

 

较为简明易懂的解释

http://www.netfilter.org/documentation/HOWTO/NAT-HOWTO-6.html

 

 

 

 

http://straylink.wordpress.com/2006/08/16/using-iptables-to-redirect-packets/

REDIRECT to localhost

Lets say you want to take packets on one interface and want them forwarded to a service running on localhost – i.e. a database server that requires limited external exposure (no thats not what I’m working on, like I’d reveal my cards so easily!) Ok – googling ‘iptables forward localhost’ results in some mail list postings essentially saying ‘you cannot forward packets from a real interface to a local loopback interface’. True enough. However, IPTables does support REDIRECTing them, like so

iptables -t nat -A PREROUTING -p tcp -d 198.168.1.254 --dport 80
-j REDIRECT --to-ports 8080

The above rule adds a PREROUTING command to your nat table, stating any TCP packets destined for 192.168.1.254 on port 80 should be redirected to localhost port 8080. So breaking down the above example into template format, you have

iptables -t nat -A PREROUTING -p tcp -d DEST_IP --dport DEST_PORT
-j REDIRECT --to-ports LOCAL_PORTS
Advertisement

Written by admin

January 27, 2012 at 1:55 am

Posted in 网站|Site

Tagged with

«

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.