Proxmox VE KVM/NAT 机器做Nat地址转换和地址映射
|
145
|
0
|
Linux

37 字
|
2 分钟

pve7.4

        post-up   echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up   iptables -t nat -A POSTROUTING -s '172.30.30.0/24' -o vmbr0 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '172.30.30.0/24' -o vmbr0 -j MASQUERADE
        post-up   iptables -t nat -A PREROUTING -i vmbr0 -p tcp -d 10.10.20.200 --dport 60887 -j DNAT --to 172.30.30.1:22
        post-down iptables -t nat -A PREROUTING -i vmbr0 -p tcp -d 10.10.20.200 --dport 60887 -j DNAT --to 172.30.30.1:22
        post-up   iptables -t nat -A PREROUTING -i vmbr0 -p tcp -d 10.10.20.200 --dport 60888 -j DNAT --to 172.30.30.1:60888
        post-down iptables -t nat -A PREROUTING -i vmbr0 -p tcp -d 10.10.20.200 --dport 60888 -j DNAT --to 172.30.30.1:60888
        post-up   iptables -t nat -A PREROUTING -i vmbr0 -p udp -d 10.10.20.200 --dport 60888 -j DNAT --to 172.30.30.1:60888
        post-down iptables -t nat -A PREROUTING -i vmbr0 -p udp -d 10.10.20.200 --dport 60888 -j DNAT --to 172.30.30.1:60888
        post-up   iptables -t nat -A PREROUTING -i vmbr0 -p tcp -d 10.10.20.200 --dport 10001 -j DNAT --to 172.30.30.1:10001
        post-down iptables -t nat -A PREROUTING -i vmbr0 -p tcp -d 10.10.20.200 --dport 10001 -j DNAT --to 172.30.30.1:10001
        post-up   iptables -t nat -A PREROUTING -i vmbr0 -p udp -d 10.10.20.200 --dport 10001 -j DNAT --to 172.30.30.1:10001
        post-down iptables -t nat -A PREROUTING -i vmbr0 -p udp -d 10.10.20.200 --dport 10001 -j DNAT --to 172.30.30.1:10001
        post-up   iptables -t nat -A PREROUTING -i vmbr0 -p tcp -d 10.10.20.200 --dport 60890 -j DNAT --to 172.30.30.2:3389
        post-down iptables -t nat -A PREROUTING -i vmbr0 -p tcp -d 10.10.20.200 --dport 60890 -j DNAT --to 172.30.30.2:3389
        post-up   iptables -t nat -A PREROUTING -i vmbr0 -p udp -d 10.10.20.200 --dport 60890 -j DNAT --to 172.30.30.2:3389
        post-down iptables -t nat -A PREROUTING -i vmbr0 -p udp -d 10.10.20.200 --dport 60890 -j DNAT --to 172.30.30.2:3389
        post-up   iptables -t nat -A PREROUTING -s 172.30.30.1 -d 10.10.0.0/16 -j DNAT --to-destination 0.0.0.0
        post-down iptables -t nat -D PREROUTING -s 172.30.30.1 -d 10.10.0.0/16 -j DNAT --to-destination 0.0.0.0
        post-up   iptables -t nat -A PREROUTING -s 172.30.30.2 -d 10.10.0.0/16 -j DNAT --to-destination 0.0.0.0
        post-down iptables -t nat -D PREROUTING -s 172.30.30.2 -d 10.10.0.0/16 -j DNAT --to-destination 0.0.0.0

        iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 60887 -j DNAT --to 172.30.30.1:22
        iptables -t nat -A PREROUTING -i vmbr0 -p tcp -d 19.19.8.10 --dport 10000:10999 -j DNAT --to 172.22.161.170:10000-10999

        iptables -t nat -D PREROUTING -i vmbr0 -p tcp -d 10.10.20.200 --dport 10001 -j DNAT --to 172.30.30.1:10001
        iptables -t nat -D PREROUTING -i vmbr0 -p udp -d 10.10.20.200 --dport 10001 -j DNAT --to 172.30.30.1:10001

多VLAN网卡配置

file

iptablesNetwork
暂无评论

发送评论 编辑评论 


				

			

						

				

					

						

							

								
							

							
						

					

				

				

					

						

							

								
							

							
						

					

				

				

					

						

							

								
							

							
							
													

					

				

			

			
			

				

					
				

			

				

											

							
							
						

																					

							
							
						

										
					
											
						

	

		
|´・ω・)ノ
ヾ(≧∇≦*)ゝ
(☆ω☆)
(╯‵□′)╯︵┴─┴
 ̄﹃ ̄
(/ω\)
∠( ᐛ 」∠)_
(๑•̀ㅁ•́ฅ)
→_→
୧(๑•̀⌄•́๑)૭
٩(ˊᗜˋ*)و
(ノ°ο°)ノ
(´இ皿இ`)
⌇●﹏●⌇
(ฅ´ω`ฅ)
(╯°A°)╯︵○○○
φ( ̄∇ ̄o)
ヾ(´・ ・`。)ノ"
( ง ᵒ̌皿ᵒ̌)ง⁼³₌₃
(ó﹏ò。)
Σ(っ °Д °;)っ
( ,,´・ω・)ノ"(´っω・`。)
╮(╯▽╰)╭
o(*////▽////*)q
>﹏<
( ๑´•ω•) "(ㆆᴗㆆ)
😂
😀
😅
😊
🙂
🙃
😌
😍
😘
😜
😝
😏
😒
🙄
😳
😡
😔
😫
😱
😭
💩
👻
🙌
🖕
👍
👫
👬
👭
🌚
🌝
🙈
💊
😶
🙏
🍦
🍉
😣
Source: github.com/k4yt3x/flowerhd
	

	

		
颜文字
Emoji
小恐龙
花!
	


									

			

			
			
		

	






上一篇
下一篇