网络防火墙
REDIRECT: NAT表 可用于:PREROUTING OUTPUT 自定义链 通过改变目标IP和端口,将接受的包转发至不同端口 --to-ports port[-port] 准备: firewall:开启ip_forward功能 [root@firewall ~]#vim /etc/sysctl.conf net.ipv4.ip_forward = 1 [root@firewall ~]#sysctl -p [root@firewall ~]#sysctl -a 场景:服务端口转发 示例: iptables -t nat -A PREROUTING -d 10.0.0.108-p tcp --dport 80 -j REDIRECT --to-ports 8080 示例:承接DNAT[root@CentOS7-108 ~]# iptables -t nat -A PREROUTING -d 10.0.0.108 -p tcp --dport 80 -j REDIRECT --to-ports 8080
标签:REDIRECT,sysctl,--,防火墙,网络,firewall,PREROUTING,root From: https://www.cnblogs.com/cnblogsfc/p/14184084.html