Linux端口转发

因为上vps管理的时候速度太慢,又没条件经常弄vpn链接, 就买了一个速度挺快的vps,做了一个linux系统下的端口转发.

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -I PREROUTING -p tcp –dport 22 -j DNAT –to xx.xx.xx.xx
iptables -t nat -I POSTROUTING -p tcp –dport 22 -j MASQUERADE
service iptables save
service iptables restart

上面是相同端口转发,下面来个不同端口转发:

iptables -t nat -A PREROUTING -d 211.147.14.193 -p tcp –dport 80 -j DNAT –to-destination 211.147.14.102:3389
iptables -t nat -A POSTROUTING -d 211.147.14.102 -p tcp -m tcp –dport 3389 -j SNAT –to-source 211.147.14.193:80

附(完全清空iptables):

#!/bin/sh
#accept-all policy
IPT=’/usr/local/sbin/iptables’
$IPT -t nat -F
$IPT -t nat -X
$IPT -t nat -P PREROUTING ACCEPT
$IPT -t nat -P POSTROUTING ACCEPT
$IPT -t nat -P OUTPUT ACCEPT
$IPT -t mangle -F
$IPT -t mangle -X
$IPT -t mangle -P PREROUTING ACCEPT
$IPT -t mangle -P INPUT ACCEPT
$IPT -t mangle -P FORWARD ACCEPT
$IPT -t mangle -P OUTPUT ACCEPT
$IPT -t mangle -P POSTROUTING ACCEPT
$IPT -F
$IPT -X
$IPT -P FORWARD ACCEPT
$IPT -P INPUT ACCEPT
$IPT -P OUTPUT ACCEPT
$IPT -t raw -F
$IPT -t raw -X
$IPT -t raw -P PREROUTING ACCEPT
$IPT -t raw -P OUTPUT ACCEPT
点赞