- 论坛徽章:
- 0
|
[root@lvs-m2 ~]# iptables -L -n //版本1.3.5
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255
ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0
ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:631
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2049
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:137
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:138
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:139
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:445
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2000
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:2000
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
从192.168.1.3:443访问转向---->192.168.18.4:443
iptables -t nat -A PREROUTING -i 192.168.1.3 -p tcp --dport 443 -d 192.168.1.3 -j DNAT --to 192.168.18.4
iptables -t nat -A POSTROUTING -o 192.168.1.3 -p tcp --dport 443 -s 192.168.18.4 -j SNAT --to 192.168.1.3 |
|
免费注册
发表于 2010-12-13 17:55
发表于 2010-12-13 20:26
