iptables常用命令

查看input,output,forward

#iptables -L

查看nat
#iptables -t nat -L

添加映射

#iptables -t nat -A PREROUTING -d <外部IP> -p tcp --dport <外部端口> -j DNAT --to-destination 192.168.168.159:80

删除nat映射

#iptables -t nat -L --line-numbers
Chain PREROUTING (policy ACCEPT)
num target     prot opt source               destination
1    DNAT       tcp -- anywhere             router              tcp dpt:1433 to:192.168.1.10:1433
2    DNAT       tcp -- anywhere             router              tcp dpt:3306 to:192.168.1.20:3306
3    DNAT       tcp -- anywhere             router              tcp dpt:3389 to:192.168.1.30:3389
4    DNAT       tcp -- anywhere             router              tcp dpt:21 to:192.168.1.40:21
5    DNAT       tcp -- anywhere             router              tcp dpt:http to:192.168.1.50:80
6    DNAT       tcp -- anywhere             router              tcp dpt:ssh to:192.168.1.50:22
删除num=6

#iptables -t nat -D PREROUTING 6

posted on 2009-11-27 15:44 coffee 阅读(393) 评论(0) 编辑收藏举报

刷新页面返回顶部

coffee_cn

公告