{"id":2313,"date":"2014-03-15T10:00:32","date_gmt":"2014-03-15T02:00:32","guid":{"rendered":"http:\/\/kuki.idv.tw\/?p=2313"},"modified":"2014-03-15T10:00:32","modified_gmt":"2014-03-15T02:00:32","slug":"debian%e8%a8%ad%e5%ae%9anat","status":"publish","type":"post","link":"https:\/\/www.kuki.idv.tw\/?p=2313","title":{"rendered":"debian\u8a2d\u5b9aNAT"},"content":{"rendered":"<p>\u7e8c\u63a5\u4e0a\u4e00\u7bc7\u6587\u7ae0<\/p>\n<p>\u82e5\u8981\u8b93 DHCP \u7db2\u5167\u7684\u96fb\u8166\u53ef\u4ee5\u900f\u904e DHCP Server \u9023\u7dda\u51fa\u53bb\u2026<\/p>\n<p>\u6211\u5011\u5c31\u8981\u5c0d iptables \u6709\u6240\u8a2d\u5b9a\u2026<\/p>\n<p>1. \u9996\u5148\u2026<\/p>\n<div>\n<div id=\"highlighter_948556\">\n<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td>\n<div>1<\/div>\n<div>2<\/div>\n<div>3<\/div>\n<\/td>\n<td>\n<div>\n<div><code>user@Debian:~$ iptables -A INPUT -i eth0 -j ACCEPT<\/code><\/div>\n<div><\/div>\n<div><code># \u975e\u5fc5\u8981\u7684\uff0c\u4e3b\u8981\u7684\u76ee\u7684\u662f\u8b93eth0\u80fd\u5920\u5b8c\u5168\u7684\u4f7f\u7528 NAT \u4f3a\u670d\u5668\u8cc7\u6e90\u3002<\/code><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n<p>2. \u63a5\u8457 \u8b93\u5167\u90e8\u7db2\u8def\u7684\u5c01\u5305\u53ef\u4ee5\u8f49\u9001\u5230\u5916\u90e8<\/p>\n<div>\n<div id=\"highlighter_75201\">\n<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td>\n<div>1<\/div>\n<div>2<\/div>\n<div>3<\/div>\n<div>4<\/div>\n<div>5<\/div>\n<div>6<\/div>\n<div>7<\/div>\n<\/td>\n<td>\n<div>\n<div><code>user@Debian:~$ echo \"1\" &gt; \/proc\/sys\/net\/ipv4\/ip_forward<\/code><\/div>\n<div><\/div>\n<div><code>or<\/code><\/div>\n<div><\/div>\n<div><code>\u7de8\u8f2f \/etc\/sysctl.conf<\/code><\/div>\n<div><\/div>\n<div><code>net.ipv4.ip_forward=1\u00a0\u00a0\u00a0\u00a0 # \u82e5\u8981\u958b\u6a5f\u81ea\u52d5\u555f\u52d5\uff0c\u5c07\u6b64\u884c\u524d\u7684#\u5b57\u865f\u62ff\u6389<\/code><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n<p>3. \u958b\u555fNAT\u529f\u80fd\uff0c\u4f7f 192.168.1.0\/24 \u900f\u904e eth0 \u5c07\u5c01\u5305\u50b3\u9001\u51fa\u53bb<\/p>\n<div>\n<div id=\"highlighter_308431\">\n<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td>\n<div>1<\/div>\n<\/td>\n<td>\n<div>\n<div><code>user@Debian:~$ iptables -t nat -A POSTROUTING -s 192.168.1.0\/24 -o eth0 -j MASQUERADE<\/code><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n<p>4. \u82e5\u8981\u8b93\u5c0d\u5916\u7684port \u5982 8080\uff0c\u9023\u7dda\u81f3NAT\u5e95\u4e0b\u7684 192.168.1.2:80 \u9019\u53f0\u4e3b\u6a5f<\/p>\n<div>\n<div id=\"highlighter_887497\">\n<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td>\n<div>1<\/div>\n<\/td>\n<td>\n<div>\n<div><code>user@Debian:~$ iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 8080 -j DNAT --to-destination 192.168.1.2:80<\/code><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n<p>5. \u5132\u5b58\u8a2d\u5b9a\u503c\uff0c\u5373\u4f7f Server \u91cd\u65b0\u958b\u6a5f\uff0c\u4e5f\u6703\u5c07\u8a2d\u5b9a\u503c\u8f09\u5165<\/p>\n<div>\n<div id=\"highlighter_317730\">\n<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td>\n<div>1<\/div>\n<\/td>\n<td>\n<div>\n<div><code>user@Debian:~$ iptables-save &gt; \/\u5132\u5b58\u8def\u5f91\u6a94\u540d \u00a0 \u00a0 \u00a0 \u00a0\u00a0 #\u5c07\u8a2d\u5b9a\u503c\uff0c\u5132\u5b58\u6210\u4e00\u500b\u6a94\u6848<\/code><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n<p>6. \u4fee\u6539\u8a2d\u5b9a\uff0c\u4f7f\u91cd\u65b0\u958b\u6a5f\u5f8c\u81ea\u52d5\u8f09\u5165<\/p>\n<div>\n<div id=\"highlighter_917719\">\n<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td>\n<div>1<\/div>\n<div>2<\/div>\n<div>3<\/div>\n<\/td>\n<td>\n<div>\n<div><code>\u4fee\u6539\/etc\/network\/interfaces \uff0c\u6700\u4e0b\u9762\u52a0\u5165<\/code><\/div>\n<div><\/div>\n<div><code>pre-up iptables-restore &lt; \/\u5132\u5b58\u8def\u5f91\u6a94\u540d<\/code><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n<p>\u82e5\u8981\u770b\u8a73\u7d30\u7684\u8a2d\u5b9a\u5167\u5bb9\uff0c\u53ef\u4ee5\u5230\u9ce5\u54e5\u7db2\u9801\u53bb\u770b~<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u7e8c\u63a5\u4e0a\u4e00\u7bc7\u6587\u7ae0 \u82e5\u8981\u8b93 DHCP \u7db2\u5167\u7684\u96fb\u8166\u53ef\u4ee5\u900f\u904e DHCP Server \u9023\u7dda\u51fa\u53bb\u2026 \u6211\u5011\u5c31\u8981\u5c0d ipta &hellip; <a href=\"https:\/\/www.kuki.idv.tw\/?p=2313\" class=\"more-link\">\u95b1\u8b80\u5168\u6587<span class=\"screen-reader-text\">\u3008debian\u8a2d\u5b9aNAT\u3009<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/www.kuki.idv.tw\/index.php?rest_route=\/wp\/v2\/posts\/2313"}],"collection":[{"href":"https:\/\/www.kuki.idv.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kuki.idv.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kuki.idv.tw\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kuki.idv.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2313"}],"version-history":[{"count":1,"href":"https:\/\/www.kuki.idv.tw\/index.php?rest_route=\/wp\/v2\/posts\/2313\/revisions"}],"predecessor-version":[{"id":2314,"href":"https:\/\/www.kuki.idv.tw\/index.php?rest_route=\/wp\/v2\/posts\/2313\/revisions\/2314"}],"wp:attachment":[{"href":"https:\/\/www.kuki.idv.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2313"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kuki.idv.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2313"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kuki.idv.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2313"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}