1. enable the system's IP forwarding function cat/proc/sys/net/ipv4/ip_forwardecho1/proc/sys/net/ipv4/ip_forward # vi/etc/sysctl. conf # net. ipv4.ip _ forward12, adding PREROUTING and POSTROUTING192.168.22.16
1. enable the system's IP forwarding function
Cat/proc/sys/net/ipv4/ip_forward
Echo 1>/proc/sys/net/ipv4/ip_forward
# Vi/etc/sysctl. conf
# Net. ipv4.ip _ forward = 1
2. added PREROUTING and POSTROUTING.
The host of 192.168.22.16 has two addresses: 192.168.22.16 for external access and 172.16.21.16 for intranet access.
Iptables-T nat-a prerouting-d 192.168.22.16-p tcp -- dport 1059-j DNAT -- to-destination 172.16.21.100: 1059
Iptables-t nat-a postrouting-d 172.16.21.100-p tcp -- dport 1059-j SNAT -- to-source 172.16.21.16
Iptables-save
Service iptables restart
To view all iptables policies, run cat or vi to open/etc/sysconfig/iptables.
# Vi/etc/sysconfig/iptables
Iptables-t nat-L
Iptable-t filter-L
3. open the specified port for external access
Iptables-a input-p tcp -- dport 1059-j ACCEPT
4. run the iptables-save command to save the settings.
Iptables-save>/etc/sysconfig/iptables