Home > Developer > Linux

Review Linux port forwarding and forwarding process feeling

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Environment:

A server: Nic 1:192.168.1.151 nic 2:10.10.69.10

B Server: Nic 1:10.10.69.41


Requirements:

Access to 192.168.1.151:1521 is access to 10.10.69.41:1521


Enable port forwarding:

Echo 1 >/proc/sys/net/ipv4/ip_forward


Emptying the NAT table

Iptables-t nat-f


Port forwarding Configuration Detailed:

1. Simulate the Linux forwarding process:

Accessing 192.168.1.151:1521 through 192.168.1.171 accesses the 10.10.69.41:1521 forwarding process:

When a server accepts a packet:

SRC 192.168.1.171 Port DST 192.168.1.151 Port 1521

The following data packets are converted using the Dnat conversion destination port:

SRC 192.168.1.171 Port DST 10.10.69.41 Port 1521

The converted packets are then Snat or masquerade

SRC 10.10.69.10 Port DST 10.10.69.41 Port 1521


2. Command implementation:

First, the first Dnat conversion is implemented:

Iptables-t nat-a prerouting-p tcp-d 192.168.1.151--dport 1521-j DNAT--to-destination 10.10.69.41

(Main idea: The package that matches the DST 192.168.1.151 Port 1521 changes the destination address to 10.10.69.41)

2-Way Conversion src Address:

(1) then proceed to Masquerade

Iptables-t nat-a postrouting-p tcp-d 10.10.69.41--dport 1521-j Masquerade

(to the effect: Configure DST 10.10.69.41 Port 1521 packets to change the source address to the address of the network adapter for DST 10.10.69.41 Port 1521)

(2) using Snat conversion:

Iptables-t nat-a postrouting-p tcp-d 10.10.69.41--dport 1521-j SNAT--to-source 10.10.69.10

(Main idea: packages that match DST 10.10.69.41 Port 1521 change the source address to 10.10.69.10)




Actually, I've done it before, but I haven't made any notes.

This time the packet is stuck in the packet is first used Dnat then the modified packet is snat so I used

Iptables-t nat-a prerouting-p tcp-d 192.168.1.151--dport 1521-j DNAT--to-destination 10.10.69.4

Iptables-t nat-a postrouting-p tcp-d 10.192.168.1.151--dport 1521-j SNAT--to-source 10.10.69.10

This kind of statement is always unsuccessful major or the principle is not clear understand now the principle is clear in how can not be mistaken

This article is from the direction of the road. Confused "blog, be sure to keep this source http://qidai.blog.51cto.com/6435621/1650464

Review Linux port forwarding and forwarding process feeling

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
postgres port forwarding port forwarding ps4 remote desktop port forwarding fwd port forwarding app spectrum port forwarding sonicwall firewall port forwarding sonicwall port forwarding

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More