我已经在 iptables 中应用了一条规则
(Ubuntu x64 18)
sudo iptables -t nat -A OUTPUT -p tcp --dport 64080 -d 172.31.132.86 -j DNAT --to-destination 149.154.167.50:80
sudo iptables -t nat -v -L OUTPUT -n --line-number
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination
1 57677 3785K DOCKER all -- * * 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
2 79 4740 DNAT tcp -- * * 0.0.0.0/0 172.31.132.86 tcp dpt:64080 to:149.154.167.50:80
问题是我不明白我是否应该在本地端口上看到任何活动?
sudo ngrep -W byline -d any port 64080 -q
or
sudo tcpdump port 64080
当我这样做时什么也没有发生:
wget 172.31.132.86:64080
--2019-02-27 11:42:11-- http://172.31.132.86:64080/
Connecting to 172.31.132.86:64080... connected.
HTTP request sent, awaiting response... 404 Not Found
2019-02-27 11:42:11 ERROR 404: Not Found.
or
curl 172.31.132.86:64080
<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/0.3.33</center>
</body>
</html>
404 - 没问题。OUTPUT 可以自行工作。