基于时间的端口转发

Question

您可以使用--match模块向规则添加一些附加条件：

time match options:
    --datestart time     Start and stop time, to be given in ISO 8601
    --datestop time      (YYYY[-MM[-DD[Thh[:mm[:ss]]]]])
    --timestart time     Start and stop daytime (hh:mm[:ss])
    --timestop time      (between 00:00:00 and 23:59:59)
[!] --monthdays value    List of days on which to match, separated by comma (Possible days: 1 to 31; defaults to all)
[!] --weekdays value     List of weekdays on which to match, sep. by comma (Possible days: Mon,Tue,Wed,Thu,Fri,Sat,Sun or 1 to 7 Defaults to all weekdays.)
    --kerneltz           Work with the kernel timezone instead of UTC

看iptables -m time -h

结论：可以添加多个不同时间的转发规则。但是 tcp 会话将在目的地更改后中断（如豪克拉格上文提到的）

Answer 1

您可以使用--match模块向规则添加一些附加条件：

time match options:
    --datestart time     Start and stop time, to be given in ISO 8601
    --datestop time      (YYYY[-MM[-DD[Thh[:mm[:ss]]]]])
    --timestart time     Start and stop daytime (hh:mm[:ss])
    --timestop time      (between 00:00:00 and 23:59:59)
[!] --monthdays value    List of days on which to match, separated by comma (Possible days: 1 to 31; defaults to all)
[!] --weekdays value     List of weekdays on which to match, sep. by comma (Possible days: Mon,Tue,Wed,Thu,Fri,Sat,Sun or 1 to 7 Defaults to all weekdays.)
    --kerneltz           Work with the kernel timezone instead of UTC

看iptables -m time -h

结论：可以添加多个不同时间的转发规则。但是 tcp 会话将在目的地更改后中断（如豪克拉格上文提到的）

基于时间的端口转发

答案1

相关内容