我使用此命令块将 80 路由到 8080,但现在不起作用
sudo sysctl -w net.ipv4.ip_forward=1
sudo iptables -t nat -A PREROUTING -i wlp8s0 -p tcp --dport 80 -j REDIRECT --to-port 8080
sudo iptables -P FORWARD ACCEPT
并且iptables -L -vt nat输出是;
Chain PREROUTING (policy ACCEPT 3 packets, 236 bytes)
pkts bytes target prot opt in out source destination
0 0 REDIRECT tcp -- wlp8s0 any anywhere anywhere tcp dpt:http redir ports 8080
Chain INPUT (policy ACCEPT 2 packets, 184 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 2 packets, 128 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 2 packets, 128 bytes)
最后,cat /proc/sys/net/ipv4/ip_forward输出 => 1
uname 输出;
Linux 4.9.0-3-amd64 #1 SMP Debian 4.9.30-2+deb9u3 (2017-08-06) GNU/Linux
我究竟做错了什么 ?
答案1
根据冷冻“这重定向目标用于将数据包和流重定向到机器本身[...]换句话说,这会将转发的数据包的目标地址重写为我们自己的主机,或类似的东西。“
您可以尝试(命令修改自https://stackoverflow.com/questions/242772/using-iptables-to-change-a-destination-port):
iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination <proxy_ip>:8080