通过不同的接口转发发往特定端口的流量

tag-icon tag-icon linux vpn iptables
通过不同的接口转发发往特定端口的流量

我的 ISP 会限制某些类型的流量。为了解决这个问题,我考虑给自己建立一个 VPN 连接。是否可以使用 IPTABLES 将端口 119(例如)上的所有出站流量转发到我的 vpn 接口 pptp0?

谢谢

答案1

手册页 iptableshttp://unixhelp.ed.ac.uk/CGI/man-cgi?iptables+8

-o, --out-interface [!] name
      Name of an interface via which a packet is going to be sent (for
      packets  entering  the  FORWARD, OUTPUT and POSTROUTING chains).
      When the "!" argument is used before  the  interface  name,  the
      sense  is  inverted.   If the interface name ends in a "+", then
      any interface which begins with this name will match.   If  this
      option is omitted, any interface name will match.

PS: 端口的匹配扩展为:

mport
   This module matches a set of source or destination  ports.   Up  to  15
   ports can be specified.  It can only be used in conjunction with -p tcp
   or -p udp.

   --source-ports port[,port[,port...]]
      Match if the source port is one of the given  ports.   The  flag
      --sports is a convenient alias for this option.

   --destination-ports port[,port[,port...]]
      Match  if  the  destination port is one of the given ports.  The
      flag --dports is a convenient alias for this option.

   --ports port[,port[,port...]]
      Match if the both the source and destination ports are equal  to
      each other and to one of the given ports.

相关内容