我想将 0.0.0.0:22 路由到 192.168.122.179:22,这是一个虚拟机。这样我就可以通过键入主机的本地 IP 通过 SSH 访问我的虚拟机。但是,如果我尝试从主机到虚拟机进行 ssh,或者甚至(显然)从本地计算机到主机再到虚拟机,我都会被拒绝连接,
root@z:/home/lz# iptables -t nat -A PREROUTING -i eth1 -d 0.0.0.0 -p tcp --dport 22 -j DNAT --to-destination 192.168.122.179:22
root@z:/home/lz# iptables -t nat -L -n -v
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DNAT tcp -- eth1 * 0.0.0.0/0 0.0.0.0 tcp dpt:22 to:192.168.122.179:22
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
1161 89206 LIBVIRT_PRT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain LIBVIRT_PRT (1 references)
pkts bytes target prot opt in out source destination
5 340 RETURN all -- * * 192.168.122.0/24 224.0.0.0/24
0 0 RETURN all -- * * 192.168.122.0/24 255.255.255.255
39 2340 MASQUERADE tcp -- * * 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535
6 456 MASQUERADE udp -- * * 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535
0 0 MASQUERADE all -- * * 192.168.122.0/24 !192.168.122.0/24