我有一个 Debian 主机和一个 ubuntu 访客。我想使用端口 8055 从外部连接到网络服务器(端口 80)。我尝试了这个“hack”http://wiki.libvirt.org/page/Networking#Forwarding_Incoming_Connections 但没有成功。然后我尝试手动 iptables:
iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 8055 -j DNAT --to-destination 192.168.122.234:80
iptables -A FORWARD -p tcp -d 192.168.122.234 --dport 8080 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
什么都没起作用。我不知道还能与你分享什么。
root@ms532:~# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp dpt:bootps
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere 192.168.122.0/24 state NEW,RELATED,ESTABLISHED
ACCEPT tcp -- anywhere 192.168.122.234 state NEW tcp dpt:9901
ACCEPT tcp -- anywhere 192.168.122.234 state NEW tcp dpt:http
ACCEPT all -- anywhere 192.168.122.0/24 ctstate RELATED,ESTABLISHED
ACCEPT all -- 192.168.122.0/24 anywhere
ACCEPT all -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
ACCEPT all -- anywhere 192.168.122.0/24 state NEW,RELATED,ESTABLISHED
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:bootpc