Home PC Games Linux Windows Database Network Programming Server Mobile  
  Home \ Server \ Linux iptables port mapping settings     - To install HDRMerge 0.4.3 under ubuntu (Linux)

- MongoDB3.0.x version of the user authorization profile (stand-alone environment) (Database)

- CentOS 6.4 of cron scheduled task configuration (Linux)

- PXE + Kickstart automatically install CentOS 6.5 (Linux)

- Build your own Git server under Linux (Server)

- Java MD5 encryption implementation (Programming)

- Android Scroller call mechanism and the relationship of computeScroll (Programming)

- Supervisor Installation and Configuration (Server)

- No password on Oracle and MySQL login (Database)

- Python common data type summary (Programming)

- Linux partition command (Linux)

- Linux centos rm directory does not prompt (Linux)

- RHEL5.8 physical opportunities to Read-only file system (Linux)

- Linux operating system, the internal and external security overview (Linux)

- Service Discovery: Zookeeper vs etcd vs Consul (Server)

- Linux operating tips: Can not open file for writing or operation not permitted solution (Linux)

- The Linux disguised as windows to make the system more secure (Linux)

- CentOS system dual network card IP information configuration (Linux)

- Gentoo: existing preserved libs problem solving (Linux)

- Subquery Oracle study notes (Database)

  Linux iptables port mapping settings
  Add Date : 2018-11-21      
  Iptables port mapping settings are as follows:

Let us have a computer, there are two network cards, eth0 even outside the network, ip is; eth1 connected to the network, ip is now we need to be sent to address port 81 ip packet forwarded to. ip address port 8180 is set as follows:

1. iptables -t nat -A PREROUTING -d -p tcp -m tcp --dport 81 -j DNAT --to-destination192.168.0.2: 8180

2. iptables -t nat -A POSTROUTING -s -d -p tcp -m tcp --dport 8180 -j SNAT --to-source

The actual transmission process is as follows:

Suppose a client ip address, which uses port 1080 to connect the machine 81 port, ip packet sent to the source address of, the source port is 1080, the destination address is, destination port 81. After the host receives the packet, according to the first rule nat table, the destination address of the ip packets more as, the destination port is 8180 even more, while the connection tracking table to create an entry, (can be seen from / proc / net / ip_conntrack file), and then sent to the routing module, by checking the routing table to determine the ip packet should be sent to the eth1 interface. ip before sending the packet to the eth1 interface, based on the nat table the second rule, if the ip packets from the same subnet, then the ip packet's source address more that is, while updating the connection tracking table in the corresponding entry, and then sent to the eth1 interface issue.

Connection tracking table in this case one of:

Ligated into: src = dst = sport = 1080 dport = 81

Connection returns: src = dst = sport = 8180 dport = 1080

Whether to use: use = 1

Sent back from the ip packet, the source port is 8180, the destination address is, destination port is 1080, host of the TCP / IP stack receives the ip package, from the core to find connection tracking table the connection is returned if the column has the same source and destination addresses and ports match, Once found, according to an entry in the records of the source address of the ip packets from the as more of the, the source port from the 8180 more 81, to maintain the same destination port number 1080. return package so that the server can return the correct client initiated the connection, communication and thus began.

Another point in the filter table should also be allowed to connect from eth0 8180 address port:

iptables -A INPUT -d -p tcp -m tcp --dport 8180 -i eth0 -j ACCEPT

Through the above example, we know iptables port mapping settings is not difficult!
- Configuring automatic mail GAMIT under CentOS system (Linux)
- Linux tar compressed exclude a folder (Linux)
- How to manage the time and date at systemd Linux systems (Linux)
- Oracle database physical file backup / restore (Database)
- 20 Unix / Linux command skills (Linux)
- Ubuntu disable graphics card (Linux)
- Use Linux firewall camouflage defense hacked (Linux)
- How to use the Vault secure password storage and API key (Linux)
- Use HugePages optimize memory performance (Database)
- Kubernetes Cluster Setup problems encountered and solutions (Server)
- SQL Beginner Guide (Database)
- Using IntelliJ IDEA Import Spark Spark latest source code and compile the source code (Linux)
- CentOS 6.5 / 6.6 modify the default SSH port number (Linux)
- Ubuntu deployment Flask + UWSGI + Nginx Comments (Server)
- Java threads and thread pools (Programming)
- Ubuntu 14.10 / 14.04 / 12.04 virtual users to install the printing software Boomaga (Linux)
- To set up the printer use Nagios Monitoring Server (Server)
- Android Service Lifecycle and usage (Programming)
- C ++ Supplements --new delete overload (Programming)
- C ++ Const breaking rules (Programming)
  CopyRight 2002-2022 newfreesoft.com, All Rights Reserved.