Shulou(Shulou.com)06/01 Report--

Today, I will talk to you about how to implement port mapping in Linux and Windows. Many people may not know much about it. In order to let everyone know more, Xiaobian summarizes the following contents for everyone. I hope everyone can gain something according to this article.

1. Implement port mapping under Windows

1. Query port mapping

netsh interface portproxy show v4tov4

2. Query all port mappings of an IP

netsh interface portproxy show v4tov4 |find "[IP]" Example: netsh interface portproxy show v4tov4| find "192.168.1.1"

3. Add a port map

netsh interface portproxy add v4tov4 listeaddress =[external IP] listeport =[external port] connectaddress=[internal IP] connectport=[internal port] Example: netsh interface portproxy add v4tov4 listeaddress =2.2.2.2 listeport =8080 connectaddress=192.168.1.50 connectport=80

4. Delete a port mapping

netsh interface portproxy delete v4tov4 listeaddress =[external IP] listeport =[external port] Example: netsh interface portproxy delete v4tov4 listeaddress =2.2.2.2 listeport =8080

Port mapping under Linux

1. Allow packet forwarding

echo 1 >/proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTRUTING-j MASQUERADE iptables -A FORWARD -i [name of intranet network card] -j ACCEPT iptables -t nat -A POSTRUTING-s [intranet segment] -o [name of external network card] -j MASQUERADE Example: echo 1 >/proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -j MASQUERADE iptables -A FORWARD -i ens33 -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.50.0/24-o ens37 -j MASQUERADE

2. enable port forwarding

iptables -t nat -A PREROUTING -p tcp -m tcp --dport [external network port] -j DNAT --to-destination [internal network address]:[internal network port] Example: iptables -t nat -A PREROUTING -p tcp -m tcp --dport 6080 -j DNAT --to-destination 10.0.0.100:6090

Lab: Mapping services deployed on the intranet to the extranet

experimental environment

HarmonyOS Technology Community

VMWare Workstation Pro

5 minimum installed centos 7 virtual machines

lab topology

Internal and external networks are relative to Server4.

Server1 and Server2 are two servers in an intranet environment.

Server3 is a server in an external network environment;

Server4 is a dual-NIC host, connected to 192.168.50.0/24 and 172.16.2.0/24 networks respectively.

Configure the experimental environment

1. HTTP services on servers 1,2 and 3

Build a Simple HTTP Service on Server1 with Python

cd ~ echo "server1" > index.html python -m SimpleHTTPServer 8080

Server2 and Server3 are similar.

control experiment

Access Server1 resources on client

curl http://192.168.50.11:8080/index.html

Access Server2 resources on client

curl http://192.168.50.12:8080/index.htm

Access Server3 resources on client

curl http://172.16.2.11:8080/index.html

As you can see, clients on the external network cannot access resources on Server1 and Server2 on the internal network.

Configuring Port Mapping on Server4

temporarily configured

#Allow packet forwarding echo 1 >/proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -j MASQUERADE iptables -A FORWARD -i ens33 -j ACCEPTABLES-t nat -A POSTROUTING -s 192.168.50.0/24-o ens37 -j MASQUERADE #Set port mapping iptables -t nat -A PREROUTING -p tcp -m tcp --dport 8081 -j DNAT --to-destination 192.168.50.11:8080 iptables -t nat -A PREROUTING -p tcp -m tcp --dport 8082 -j DNAT --to-destination 192.168.50.12:8080

permanently configured

If permanent configuration is required, append the above command to the/etc/rc.local file.

check that effect

Access Server1 resources on client

curl http://172.16.2.100:8081/index.html

Access Server2 resources on client

curl http://172.16.2.100:8082/index.html

Access Server3 resources on client

curl http://172.16.2.11:8080/index.html

If Server4 is Windows, replace the corresponding command

Windows IP information is as follows

NIC IP address subnet mask Default gateway Remarks Ethernet 0192.168.50.105255.255.0-Intranet NIC Ethernet 1172.16.2.105255.255.0-Extranet NIC

Configure and view port mappings

netsh interface portproxy add v4tov4 listenaddress=172.16.2.105 listenport=8081 connectaddress=192.168.50.11 connectport=8080 netsh interface portproxy add v4tov4 listenaddress=172.16.2.105 listenport=8082 connectaddress=192.168.50.12 connectport=8080 netsh interface portproxy show v4tov4

check that effect

On the client node

curl http://172.16.2.105:8081/index.html curl http://172.16.2.105:8082/index.html curl http://172.16.2.11:8080/index.html

After reading the above, do you have any further understanding of how port mapping is implemented in Linux and Windows? If you still want to know more knowledge or related content, please pay attention to the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.