Shulou(Shulou.com)06/01 Report--

This article will explain in detail how to configure port mapping in Linux system. The editor thinks it is very practical, so I share it with you as a reference. I hope you can get something after reading this article.

1. Iptables command

-t Table >: specify the table to manipulate;-A: add entries to the rule chain;-D: delete entries from the rule chain;-I: insert entries into the rule chain;-R: replace entries in the rule chain;-L: display existing entries in the rule chain;-F: clear existing entries in the rule chain;-Z: clear packet calculators and byte counters in the rule chain -N: create a new user-defined rule chain;-P: define the default destination in the rule chain;-h: display help;-p: specify the type of packet protocol to match;-s: specify the source ip address of the packet to match;-j destination >: specify the destination to be redirected;-I network interface >: specify the network interface on which the packet enters the machine. -o Network Interface >: specifies the network interface on which the packet is to leave the machine. Iptables command options entry order:

Iptables-t table name rule chain name [rule number]-p protocol name-sport source port-dport destination port-j action table name includes:

Raw: advanced features, such as URL filtering.

Mangle: packet modification (QOS), used to achieve quality of service.

Nat: address translation for gateway routers.

Filter: packet filtering for firewall rules.

The name of the rule chain includes:

INPUT chain: processes input packets.

OUTPUT chain: processes output packets.

PORWARD chain: handles forwarding packets.

PREROUTING chain: used for destination address translation (DNAT).

POSTOUTING chain: for source address translation (SNAT).

Actions include:

Accept: receives a packet.

DROP: drop the packet.

REDIRECT: redirect, mapping, transparent proxy.

SNAT: source address translation.

DNAT: destination address translation.

MASQUERADE:IP camouflage (NAT) for ADSL.

LOG: logging.

Above reference: http://man.linuxde.net/iptables

Configure port 80 to forward to 8080

Iptables-t nat-A PREROUTING-p tcp-- dport 80-j REDIRECT-- to-ports 8080 operation table name nat, add rule name PREROUTING, protocol name tcp, forwarding port 80, action REDIRECT, to target port 8080

At this point, accessing http://ip is the same as http://ip:8080.

Disable port 8080:

Iptables-t manage-A PREROUTING-p tcp-- dport 8080-j DROP Save configuration rules

Centos:

Service iptables save can also be edited / etc/sysconfig/iptables

Ubuntu:

Sudo iptables-save > / etc/network/iptables.up.rules Editing / etc/network/interfaces

Join pre-up iptables-restore

Save exit.

Delete the mapping

1. Delete directly

Iptables-t nat-D PREROUTING-P TCP-- dport 80-j REDIRECT-- to-port 80802, enter / etc/sysconfig/iptables delete

3. Delete via line number

Iptables-L-n-v-- line-numbers lists all rules

If you want to delete the first rule in the input chain, use the following:

Iptables-D INPUT 1 remember to save the rule.

This is the end of the article on "how to configure port mapping in Linux system". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, please share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.