Shulou(Shulou.com)06/01 Report--

Editor to share with you the example analysis of port mapping under Linux. I hope you will get something after reading this article. Let's discuss it together.

The port mapper can realize the function of port mapping. one of the main uses is to run this program on the gateway of the local area network and map a port of the gateway server to a port of a certain machine in the local area network. Port 8081 of the external access gateway server of the local area network is equivalent to accessing port 80 of a machine in the local area network.

Turn on IP forwarding

If IP forwarding is enabled (the router device is enabled by default), IP forwarding must be allowed, otherwise even if the nat mapping rule is set, mapping cannot occur, because packets cannot be sent without forwarding enabled.

Echo 1 > / proc/sys/net/ipv4/ip_forward maps from one machine to another

❝

Mapping relationship 192.168.122.1 nginx 80-> 192.168.122.221 A message that opens the local link of the nginx server on port 80 does not need to go through PREROUTING and POSTROUTING, so you must configure OUTPUT or you will find that the forwarding rules are invalid when tested on this machine!

The following rules are configured in 192.168.122.1, and then the machine in 192.168.122.1 (native) can access the "192.168.122.1 OUTPUT 80" iptables-t nat-An OUTPUT-p tcp-d 192.168.122.1-- dport 80-j DNAT-- to 192.168.122.221 tcp 80 in 192.168.122.1 configure the following rules Then, on 192.168.122.29 (other devices), you can access "192.168.122.1 tcp 80" # configure the destination address translation iptables-t nat-A PREROUTING-p tcp-d 192.168.122.1-- dport 80-j DNAT-- to 192.168.122.221-- source address translation iptables-t nat-A POSTROUTING-p tcp-d 192.168.122.221-- dport 80-j SNAT-- to 192. 168.122.1 from one port to another on this machine

❝

Mapping relationship 192.168.122.221 OUTPUT 8080-> 192.168.122.221 messages on the local link do not need to go through PREROUTING and POSTROUTING, so you must configure OUTPUT or you will find that the forwarding rules are invalid when tested on this machine! 192.168.122.221 turns on the nginx server at port 80

Configure the following rule in 192.168.122.221, mapping 8080 to 80, so that the machine accesses "127.0.0.1 nat-An OUTPUT-p tcp-d 127.0.0.1-- dport 8080-j DNAT-- to-port 127.0.0.1pur80 in 192.168.122.221, and 8080 maps to 80. This allows you to access "192.168.122.221 PREROUTING 8080" iptables-t nat-A PREROUTING-p tcp-- dport 8080-j REDIRECT-- to-ports 80 other # View nat chain rules iptables-t nat-L-n-- line-number# delete rule POSTROUTING rule 1iptables-t nat-D POSTROUTING 1

After reading this article, I believe you have some understanding of "example Analysis of Port Mapping under Linux". If you want to know more about it, please follow the industry information channel. Thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.