端口转发

各平台端口转发方法

Windows

主要是使用 netsh 接口进行管理.

添加示例

netsh interface portproxy add v4tov4 listenaddress=addr listenport=port connectaddress=addr2 connectport=port2

其他选项

• netsh interface portproxy dump
• …show all
• …delete v4tov4 listenaddress=addr listenport=port
• …reset

Linux

使用 firewall-cmd

# Enable masquerading
$ sudo firewall-cmd --add-masquerade --permanent
 
# Port forward to a different port within same server ( 22 > 2022)
$ sudo firewall-cmd --add-forward-port=port=22:proto=tcp:toport=2022 --permanent
 
# Port forward to same port on a different server (local:22 > 192.168.2.10:22)
$ sudo firewall-cmd --add-forward-port=port=22:proto=tcp:toaddr=192.168.2.10 --permanent
 
# Port forward to different port on a different server (local:7071 > 10.50.142.37:9071)
$ sudo firewall-cmd --add-forward-port=port=7071:proto=tcp:toport=9071:toaddr=10.50.142.37 --permanent

使用 iptables

nat-HOWTO

cat /proc/sys/net/ipv4/conf/ppp0/forwarding
cat /proc/sys/net/ipv4/conf/eth0/forwarding
 
echo '1' | sudo tee /proc/sys/net/ipv4/conf/ppp0/forwarding
echo '1' | sudo tee /proc/sys/net/ipv4/conf/eth0/forwarding
 
iptables -t nat -A PREROUTING -p tcp -i ppp0 --dport 8001 -j DNAT --to-destination 192.168.1.200:8080
iptables -A FORWARD -p tcp -d 192.168.1.200 --dport 8080 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT