/etc/network/interfaces
auto vmbr2
iface vmbr2 inet static
address 10.99.0.254
netmask 255.255.255.0
bridge-ports none
bridge-stp off
bridge-fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '10.99.0.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.99.0.0/24' -o vmbr0 -j MASQUERADE
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 10022 -j DNAT --to 10.99.0.100:10022
post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 10022 -j DNAT --to 10.99.0.100:10022
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 10000 -j DNAT --to 10.99.0.100:10000
post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 10000 -j DNAT --to 10.99.0.100:10000
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 9999 -j DNAT --to 10.99.0.100:9999
post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 9999 -j DNAT --to 10.99.0.100:9999
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 8888 -j DNAT --to 10.99.0.100:8888
post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 8888 -j DNAT --to 10.99.0.100:8888
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 80 -j DNAT --to 10.99.0.100:80
post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 80 -j DNAT --to 10.99.0.100:80
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 443 -j DNAT --to 10.99.0.100:443
post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 443 -j DNAT --to 10.99.0.100:443
发表评论