Next Previous Contents

10. ¦b¦P¤@ºô¸ô¤Wªº Destination NAT

¦pªG±z­n°µ portforwarding ¦^¨ì¦P¤@­Óºô¸ô¡M±z­n½T©w«e¦V©M¦^À³«Ê¥]Âù¤è³£¸g¹L¸Ó NAT ¥D¾÷(³o¼Ë¥¦­Ì¤ ¯à³Q­×§ï)¡CNAT µ{¦¡±q²{¦b¶}©l(2.4.0-test6¥H«á)¡M·|¾×±¼«á­±±¡§Î©Ò²£¥Íªº¶Ç¥X ICMP ­«¾É¦V¡R¨º¨Ç¤w¸g NAT ªº«Ê¥]¥H¥¦©Ò¶i¤Jªº¬Û¦P¬É­±¶Ç¥X¡M¦Ó±µ¦¬ºÝ¦øªA¾¹¤´¹Á¸Õª½±µ¦^À³¨ì«È¤áºÝ(¤£»{¥i¸Ó¦^À³)¡C

¸g¨åªº±¡§Î¬O¤º³¡¤H­û¹Á¸Õ³s±µ¨ì±zªº `¤½¦³(public)' ºô¯¸¦øªA¾¹¡M¹ê»Ú¤W¬O±q¤½¦³¦a§}(1.2.3.4) DNAT ¨ì¤@­Ó¤º³¡ªº¾÷¾¹(192.168.1.1)¥h¡M´N¹³³o¼Ë¡R

# iptables -t nat -A PREROUTING -d 1.2.3.4 \
        -p tcp --dport 80 -j DNAT --to 192.168.1.1

¤@­Ó¤èªk¬O¶]¤@¥x¤º³¡ DNS ¦øªA¾¹¡M¥¦ª¾¹D±zªº¤½¦³ºô¯¸ªº¯u¥¿(¤º³¡) IP ¦a§}¡M¦Ó±N¨ä¥¦½Ð¨DÂà¶Çµ¹¥ ³¡ªº DNS ¦øªA¾¹¡C´«¦Ó¨¥¤§¡MÃö©ó±zºô¯¸¦øªA¾¹ªº°O¿ý·|¥¿½T¦aÅã¥Ü¬°¤º³¡ IP ¦a§}¡C

¦Ó¥t¤@­Ó¤èªk¬O¦P®ÉÅý³o¥x NAT ¥D¾÷±N¸Óµ¥³s½u¤§¨Ó·½ IP ¦a§}¬M¹ï¬°¥¦¦Û¤vªº¦a§}¡M§Ú­Ì¥i¥H¹³¦p¤U¨º¼Ë°µ(°²³] NAT ¥D¾÷¤§¤º³¡ IP ¦a§}¬° 192.168.1.250)¡R

# iptables -t nat -A POSTROUTING -d 192.168.1.1 -s 192.168.1.0/24 \
        -p tcp --dport 80 -j SNAT --to 192.168.1.250

¦]¬° PREROUTING ³W«h¬O³Ì¥ý°õ¦æªº¡M¹ï¤º³¡ºô¯¸¦øªA¾¹¦Ó¨¥¡M«Ê¥]´N¤w¸g³Q©w¦V¦n¤F¡R§Ú­Ì¥i¥H¤º©w¦n­þ­Ó¬°¨Ó·½ IP ¦a§}¡C


Next Previous Contents