把访问本机的XX端口,转发到其他机器的端口
vi /etc/sysctl.conf配置文件的 net.ipv4.ip_forward = 1 默认是0 这样允许iptalbes FORWARD
我是直接编辑文件改的 :sudo vi /etc/sysconfig/iptables
# Generated by iptables-save v1.4.7 on Sat Mar 1 17:49:09 2014 *nat :PREROUTING ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A PREROUTING -p tcp -m tcp --dport 8012 -j DNAT --to-destination 192.168.1.253:8012 -A POSTROUTING -p tcp -m tcp --dport 8012 -j MASQUERADE -A PREROUTING -p tcp -m tcp --dport 8000 -j DNAT --to-destination 192.168.1.253:8000 -A POSTROUTING -p tcp -m tcp --dport 8000 -j MASQUERADE -A PREROUTING -p tcp -m tcp --dport 8003 -j DNAT --to-destination 192.168.1.253:8003 -A POSTROUTING -p tcp -m tcp --dport 8003 -j MASQUERADE -A PREROUTING -p tcp -m tcp --dport 8009 -j DNAT --to-destination 192.168.1.253:8009 -A POSTROUTING -p tcp -m tcp --dport 8009 -j MASQUERADE -A PREROUTING -p tcp -m tcp --dport 8880 -j DNAT --to-destination 192.168.1.253:8880 -A POSTROUTING -p tcp -m tcp --dport 8880 -j MASQUERADE -A PREROUTING -p tcp -m tcp --dport 8010 -j DNAT --to-destination 192.168.1.253:8010 -A POSTROUTING -p tcp -m tcp --dport 8010 -j MASQUERADE -A PREROUTING -p tcp -m tcp --dport 8443 -j DNAT --to-destination 192.168.1.253:8443 -A POSTROUTING -p tcp -m tcp --dport 8443 -j MASQUERADE -A PREROUTING -p tcp -m tcp --dport 8090 -j DNAT --to-destination 192.168.1.244:8090 -A POSTROUTING -p tcp -m tcp --dport 8090 -j MASQUERADE -A PREROUTING -p tcp -m tcp --dport 8080 -j DNAT --to-destination 192.168.1.244:8080 -A POSTROUTING -p tcp -m tcp --dport 8080 -j MASQUERADE COMMIT # Completed on Sat Mar 1 17:49:09 2014
