A-A+

#proxmox# proxmox的nat网络配置示例

2018年02月23日 运维 暂无评论 阅读 54 次
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

iface eno1 inet manual

auto vmbr0
iface vmbr0 inet static
    address xxx.xxx.xxx.xxx
    netmask 255.255.255.0
    gateway xxx.xxx.xxx.1
    bridge_ports eno1
    bridge_stp off
    bridge_fd 0

# The RPN network
allow-hotplug eno2
iface eno2 inet dhcp

auto vmbr1
iface vmbr1 inet static
    address 10.10.10.1
    netmask 255.255.255.0
    bridge_ports none
    bridge_stp off
    bridge_fd 0
    post-up echo 1 > /proc/sys/net/ipv4/ip_forward
    post-up iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE
    post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j MASQUERADE
    # linux
    post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 1022 -j DNAT --to 10.10.10.10:22
    post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 1022 -j DNAT --to 10.10.10.10:22
    post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 1122 -j DNAT --to 10.10.10.11:22
    post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 1122 -j DNAT --to 10.10.10.11:22
    post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 1222 -j DNAT --to 10.10.10.12:22
    post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 1222 -j DNAT --to 10.10.10.12:22
    post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 1322 -j DNAT --to 10.10.10.13:22
    post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 1322 -j DNAT --to 10.10.10.13:22
    post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 1422 -j DNAT --to 10.10.10.14:22
    post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 1422 -j DNAT --to 10.10.10.14:22
    # windows
    post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 13389 -j DNAT --to 10.10.10.101:3389
    post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 13389 -j DNAT --to 10.10.10.101:3389
    post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 23389 -j DNAT --to 10.10.10.102:3389
    post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 23389 -j DNAT --to 10.10.10.102:3389
    post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 33389 -j DNAT --to 10.10.10.103:3389
    post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 33389 -j DNAT --to 10.10.10.103:3389
    post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 43389 -j DNAT --to 10.10.10.104:3389
    post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 43389 -j DNAT --to 10.10.10.104:3389
    post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 53389 -j DNAT --to 10.10.10.105:3389
    post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp --dport 53389 -j DNAT --to 10.10.10.105:3389

 

标签:

给我留言

Copyright © C/C++程序员之家 保留所有权利.   Theme  Ality 浙ICP备15011757号-3

用户登录