如何使用 ip6tables 将一个端口重定向到另一个本地端口?
例如像这样的东西:
ip6tables -t nat -A 预路由 -j 重定向 -p tcp --dport 443 --to-ports 8443
嗯,这是一个老问题,但因为我需要做同样的事情......这是我发现的:
TPROXY
This target is only valid in the mangle table, in the PREROUTING chain and user-defined chains which are only called from this chain. It redirects the packet to a local socket without changing the packet header in any way. It can also change the mark value which can then be used in advanced routing rules. It takes three options:
--on-port port
This specifies a destination port to use. It is a required option, 0 means the new destination port is the same as the original. This is only valid if the rule also specifies -p tcp or -p udp.
--on-ip address
This specifies a destination address to use. By default the address is the IP address of the incoming interface. This is only valid if the rule also specifies -p tcp or -p udp.
--tproxy-mark value[/mask]
Marks packets with the given value/mask. The fwmark value set here can be used by advanced routing. (Required for transparent proxying to work: otherwise these packets will get forwarded, which is probably not what you want.)
当然,这仅对 ip6tables 有效。所以我想这是有效的:
ip6tables -t mangle -A PREROUTING -p tcp --dport 443 -j TPROXY --on-port 8443
不过,我还没有尝试过。
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)
