oracle linux 做snat 的问题

剑之逸 发布于 2011/06/15 14:21
阅读 286
收藏 0

在oracle linux 6里面坐snat,如下同样的配置在centos 5里面很正常,在oracle Linux 6里面则出现,postrouting 链收不到数据包,从iptables-save来看,forward的数据包为零。请各位指点!!

设置了ip_forward 为1

iptables 策略如下:

*nat

:PREROUTING ACCEPT [609:55721]

:POSTROUTING ACCEPT [26:1961]

:OUTPUT ACCEPT [26:1961]

-A POSTROUTING -s 10.0.0.0/8 -o eth0 -j SNAT --to-source x.x.x.x

COMMIT

# Completed on Tue Jun 14 23:26:11 2011

# Generated by iptables-save v1.4.7 on Tue Jun 14 23:26:11 2011

*filter

:INPUT DROP [0:0]

:FORWARD ACCEPT [0:0]

:OUTPUT ACCEPT [191:22848]

-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

-A INPUT -p icmp -j ACCEPT

-A INPUT -i lo -j ACCEPT

-A INPUT -i eth1 -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT

-A INPUT -j REJECT --reject-with icmp-host-prohibited

-A FORWARD -j REJECT --reject-with icmp-host-prohibited


加载中
0
menke007
menke007
话说,我正在查snat是干嘛用的。
返回顶部
顶部