User Tools
сервис_nat
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
сервис_nat [2021/10/20 09:52] val [Debian/Ubuntu (iptables)] |
сервис_nat [2024/04/08 16:37] val [nftables] |
||
|---|---|---|---|
| Line 8: | Line 8: | ||
| === Заполнение таблицы nat (eth1 - внешний интерфейс) === | === Заполнение таблицы nat (eth1 - внешний интерфейс) === | ||
| <code> | <code> | ||
| - | root@gate:~# apt install iptables | + | debian11# apt install iptables |
| root@gate:~# apt install conntrack | root@gate:~# apt install conntrack | ||
| Line 32: | Line 32: | ||
| </code> | </code> | ||
| - | === Сохранение состояния iptables === | + | === Управление состоянием iptables === |
| + | |||
| + | == Вариант 1 == | ||
| + | |||
| + | == Сохранение состояния iptables == | ||
| <code> | <code> | ||
| root@gate:~# iptables-save > /etc/iptables.rules | root@gate:~# iptables-save > /etc/iptables.rules | ||
| </code> | </code> | ||
| - | === Восстановление состояния iptables === | + | == Восстановление состояния iptables == |
| <code> | <code> | ||
| root@gate:~# iptables-restore < /etc/iptables.rules | root@gate:~# iptables-restore < /etc/iptables.rules | ||
| </code> | </code> | ||
| - | === Восстановление состояния iptables при загрузке === | + | == Восстановление состояния iptables при загрузке == |
| <code> | <code> | ||
| root@gate:~# cat /etc/network/interfaces | root@gate:~# cat /etc/network/interfaces | ||
| Line 51: | Line 55: | ||
| pre-up iptables-restore < /etc/iptables.rules | pre-up iptables-restore < /etc/iptables.rules | ||
| ... | ... | ||
| + | </code> | ||
| + | |||
| + | == Вариант 2 == | ||
| + | <code> | ||
| + | # apt install iptables-persistent | ||
| + | |||
| + | # netfilter-persistent save | ||
| + | </code> | ||
| + | |||
| + | ==== nftables ==== | ||
| + | |||
| + | * [[https://wiki.nftables.org/wiki-nftables/index.php/Performing_Network_Address_Translation_(NAT)|Performing Network Address Translation (NAT)]] | ||
| + | * https://wiki.debian.org/nftables | ||
| + | |||
| + | <code> | ||
| + | # apt install nftables | ||
| + | |||
| + | ... | ||
| + | # nft add rule nat postrouting ip saddr 192.168.22.0/24 oif eth1 snat to 10.5.7.122 | ||
| + | |||
| + | # nft list ruleset | ||
| + | |||
| + | # file /etc/nftables.conf | ||
| + | |||
| + | # systemctl enable nftables.service | ||
| </code> | </code> | ||
сервис_nat.txt · Last modified: 2024/04/23 14:00 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
