开启转发支持
修改文件/etc/default/ufw,将默认转发策略修改为ACCEPT。
DEFAULT_FORWARD_POLICY="ACCEPT"修改文件/etc/ufw/sysctl.conf,开启系统转发支持。
net/ipv4/ip_forward=1端口转发配置
添加NAT到/etc/ufw/before.rules的配置。将以下内容添加到过滤器规则(*filter)之前
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
# Port Forwardings
-A PREROUTING -p tcp --dport 端口号 -j DNAT --to-destination 远程IP:端口号
-A POSTROUTING -j MASQUERADE
# don't delete the 'COMMIT' line or these rules won't be processed
COMMIT重启ufw
ufw disable && ufw enable测试
nmap -Pn xxx.xxx.xxx.xxx -p xxxxx
Starting Nmap 7.80 ( https://nmap.org ) at 2024-05-02 14:20 CST
Nmap scan report for xxx.xxx.xxx.xxx
Host is up (0.13s latency).
PORT STATE SERVICE
xxxxx/tcp open unknown
Nmap done: 1 IP address (1 host up) scanned in 1.81 seconds
评论