1.修改/etc/sysctl.conf

将net.ipv4.ip_forward = 0修改成1

然后保存退出执行sysctl -p立即生效

iptables -t nat -A POSTROUTING -s 172.16.0.0/12 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 172.16.0.0/12 -j SNAT --to-source 192.168.5.253
iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -j SNAT --to-source 192.168.5.253
service iptables save

 

iptables -t nat -A POSTROUTING -o ens192 -j MASQUERADE
route add -net 172.16.0.0/12 gw 10.0.0.1
route add -net 100.64.0.0/24 gw 10.0.0.1
route add -net 10.0.0.0/8 gw 10.0.0.1
route add -net 192.168.0.0/16 gw 10.0.0.1
route add -net 192.168.0.0/22 gw 10.0.0.1
route add -net 192.168.4.0/24 gw 10.0.0.1
(24条消息) linux启用NAT功能,双网卡共享网络,iptables简单实现_wzh312222的博客-CSDN博客_iptables 多网卡

 

 

 

快照:

iptables -t nat -A POSTROUTING -o ens192 -j MASQUERADE

route add -net 172.16.0.0/12 gw 10.0.0.1
route add -net 100.64.0.0/24 gw 10.0.0.1
route add -net 10.0.0.0/8 gw 10.0.0.1
route add -net 192.168.0.0/16 gw 10.0.0.1

 

[root@muban ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.5.1 0.0.0.0 UG 100 0 0 ens192
0.0.0.0 10.0.0.1 0.0.0.0 UG 101 0 0 ens224
10.0.0.0 0.0.0.0 255.0.0.0 U 101 0 0 ens224
100.64.0.0 10.0.0.1 255.255.255.0 UG 0 0 0 ens224
172.16.0.0 10.0.0.1 255.240.0.0 UG 0 0 0 ens224
192.168.0.0 10.0.0.1 255.255.0.0 UG 0 0 0 ens224
192.168.5.0 0.0.0.0 255.255.255.0 U 100 0 0 ens192

 

[root@muban ~]# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- anywhere anywhere

发表评论

邮箱地址不会被公开。 必填项已用*标注