在/etc/network/interfaces中最后加入1
pre-up iptables-restore < /path/to/iptables.rules
使得每次网卡重启自动执行。
rules文件中为1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19*nat
:PREROUTING ACCEPT [7:662]
:INPUT ACCEPT [7:662]
:OUTPUT ACCEPT [717:48011]
:POSTROUTING ACCEPT [0:0]
-A PREROUTING -d 10.2.7.210/32 -p tcp -m tcp --dport 7766 -j DNAT --to-destination x.x.x.x:8888
-A POSTROUTING -s x.x.x.x/32 -p tcp -m tcp --sport 8888 -j SNAT --to-source 10.2.7.210:7766
-A POSTROUTING -j MASQUERADE
COMMIT
# Completed on Fri Jun 5 14:12:19 2015
# Generated by iptables-save v1.4.12 on Fri Jun 5 14:12:19 2015
*filter
:INPUT ACCEPT [19822:27249214]
:FORWARD ACCEPT [1565:468167]
:OUTPUT ACCEPT [17661:1112617]
-A FORWARD -d 10.2.7.210/32 -p tcp -m tcp --dport 7766 -j ACCEPT
-A FORWARD -s x.x.x.x/32 -p tcp -m tcp --dport 8888 -j ACCEPT
COMMIT
#x.x.x.x=vps ip
