本帖最后由 zxxx 于 2022-7-22 15:53 编辑
- echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf &&
- echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf &&
- echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf && sysctl -p
复制代码
- nano /etc/network/interfaces
复制代码
- # This file describes the network interfaces available on your system
- # and how to activate them. For more information, see interfaces(5)
- source /etc/network/interfaces.d/*
- auto lo
- iface lo inet loopback
-
- allow-hotplug enp4s0
- iface enp4s0 inet manual
-
- auto vmbr0
- iface vmbr0 inet static
- address 1.2.3.4
- netmask 255.255.255.0
- gateway 1.2.3.1
- bridge-ports enp4s0
- bridge-stp off
- bridge-fd 0
-
- auto vmbr1
- iface vmbr1 inet static
- address 192.168.1.1
- netmask 255.255.255.0
- bridge_ports none
- bridge_stp off
- bridge_fd 0
复制代码
- systemctl restart networking
复制代码
- apt install –assume-yes ifupdown2 net-tools &&
- apt install –assume-yes –no-install-recommends iptables-persistent netfilter-persistent &&
- systemctl enable netfilter-persistent
复制代码
- iptables -t nat -A POSTROUTING -s ‘192.168.1.0/24’ -o vmbr0 -j MASQUERADE
- iptables -t nat -A PREROUTING -i vmbr0 -p tcp –dport 10022 -j DNAT –to 192.168.1.2:22
- iptables -t nat -A PREROUTING -i vmbr0 -p tcp –dport 13389 -j DNAT –to 192.168.1.2:3389
- iptables-save > /etc/iptables/rules.v4
复制代码
|
