NAT Å×À̺íÀ» ÀÌ¿ëÇؼ Æ®·¡ÇÈÀ» »±¹ðÀÌ µ¹·Áº¸µµ·Ï ÇÏ°Ú´Ù.
Å×½ºÆ®´Â ³×Æ®¿öÅ©¿Í ¹°¸®ÀûÀ¸·Î ¶³¾îÁø ½Ç¾ÆÀÌÇǸ¦ °¡Áö°í ÇغÃÀ¸¸ç ¿©±â¼´Â »ç¼³¾ÆÀÌÇǸ¦ ÅëÇؼ Àû¾îµÎ°Ú´Ù.
µé¾î¿Â´ë·Î ¿ªÀ¸·ÎÇؼ Æ®·¡ÇÈÀÌ ¿À°¡´Â°Ô È®ÀεȴÙ.
Ŭ¶óÀ̾ðÆ® IP : 218.xxx.xxx.201
192.168.1.2 (DACOM)--> 192.168.2.2 (KT) --> 192.168.3.2 (SK)
192.168.1.2 ¼¹ö ÆÐŶÆ÷¿öµù ¼³Á¤
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -d 192.168.1.2 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.2.2
iptables -t nat -A POSTROUTING -d 192.168.2.2 -j SNAT --to-source 192.168.1.2
192.168.1.2 ¼¹ö¿¡¼ È®ÀÎÇغ» ÆÐŶ
17:10:30.566163 IP 218.xxx.xxx.201.17143 > 192.168.1.2.80: P 2145:2860(715) ack 904 win 64933
17:10:30.575759 IP 192.168.1.2.80 > 218.xxx.xxx.201.17143: P 904:1205(301) ack 2860 win 25025
17:10:30.735420 IP 218.xxx.xxx.201.17143 > 192.168.1.2.80: . ack 1205 win 64632
192.168.2.2 ¼¹ö ÆÐŶÆ÷¿öµù ¼³Á¤
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -d 192.168.2.2 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.3.2
iptables -t nat -A POSTROUTING -d 192.168.3.2 -j SNAT --to-source 192.168.2.2
192.168.2.2 ¼¹ö¿¡¼ È®ÀÎÇغ» ÆÐŶ
17:10:33.787834 IP 192.168.1.2.17143 > 192.168.2.2.80: P 648796652:648797367(715) ack 2534465083 win 64933
17:10:33.787947 IP 192.168.2.2.17143 > 192.168.3.2.80: P 648796652:648797367(715) ack 2534465083 win 64933
17:10:33.795480 IP 192.168.3.2.80 > 192.168.2.2.17143: P 1:302(301) ack 715 win 25025
17:10:33.795491 IP 192.168.2.2.80 > 192.168.1.2.17143: P 1:302(301) ack 715 win 25025
17:10:33.957007 IP 192.168.1.2.17143 > 192.168.2.2.80: . ack 302 win 64632
17:10:33.957036 IP 192.168.2.2.17143 > 192.168.3.2.80: . ack 302 win 64632