我有一个愚蠢的问题。我在一个新设施中放入一个新的syslog收集服务器。我们有许多不同类型的设备,我们正在同一端口上收集系统日志。所以我必须将单个IP重定向到新的IP地址。这是一个临时解决方案,直到我们有人力登录每个设备并在单个设备中创建所需的更改。问题是我们正在重定向的一些传入IP工作。有些不。
我要做的是以下Y.Y.Y.Y:514转发到X.X.X.X:514
我在允许源74.93.xxx.xxx目标208.67.xxx.xxx目标端口514中有一个iptable规则。然后我有一个预先路由以及以下信息 iptables -t nat -A PREROUTING -i eth0 -s 74.93.xxx.xxx -p udp --dport 514 -j DNAT --to-destination 209.173.xxx.xxx:514 -m comment --comment BAC:NameY
我可以从我的iptables视图中看到已传入169M,这是输出视图
[root@XXXXX ~]# iptables -L -v -n --line-numbers
Chain INPUT (policy ACCEPT 79M packets, 29G bytes)
num pkts bytes target prot opt in out source destination
1 572K 169M ACCEPT udp -- eth0 * 74.93.xxx.xxx 208.67.xxx.xxx udp dpt:514 /* NameY */
2 115M 25G ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:514
Chain FORWARD (policy ACCEPT 239M packets, 63G bytes)
num pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 29M packets, 11G bytes)
num pkts bytes target prot opt in out source destination
在我的Prerouting Chain中,我没有看到任何针对该DNAT的数据包,仅仅是输出视图:
[root@XXXXX ~]# iptables -t nat -L -n -v --line-numbers
Chain PREROUTING (policy ACCEPT 107K packets, 33M bytes)
num pkts bytes target prot opt in out source destination
1 0 0 DNAT udp -- eth0 * 74.93.xxx.xxx 0.0.0.0/0 udp dpt:514 /* NameY */ to:209.173.xxx.xxx:514
2 3468 676K DNAT udp -- eth0 * 205.201.xxx.xxx 0.0.0.0/0 udp dpt:514 /* NameB */ to:209.173.xxx.xxx:514
3 80425 21M DNAT udp -- eth0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:516 to:209.173.xxx.xxx:514
Chain POSTROUTING (policy ACCEPT 162 packets, 9467 bytes)
num pkts bytes target prot opt in out source destination
1 188K 28M MASQUERADE all -- * eth0 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 107K packets, 6473K bytes)
num pkts bytes target prot opt in out source destination
以下是我正在使用的服务器上的一些信息 服务器是Dell Poweredge 2950上的Redhat Ent 5,带有32GB内存 Linux 2.6.18-348.el5#1 SMP Wed Nov 28 21:22:00 EST 2012 x86_64 x86_64 x86_64 GNU / Linux
这是我的sysctl [root @XXXX~] #cat /etc/sysctl.conf #Red Hat Linux的内核sysctl配置文件 # #对于二进制值,禁用0,启用1。请参阅sysctl(8)和 #sysctl.conf(5)了解更多详情。
# Controls IP packet forwarding
net.ipv4.ip_forward = 1
# Controls source route verification
net.ipv4.conf.default.rp_filter = 1
# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0
# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0
# Controls whether core dumps will append the PID to the core filename
# Useful for debugging multi-threaded applications
kernel.core_uses_pid = 1
# Controls the use of TCP syncookies
net.ipv4.tcp_syncookies = 1
# Controls the maximum size of a message, in bytes
kernel.msgmnb = 65536
# Controls the default maxmimum size of a mesage queue
kernel.msgmax = 65536
# Controls the maximum shared segment size, in bytes
kernel.shmmax = 68719476736
# Controls the maximum number of shared memory segments, in pages
kernel.shmall = 4294967296
有什么问题我做错了,为什么我不能将74.93.xxx.xxx转发到新的IP? 感谢您的帮助,欢迎所有评论。
golgiapparatus
答案 0 :(得分:0)
这是我的ifconfig的输出。出于安全原因,我已经更改了一些信息
[root@myname ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:24:E8:62:AE:2F
inet addr:208.67.xxx.xxx Bcast:208.67.xxx.yyy Mask:255.255.255.224
inet6 addr: fe80::124:e6ff:fe51:ae8f/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:764714795 errors:0 dropped:23 overruns:0 frame:0
TX packets:436520147 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:218689483470 (203.6 GiB) TX bytes:125953479839 (117.3 GiB)
Interrupt:169 Memory:f8000000-f8012800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:5290847 errors:0 dropped:0 overruns:0 frame:0
TX packets:5290847 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3124832137 (2.9 GiB) TX bytes:3124832137 (2.9 GiB)