# Generated by iptables-save v1.4.21 on Sat Jun 4 12:36:07 2016
*mangle
:PREROUTING ACCEPT [222:16966]
:INPUT ACCEPT [222:16966]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [144:15162]
:POSTROUTING ACCEPT [144:15162]
COMMIT
# Completed on Sat Jun 4 12:36:07 2016
# Generated by iptables-save v1.4.21 on Sat Jun 4 12:36:07 2016
*nat
:PREROUTING ACCEPT [6:1714]
:INPUT ACCEPT [6:1714]
:OUTPUT ACCEPT [21:1276]
:POSTROUTING ACCEPT [20:1200]
-A POSTROUTING -o enp2s0 -j MASQUERADE
COMMIT
# Completed on Sat Jun 4 12:36:07 2016
# Generated by iptables-save v1.4.21 on Sat Jun 4 12:36:07 2016
*filter
:INPUT ACCEPT [167:13042]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [108:10762]
-A FORWARD -i enp1s0 -j ACCEPT
COMMIT
# Completed on Sat Jun 4 12:36:07 2016
我似乎无法让NAT在coreos最新的准系统机器上运行,以下是私有网络
[Match]
Name=enp1s0
[Network]
DNS=8.8.8.8
DNS=8.8.4.4
Address=192.168.1.1/24
和enp2s0是一个可以访问互联网的附加连接,所需的行为是第二台机器可以通过enp1s0界面访问互联网。我还会发布第二台机器的网络配置
[Match]
Name=enp1s0
[Network]
DNS=8.8.8.8
DNS=8.8.4.4
Address=192.168.1.111/24
Gateway=192.168.1.1
更新
core@x35a ~ $ ip route show
default via xxx.xxx.xxx dev enp2s0 proto static
xxx.xxx.xxx/28 dev enp2s0 proto kernel scope link src xxx.xxx.xxx
192.168.1.0/24 dev enp1s0 proto kernel scope link src 192.168.1.1
core@x35a ~ $
答案 0 :(得分:-1)
sysctl -a | grep前进?当然你启用了转发? 我特别不熟悉CoreOs,但我认为你需要设置一些标志,以便将流量从一个接口转发到另一个接口。