search

Chion82 / netfilter-full-cone-nat

A kernel module to turn MASQUERADE into full cone SNAT
GNU General Public License v2.0
427 stars 121 forks source link

TCP Fullconenat 临时有限方案 #43

Open basncy opened 1 year ago

basncy commented 1 year ago

内网需要这功能的设备不能太多, 将部分端口范围划分给这些设备 内网机器: echo "20000 21999" >/proc/sys/net/ipv4/ip_local_port_range 网关: iptable -t nat -A PREROUTING -i ppp0 -p tcp -m multiport --dports 20000:21999 -j DNAT --to-destination 192.168.1.200