Closed odup closed 6 months ago
[2024-05-08][08:23:05][realm_core::tcp::middle][DEBUG][tcp]select remote peer, token: Some(Token(0)) [2024-05-08][08:23:05][realm_core::tcp::socket][DEBUG][tcp]172.16.1.200:443 resolved as 172.16.1.200:443 [2024-05-08][08:23:05][realm_core::tcp::socket][DEBUG][tcp]connect to 172.16.1.200:443 as 172.16.1.200:443 [2024-05-08][08:23:05][realm_core::tcp::middle][INFO][tcp]218.88.88.88:57184 => 172.16.1.200:443 as 172.16.1.200:443 母鸡系统为PVE,有独立公网IP,NAT网关为172.16.1.1,开了一台小鸡,把母鸡的80和443端口通过realm转发到172.16.1.200的小鸡,现在小鸡的宝塔服务获取的访问IP全是172.16.1.1,请问realm转发的时候默认带不带源IP和端口呢? 》如果不带需要配置什么? 》如果带那就打扰了,我看看NAT怎么配置可以让小鸡获取到源IP和端口。
[2024-05-08][08:23:05][realm_core::tcp::middle][DEBUG][tcp]select remote peer, token: Some(Token(0)) [2024-05-08][08:23:05][realm_core::tcp::socket][DEBUG][tcp]172.16.1.200:443 resolved as 172.16.1.200:443 [2024-05-08][08:23:05][realm_core::tcp::socket][DEBUG][tcp]connect to 172.16.1.200:443 as 172.16.1.200:443 [2024-05-08][08:23:05][realm_core::tcp::middle][INFO][tcp]218.88.88.88:57184 => 172.16.1.200:443 as 172.16.1.200:443
谢谢谢谢谢谢
IP头是由内核层面负责的, 应用层程序只能从TCP/UDP中读写数据。你的需求可以用iptables解决,用DNAT/SNAT来改写目标/来源IP.
或者如果小鸡上的服务支持 proxy-protocol 的话,可以让realm发送来源IP, 再由后续服务解析获取。
proxy-protocol
[2024-05-08][08:23:05][realm_core::tcp::middle][DEBUG][tcp]select remote peer, token: Some(Token(0)) [2024-05-08][08:23:05][realm_core::tcp::socket][DEBUG][tcp]172.16.1.200:443 resolved as 172.16.1.200:443 [2024-05-08][08:23:05][realm_core::tcp::socket][DEBUG][tcp]connect to 172.16.1.200:443 as 172.16.1.200:443 [2024-05-08][08:23:05][realm_core::tcp::middle][INFO][tcp]218.88.88.88:57184 => 172.16.1.200:443 as 172.16.1.200:443
母鸡系统为PVE,有独立公网IP,NAT网关为172.16.1.1,开了一台小鸡,把母鸡的80和443端口通过realm转发到172.16.1.200的小鸡,现在小鸡的宝塔服务获取的访问IP全是172.16.1.1,请问realm转发的时候默认带不带源IP和端口呢? 》如果不带需要配置什么? 》如果带那就打扰了,我看看NAT怎么配置可以让小鸡获取到源IP和端口。谢谢谢谢谢谢