================================
#开启系统路由模式功能
echo net.ipv4.ip_forward=1>>/etc/sysctl.conf
sysctl -p
#开启firewalld
systemctl start firewalld
打开防火墙伪装IP
# 检查是否允许伪装IP,返回no表示没开启,反之开启伪装IP
firewall-cmd –query-masquerade
#设置IP地址伪装
firewall-cmd –add-masquerade –permanent
firewall-cmd –zone=public –add-port=443-444/tcp –permanent
firewall-cmd –add-forward-port=port=443:proto=tcp:toaddr=192.168.1.100:toport=443 –permanent
firewall-cmd –add-forward-port=port=444:proto=tcp:toaddr=192.168.1.100:toport=444 –permanent
firewall-cmd –reload
(PS:添加或删除端口后不会立即生效,配置完 –reload后才能生效;–permanent代表永久生效)
firewall-cmd –list-all
#查询所有配置