7x31
/
anylink
mirror of https://github.com/bjdgyc/anylink.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

默认开启 设置nat转发

This commit is contained in:
bjdgyc 2022-11-28 15:22:07 +08:00
parent d3f51a5af3
commit d51bc63419
5 changed files with 13 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
README.md
View File

@ -158,12 +158,14 @@ cat /proc/sys/net/ipv4/ip_forward
systemctl stop firewalld.service systemctl stop firewalld.service
systemctl disable firewalld.service systemctl disable firewalld.service
# 新版本支持自动设置nat转发如有其他需求可以参考下面的命令配置
# 请根据服务器内网网卡替换 eth0 # 请根据服务器内网网卡替换 eth0
iptables -t nat -A POSTROUTING -s 192.168.90.0/24 -o eth0 -j MASQUERADE # iptables -t nat -A POSTROUTING -s 192.168.90.0/24 -o eth0 -j MASQUERADE
# 如果执行第一个命令不生效,可以继续执行下面的命令 # 如果执行第一个命令不生效,可以继续执行下面的命令
# iptables -A FORWARD -i eth0 -s 192.168.90.0/24 -j ACCEPT # iptables -A FORWARD -i eth0 -s 192.168.90.0/24 -j ACCEPT
# 查看设置是否生效 # 查看设置是否生效
iptables -nL -t nat # iptables -nL -t nat
``` ```
2.2 使用全局路由转发(二选一) 2.2 使用全局路由转发(二选一)
@ -171,6 +173,9 @@ iptables -nL -t nat
```shell ```shell
# 假设anylink所在服务器的内网ip: 10.1.2.10 # 假设anylink所在服务器的内网ip: 10.1.2.10
# 首先关闭nat转发功能
iptables_nat = false
# 传统网络架构,在华三交换机添加以下静态路由规则 # 传统网络架构,在华三交换机添加以下静态路由规则
ip route-static 192.168.90.0 255.255.255.0 10.1.2.10 ip route-static 192.168.90.0 255.255.255.0 10.1.2.10
# 其他品牌的交换机命令,请参考以下地址 # 其他品牌的交换机命令,请参考以下地址
@ -255,9 +260,7 @@ ipv4_end = "10.1.2.200"
5. 启动容器 5. 启动容器
```bash ```bash
# -e IPV4_CIDR=192.168.10.0/24 这个参数要与配置文件内的网段一致
docker run -itd --name anylink --privileged \ docker run -itd --name anylink --privileged \
-e IPV4_CIDR=192.168.10.0/24
-p 443:443 -p 8800:8800 \ -p 443:443 -p 8800:8800 \
--restart=always \ --restart=always \
bjdgyc/anylink bjdgyc/anylink
@ -267,7 +270,6 @@ ipv4_end = "10.1.2.200"
```bash ```bash
# 参数可以参考 -h 命令 # 参数可以参考 -h 命令
docker run -itd --name anylink --privileged \ docker run -itd --name anylink --privileged \
-e IPV4_CIDR=192.168.10.0/24 \
-p 443:443 -p 8800:8800 \ -p 443:443 -p 8800:8800 \
--restart=always \ --restart=always \
bjdgyc/anylink \ bjdgyc/anylink \
@ -280,7 +282,7 @@ ipv4_end = "10.1.2.200"
#获取仓库源码 #获取仓库源码
git clone https://github.com/bjdgyc/anylink.git git clone https://github.com/bjdgyc/anylink.git
# 构建镜像 # 构建镜像
docker build -t anylink . docker build -t anylink -f docker/Dockerfile .
``` ```

4
docker/docker_entrypoint.sh
View File

@ -15,8 +15,8 @@ case $var1 in
*) *)
sysctl -w net.ipv4.ip_forward=1 sysctl -w net.ipv4.ip_forward=1
iptables -t nat -A POSTROUTING -s "${IPV4_CIDR}" -o eth0+ -j MASQUERADE #iptables -t nat -A POSTROUTING -s "${IPV4_CIDR}" -o eth0+ -j MASQUERADE
iptables -nL -t nat #iptables -nL -t nat
exec /app/anylink "$@" exec /app/anylink "$@"
;; ;;

2
server/base/config.go
View File

@ -61,7 +61,7 @@ var configs = []config{
{Typ: cfgInt, Name: "audit_interval", Usage: "审计去重间隔(秒),-1关闭", ValInt: -1}, {Typ: cfgInt, Name: "audit_interval", Usage: "审计去重间隔(秒),-1关闭", ValInt: -1},
{Typ: cfgBool, Name: "show_sql", Usage: "显示sql语句用于调试", ValBool: false}, {Typ: cfgBool, Name: "show_sql", Usage: "显示sql语句用于调试", ValBool: false},
{Typ: cfgBool, Name: "iptables_nat", Usage: "是否自动添加NAT", ValBool: false}, {Typ: cfgBool, Name: "iptables_nat", Usage: "是否自动添加NAT", ValBool: true},
} }
var envs = map[string]string{} var envs = map[string]string{}

2
server/conf/server-sample.toml
View File

@ -76,6 +76,6 @@ audit_interval = -1
show_sql = false show_sql = false
#是否自动添加nat #是否自动添加nat
iptables_nat = false iptables_nat = true

3
server/conf/server.toml
View File

@ -33,5 +33,4 @@ ipv4_gateway = "192.168.90.1"
ipv4_start = "192.168.90.100" ipv4_start = "192.168.90.100"
ipv4_end = "192.168.90.200" ipv4_end = "192.168.90.200"
#是否自动添加nat
iptables_nat = false