iptables로 리눅스 서버를 스위치(NAT)로 사용하기

[root@hostname]# ifconfig

enp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500

        inet 192.168.0.101  netmask 255.255.255.0  broadcast 192.168.0.255

        inet6 ffff::ffff:ffff:ffff:0000  prefixlen 64  scopeid 0x20<link>

        ether ff:ff:ff:ff:ff:00  txqueuelen 1000  (Ethernet)

        RX packets 2329091911  bytes 313123882288 (291.6 GiB)

        RX errors 0  dropped 0  overruns 0  frame 0

        TX packets 2799862162  bytes 228156582617 (212.4 GiB)

        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

enp2s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500

        inet 192.168.100.101  netmask 255.255.255.0  broadcast 192.168.100.255

        inet6 ffff::ffff:ffff:ffff:0001  prefixlen 64  scopeid 0x20<link>

        ether ff:ff:ff:ff:ff:01  txqueuelen 1000  (Ethernet)

        RX packets 12598  bytes 1538358 (1.4 MiB)

        RX errors 0  dropped 0  overruns 0  frame 0

        TX packets 13486  bytes 10185608 (9.7 MiB)

        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@hostname]# 

이 상황에서 enp1s0는 외부 인터넷 enp2s0는 내부 인터넷 으로 연결하려고 한다.

그렇다면 다음과 같이 iptables를 설정해야 한다.

[root@hostname]# iptables -A FORWARD -o enp1s0 -j ACCEPT

[root@hostname]# iptables -A FORWARD -o enp2s0 -j ACCEPT

[root@hostname]# iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE