public void WritePairRule()
{
ushort forwardPort = 50500;
var forwardPortMatch = new TcpMatchBuilder().SetDstPort(forwardPort).Build();
// правило
var ktsDNatTarget = new DNatTargetBuilder().SetDestination("192.168.4.4", "192.168.4.4", 40, 40).Build();
var DnatRule = new RuleBuilder()
.SetProto("tcp")
.SetIp4Src("172.25.44.4")
.AddMatch(forwardPortMatch)
.SetTarget(ktsDNatTarget).Build();
var ktsPortMatch = new TcpMatchBuilder().SetDstPort(40).Build();
var DnatRule2 = new RuleBuilder()
.SetProto("tcp")
.SetIp4Src("172.25.44.5")
.AddMatch(forwardPortMatch)
.SetTarget(ktsDNatTarget).Build();
var ktsMasqTarget = new MasqueradeTargetBuilder().Build();
var MasqueradeRule = new RuleBuilder()
.SetProto("tcp")
.SetIp4Dst("192.168.4.4")
.AddMatch(ktsPortMatch)
.SetTarget(ktsMasqTarget).Build();
System.Console.WriteLine(DnatRule);
System.Console.WriteLine(MasqueradeRule);
using (var wr = new IptTransaction(Tables.NAT))
{
wr.AppendRule(Chains.PREROUTING, DnatRule);
wr.AppendRule(Chains.PREROUTING, DnatRule2);
wr.AppendRule(Chains.POSTROUTING, MasqueradeRule);
wr.Commit();
}
}
public void WriteDNatTarget()
{
var dnatTarget = new DNatTargetBuilder().SetDestination("192.168.1.1", "192.168.1.10", 200, 300)
.SetRandom().Build();
var rule = new RuleBuilder()
.SetIp4Src("192.168.3.2/23")
.SetIp4Dst("192.168.3/24")
.SetInInterface("eno8")
.SetOutInterface("eno45", true, true)
.SetProto("tCp")
.SetTarget(dnatTarget)
.Build();
System.Console.WriteLine(rule);
using (var wr = new IptTransaction(Tables.NAT))
{
wr.AppendRule(Chains.PREROUTING, rule);
wr.Commit();
var rules = wr.GetRules(Chains.PREROUTING);
rule = rules.First();
var target = rule.Target;
System.Console.WriteLine(rule);
Assert.NotEmpty(rules);
Assert.Equal("192.168.1.1-192.168.1.10:200-300", target[DNatTargetBuilder.TO_DESTINATION_OPT]);
Assert.NotNull(target[DNatTargetBuilder.RANDOM_OPT]);
Assert.Equal(TargetTypes.DNAT, target.Name);
}
"iptables -t nat -F PREROUTING".Bash();
dnatTarget = new DNatTargetBuilder().SetDestination("192.168.10.1", "192.168.10.1", 200, 300)
.SetRandom().Build();
rule = new RuleBuilder()
.SetIp4Src("192.168.3.2/23")
.SetIp4Dst("192.168.3/24")
.SetInInterface("eno8")
.SetOutInterface("eno45", true, true)
.SetProto("tCp")
.SetTarget(dnatTarget)
.Build();
System.Console.WriteLine(rule);
using (var wr = new IptTransaction(Tables.NAT))
{
wr.AppendRule(Chains.PREROUTING, rule);
wr.Commit();
var rules = wr.GetRules(Chains.PREROUTING);
rule = rules.First();
var target = rule.Target;
System.Console.WriteLine(rule);
Assert.NotEmpty(rules);
Assert.Equal("192.168.10.1:200-300", target[DNatTargetBuilder.TO_DESTINATION_OPT]);
Assert.NotNull(target[DNatTargetBuilder.RANDOM_OPT]);
Assert.Equal(TargetTypes.DNAT, target.Name);
}
"iptables -t nat -F PREROUTING".Bash();
dnatTarget = new DNatTargetBuilder().SetDestinationWithProto(200, 300)
.SetRandom().Build();
rule = new RuleBuilder()
.SetIp4Src("192.168.3.2/23")
.SetIp4Dst("192.168.3/24")
.SetInInterface("eno8")
.SetOutInterface("eno45", true, true)
.SetProto("tCp")
.SetTarget(dnatTarget)
.Build();
System.Console.WriteLine(rule);
using (var wr = new IptTransaction(Tables.NAT))
{
wr.AppendRule(Chains.PREROUTING, rule);
wr.Commit();
var rules = wr.GetRules(Chains.PREROUTING);
rule = rules.First();
var target = rule.Target;
System.Console.WriteLine(rule);
Assert.NotEmpty(rules);
Assert.Equal(":200-300", target[DNatTargetBuilder.TO_DESTINATION_OPT]);
Assert.NotNull(target[DNatTargetBuilder.RANDOM_OPT]);
Assert.Equal(TargetTypes.DNAT, target.Name);
}
}
