public void WritePairRule()
{
ushort forwardPort = 50500;
var forwardPortMatch = new TcpMatchBuilder().SetDstPort(forwardPort).Build();
// правило
var ktsDNatTarget = new DNatTargetBuilder().SetDestination("192.168.4.4", "192.168.4.4", 40, 40).Build();
var DnatRule = new RuleBuilder()
.SetProto("tcp")
.SetIp4Src("172.25.44.4")
.AddMatch(forwardPortMatch)
.SetTarget(ktsDNatTarget).Build();
var ktsPortMatch = new TcpMatchBuilder().SetDstPort(40).Build();
var DnatRule2 = new RuleBuilder()
.SetProto("tcp")
.SetIp4Src("172.25.44.5")
.AddMatch(forwardPortMatch)
.SetTarget(ktsDNatTarget).Build();
var ktsMasqTarget = new MasqueradeTargetBuilder().Build();
var MasqueradeRule = new RuleBuilder()
.SetProto("tcp")
.SetIp4Dst("192.168.4.4")
.AddMatch(ktsPortMatch)
.SetTarget(ktsMasqTarget).Build();
System.Console.WriteLine(DnatRule);
System.Console.WriteLine(MasqueradeRule);
using (var wr = new IptTransaction(Tables.NAT))
{
wr.AppendRule(Chains.PREROUTING, DnatRule);
wr.AppendRule(Chains.PREROUTING, DnatRule2);
wr.AppendRule(Chains.POSTROUTING, MasqueradeRule);
wr.Commit();
}
}
public void DeleteTcpMatch()
{
var tcpMatch = new TcpMatchBuilder().SetSrcPort(200, 300)
.SetFlags(new[] { "syn", "fin", "ack" }, new[] { "syn" })
.SetOption(16, true).Build();
var rule = new RuleBuilder()
.SetIp4Src("192.168.5.2/23")
.SetIp4Dst("192.168.5/24")
.SetInInterface("eno8")
.SetOutInterface("eno45", true, true)
.SetProto("tCp")
.AddMatch(tcpMatch)
.Accept();
using (var wr = new IptTransaction(Tables.NAT))
{
wr.AppendRule(Chains.POSTROUTING, rule);
wr.Commit();
var rules = wr.GetRules(Chains.POSTROUTING);
rule = rules.First();
var match = rule.Matches.First();
Assert.Equal("200:300", match[TcpMatchBuilder.SPORT_OPT]);
var target = rule.Target;
Assert.NotEmpty(rules);
Assert.Equal(TargetTypes.ACCEPT, target.Name);
}
using (var wr = new IptTransaction(Tables.NAT))
{
wr.DeleteRule(Chains.POSTROUTING, 1);
wr.Commit();
var rules = wr.GetRules(Chains.POSTROUTING);
Assert.Empty(rules);
}
}