iptables -A FORWARD -s 192.168.1.48 -d 10.20.39.129 -i eth0 -o eth0 -p tcp --dport 3128 -j ACCEPT

iptables -t nat -A PREROUTING -s 192.168.1.0/24 -p tcp --dport 80 -j DNAT --to-destination 10.20.39.129:3128

iptables -t nat -A POSTROUTING -j MASQUERADE

sysctl net.ipv4.ip_forward=1

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128 ! -s 192.168.1.1

ssh -L 192.168.1.38:3128:bfs-x4150-20-xm4:3128 root@bfs-x4150-20-xm4

-A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128

-A POSTROUTING -s 192.168.1.0/24 -d 10.20.39.185/32 -o eth1 -j SNAT --to-source 192.168.1.30

Пеня

iptables -t nat -A POSTROUTING -s 192.168.1.20 -j NAT

10.16.240.0

iptables -A FORWARD -s 192.168.1.17 -d 173.194.66.109 -i eth1 -o eth1 -p tcp --dport 465 -j ACCEPT

iptables -t nat -A PREROUTING -s 192.168.1.17 -p tcp --dport 465 -j DNAT --to-destination 173.194.66.109:465 173.194.67.108

iptables -t nat -A POSTROUTING -j MASQUERADE

sysctl net.ipv4.ip_forward=1

iptables -t nat -A POSTROUTING -s 192.168.1.0/24 --dport 465 -i eth1 -o eth1 -j SNAT --to-source 192.168.1.1

iptables -t nat -A PREROUTING -s 192.168.1.0/24 -p tcp --dport 80 -i eth1 -j DNAT --to-destination 10.20.39.129:3128

iptables -t nat -A POSTROUTING -s 0.0.0.0/24 -p tcp -o eth1 -j SNAT --to-source 192.168.1.30

NAT на виртуальном хост Кита

-A PREROUTING ! -d 10.20.52.27/32 -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128

-A PREROUTING ! -d 192.168.122.1/32 -i virbr0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128

-A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p tcp -j MASQUERADE --to-ports 1024-65535

-A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p udp -j MASQUERADE --to-ports 1024-65535

-A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -j MASQUERADE