把原来访问本机8888端口的流量转发到22端口,--permanent
ssh远程协议是基于TCP22端口传输控制指令的,如果想让用户通过其他端口号也可能访问ssh服务,就可以试试转发技术了。通过这项技术,新的端口在收到用户请求后会自动转达到原本服务的端口上。
- root@cpu:~# firewall-cmd --permanent --zone=trusted --add-forward-port=port=8888:proto=tcp:toport=22:toaddr=192.168.1.10
- success
root@cpu:~# firewall-cmd --get-default-zone
trusted
然后对应的zone修改
firewall-cmd --permanent --zone=trusted --add-forward-port=port=8888;proto=tcp;toport=22;toaddr=192.168.1.10
Connecting to 192.168.1.10:8888...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.
Connection closing...Socket close.
Connection closed by foreign host.
实现了基于firewalld的端口转发