From e650f88cbdb33aaf6b210732d047f0a9722a0513 Mon Sep 17 00:00:00 2001 From: arloor Date: Mon, 29 Apr 2024 14:18:29 +0800 Subject: [PATCH] Update log file paths and initialize log in main.rs --- a/log/nat.log_rCURRENT. | 72 ----------------------------------------- src/main.rs | 2 +- 2 files changed, 1 insertion(+), 73 deletions(-) delete mode 100644 a/log/nat.log_rCURRENT. diff --git a/a/log/nat.log_rCURRENT. b/a/log/nat.log_rCURRENT. deleted file mode 100644 index d87d4c9..0000000 --- a/a/log/nat.log_rCURRENT. +++ /dev/null @@ -1,72 +0,0 @@ -2024-04-29 14:12:53 [INFO] [src/log_x.rs:42] log is output to /repo/nftables-nat-rust/a/log/nat.log -2024-04-29 14:12:53 [INFO] [src/main.rs:24] kernel ip_forward config enabled! - -2024-04-29 14:12:53 [INFO] [src/main.rs:67] nftables脚本如下: -#!/usr/sbin/nft -f - -add table ip nat -delete table ip nat -add table ip nat -add chain nat PREROUTING { type nat hook prerouting priority -100 ; } -add chain nat POSTROUTING { type nat hook postrouting priority 100 ; } - -# 测试1 -# Single { src_port: 10000, dst_port: 443, dst_domain: "baidu.com", protocol: Tcp } -add rule ip nat PREROUTING tcp dport 10000 counter dnat to 110.242.68.66:443 -#add rule ip nat PREROUTING udp dport 10000 counter dnat to 110.242.68.66:443 -add rule ip nat POSTROUTING ip daddr 110.242.68.66 tcp dport 443 counter snat to 10.0.4.15 -#add rule ip nat POSTROUTING ip daddr 110.242.68.66 udp dport 443 counter snat to 10.0.4.15 - -# 测试2 -# Range { port_start: 1000, port_end: 2000, dst_domain: "baidu.com", protocol: All } -add rule ip nat PREROUTING tcp dport 1000-2000 counter dnat to 110.242.68.66:1000-2000 -add rule ip nat PREROUTING udp dport 1000-2000 counter dnat to 110.242.68.66:1000-2000 -add rule ip nat POSTROUTING ip daddr 110.242.68.66 tcp dport 1000-2000 counter snat to 10.0.4.15 -add rule ip nat POSTROUTING ip daddr 110.242.68.66 udp dport 1000-2000 counter snat to 10.0.4.15 - -#测试3 -# Single { src_port: 2222, dst_port: 22, dst_domain: "localhost", protocol: All } -add rule ip nat PREROUTING tcp dport 2222 redirect to :22 -add rule ip nat PREROUTING udp dport 2222 redirect to :22 - - -2024-04-29 14:12:53 [INFO] [src/main.rs:80] 执行/usr/sbin/nft -f /etc/nftables/nat-diy.nft -执行结果: exit status: 0 -2024-04-29 14:12:53 [INFO] [src/main.rs:90] WAIT:等待配置或目标IP发生改变.... - -2024-04-29 14:13:43 [INFO] [src/log_x.rs:42] log is output to /repo/nftables-nat-rust/a/log/nat.log -2024-04-29 14:13:43 [INFO] [src/main.rs:24] kernel ip_forward config enabled! - -2024-04-29 14:13:43 [INFO] [src/main.rs:67] nftables脚本如下: -#!/usr/sbin/nft -f - -add table ip nat -delete table ip nat -add table ip nat -add chain nat PREROUTING { type nat hook prerouting priority -100 ; } -add chain nat POSTROUTING { type nat hook postrouting priority 100 ; } - -# 测试1 -# Single { src_port: 10000, dst_port: 443, dst_domain: "baidu.com", protocol: Tcp } -add rule ip nat PREROUTING tcp dport 10000 counter dnat to 110.242.68.66:443 -#add rule ip nat PREROUTING udp dport 10000 counter dnat to 110.242.68.66:443 -add rule ip nat POSTROUTING ip daddr 110.242.68.66 tcp dport 443 counter snat to 10.0.4.15 -#add rule ip nat POSTROUTING ip daddr 110.242.68.66 udp dport 443 counter snat to 10.0.4.15 - -# 测试2 -# Range { port_start: 1000, port_end: 2000, dst_domain: "baidu.com", protocol: All } -add rule ip nat PREROUTING tcp dport 1000-2000 counter dnat to 39.156.66.10:1000-2000 -add rule ip nat PREROUTING udp dport 1000-2000 counter dnat to 39.156.66.10:1000-2000 -add rule ip nat POSTROUTING ip daddr 39.156.66.10 tcp dport 1000-2000 counter snat to 10.0.4.15 -add rule ip nat POSTROUTING ip daddr 39.156.66.10 udp dport 1000-2000 counter snat to 10.0.4.15 - -#测试3 -# Single { src_port: 2222, dst_port: 22, dst_domain: "localhost", protocol: All } -add rule ip nat PREROUTING tcp dport 2222 redirect to :22 -add rule ip nat PREROUTING udp dport 2222 redirect to :22 - - -2024-04-29 14:13:43 [INFO] [src/main.rs:80] 执行/usr/sbin/nft -f /etc/nftables/nat-diy.nft -执行结果: exit status: 0 -2024-04-29 14:13:43 [INFO] [src/main.rs:90] WAIT:等待配置或目标IP发生改变.... - diff --git a/src/main.rs b/src/main.rs index 481df0d..dd043e0 100644 --- a/src/main.rs +++ b/src/main.rs @@ -15,7 +15,7 @@ const NFTABLES_ETC: &str = "/etc/nftables"; const IP_FORWARD: &str = "/proc/sys/net/ipv4/ip_forward"; fn main() -> Result<(), Box>{ - log_x::init_log("a/log", "nat.log")?; + log_x::init_log("log", "nat.log")?; let _ = std::fs::create_dir_all(NFTABLES_ETC); // 修改内核参数,开启端口转发