服务器 Gind.cn
  1. 服务器 Gind.cn
  3. SNAT从不同的来源IP到多个目标IP
Intereting Posts
系统属性在MS 2008terminal服务器上的所有用户login时打开 具有故障转移的AWS Route53地理位置 如何使用tar做一个Ubuntu的根服务器的完整备份? 如何在Ubuntu中设置$ LD_LIBRARY_PATH? USB设备拔出时强制卸载内核模块? mysql服务器max_connect_errors,日志logging 如何使用iptables阻止两个接口之间的stream量? 如何找出我的linux系统正在使用哪个tnsnames.ora文件? Locust AWS python要求失败 有没有一个工具,可以把分区表信息和分区另一个基于它? 我可以将未authentication的电子邮件发送到内部SMTP服务器,然后中继到已validation的SMTP吗? 使用udev规则更改接口的mac(hw)地址 重复的MAC地址,可以被阻止? 虚拟PC不符合SQL Server 2005企业硬件要求? 在EC2上设置Rails 2.3.x应用程序,以便于扩展

SNAT从不同的来源IP到多个目标IP

我有一个pptp服务器,发出一个本地IP给成功的身份validation每个用户。 这些IP的范围是10.1.1.2-10.1.1.254。 这一切都可以,但是我有一套128个公共IP地址,我想用这些IP地址,当他们在互联网上看到他们拥有不同的公有IP(或者每个私有IP至less有一个公共IP)。

我没有在IPTables MASQUERADE,因为这将打败我的观点,所以我添加了一些POSTROUTING分配的IP,但这是行不通的,你可以给我一个为什么?

这是我在IPTABLES路由

iptables -t nat -A POSTROUTING -s 10.1.1.2 -o enp2s0f0 -j SNAT --to-source 111.222.62.131 iptables -t nat -A POSTROUTING -s 10.1.1.3 -o enp2s0f0 -j SNAT --to-source 111.222.62.131 iptables -t nat -A POSTROUTING -s 10.1.1.4 -o enp2s0f0 -j SNAT --to-source 111.222.62.132 iptables -t nat -A POSTROUTING -s 10.1.1.5 -o enp2s0f0 -j SNAT --to-source 111.222.62.132

正如你所看到的,我正在与私有IP共享公共IP。 问题是,有些连接OK到PPTP服务器,但没有路由到互联网,而其他人连接,可以路由罚款。

以下是iptables -t nat -L -v -n的输出: 

  Chain PREROUTING (policy ACCEPT 1152K packets, 91M bytes) pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 350K packets, 22M bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 26973 packets, 1619K bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 26975 packets, 1619K bytes) pkts bytes target prot opt in out source destination 303 43577 SNAT all -- * enp2s0f0 10.1.1.2 0.0.0.0/0 to:111.222.62.131 43696 2901K SNAT all -- * enp2s0f0 10.1.1.3 0.0.0.0/0 to:111.222.62.131 209K 15M SNAT all -- * enp2s0f0 10.1.1.4 0.0.0.0/0 to:111.222.62.132 642K 41M SNAT all -- * enp2s0f0 10.1.1.5 0.0.0.0/0 to:111.222.62.132 545K 56M SNAT all -- * enp2s0f0 10.1.1.6 0.0.0.0/0 to:111.222.62.133 330K 20M SNAT all -- * enp2s0f0 10.1.1.7 0.0.0.0/0 to:111.222.62.133 528K 38M SNAT all -- * enp2s0f0 10.1.1.8 0.0.0.0/0 to:111.222.62.134 0 0 SNAT all -- * enp2s0f0 10.1.1.10 0.0.0.0/0 to:111.222.62.135 128K 7713K SNAT all -- * enp2s0f0 10.1.1.11 0.0.0.0/0 to:111.222.62.135 46652 3366K SNAT all -- * enp2s0f0 10.1.1.12 0.0.0.0/0 to:111.222.62.136 110K 7777K SNAT all -- * enp2s0f0 10.1.1.14 0.0.0.0/0 to:111.222.62.137 164K 16M SNAT all -- * enp2s0f0 10.1.1.16 0.0.0.0/0 to:111.222.62.138 0 0 SNAT all -- * enp2s0f0 10.1.1.17 0.0.0.0/0 to:111.222.62.138 172K 18M SNAT all -- * enp2s0f0 10.1.1.18 0.0.0.0/0 to:111.222.62.139 1010 66407 SNAT all -- * enp2s0f0 10.1.1.19 0.0.0.0/0 to:111.222.62.139 170K 11M SNAT all -- * enp2s0f0 10.1.1.20 0.0.0.0/0 to:111.222.62.140 128K 9770K SNAT all -- * enp2s0f0 10.1.1.22 0.0.0.0/0 to:111.222.62.141 389K 26M SNAT all -- * enp2s0f0 10.1.1.23 0.0.0.0/0 to:111.222.62.141 261K 26M SNAT all -- * enp2s0f0 10.1.1.24 0.0.0.0/0 to:111.222.62.142 480K 34M SNAT all -- * enp2s0f0 10.1.1.25 0.0.0.0/0 to:111.222.62.142 256K 16M SNAT all -- * enp2s0f0 10.1.1.26 0.0.0.0/0 to:111.222.62.143 19186 1278K SNAT all -- * enp2s0f0 10.1.1.27 0.0.0.0/0 to:111.222.62.143 507K 32M SNAT all -- * enp2s0f0 10.1.1.28 0.0.0.0/0 to:111.222.62.144 19871 1261K SNAT all -- * enp2s0f0 10.1.1.29 0.0.0.0/0 to:111.222.62.144 295K 19M SNAT all -- * enp2s0f0 10.1.1.30 0.0.0.0/0 to:111.222.62.145 0 0 SNAT all -- * enp2s0f0 10.1.1.31 0.0.0.0/0 to:111.222.62.145 3721 278K SNAT all -- * enp2s0f0 10.1.1.32 0.0.0.0/0 to:111.222.62.146 0 0 SNAT all -- * enp2s0f0 10.1.1.33 0.0.0.0/0 to:111.222.62.146 515K 32M SNAT all -- * enp2s0f0 10.1.1.34 0.0.0.0/0 to:111.222.62.147 41889 3145K SNAT all -- * enp2s0f0 10.1.1.35 0.0.0.0/0 to:111.222.62.147 630K 45M SNAT all -- * enp2s0f0 10.1.1.36 0.0.0.0/0 to:111.222.62.148 131K 13M SNAT all -- * enp2s0f0 10.1.1.38 0.0.0.0/0 to:111.222.62.149 275K 18M SNAT all -- * enp2s0f0 10.1.1.39 0.0.0.0/0 to:111.222.62.149 0 0 SNAT all -- * enp2s0f0 10.1.1.40 0.0.0.0/0 to:111.222.62.150 118K 7865K SNAT all -- * enp2s0f0 10.1.1.41 0.0.0.0/0 to:111.222.62.150 589K 48M SNAT all -- * enp2s0f0 10.1.1.42 0.0.0.0/0 to:111.222.62.151 16463 1175K SNAT all -- * enp2s0f0 10.1.1.43 0.0.0.0/0 to:111.222.62.151 58869 4170K SNAT all -- * enp2s0f0 10.1.1.44 0.0.0.0/0 to:111.222.62.152 31771 2058K SNAT all -- * enp2s0f0 10.1.1.45 0.0.0.0/0 to:111.222.62.152 167K 15M SNAT all -- * enp2s0f0 10.1.1.47 0.0.0.0/0 to:111.222.62.153 0 0 SNAT all -- * enp2s0f0 10.1.1.48 0.0.0.0/0 to:111.222.62.154 5316 360K SNAT all -- * enp2s0f0 10.1.1.49 0.0.0.0/0 to:111.222.62.154 98939 6896K SNAT all -- * enp2s0f0 10.1.1.50 0.0.0.0/0 to:111.222.62.155 790K 69M SNAT all -- * enp2s0f0 10.1.1.51 0.0.0.0/0 to:111.222.62.155 64745 4131K SNAT all -- * enp2s0f0 10.1.1.52 0.0.0.0/0 to:111.222.62.156 89317 6077K SNAT all -- * enp2s0f0 10.1.1.53 0.0.0.0/0 to:111.222.62.156 251K 18M SNAT all -- * enp2s0f0 10.1.1.54 0.0.0.0/0 to:111.222.62.157 0 0 SNAT all -- * enp2s0f0 10.1.1.55 0.0.0.0/0 to:111.222.62.157 24222 2088K SNAT all -- * enp2s0f0 10.1.1.56 0.0.0.0/0 to:111.222.62.158 127K 8505K SNAT all -- * enp2s0f0 10.1.1.57 0.0.0.0/0 to:111.222.62.158 400K 27M SNAT all -- * enp2s0f0 10.1.1.58 0.0.0.0/0 to:111.222.62.159 0 0 SNAT all -- * enp2s0f0 10.1.1.59 0.0.0.0/0 to:111.222.62.159 313K 21M SNAT all -- * enp2s0f0 10.1.1.60 0.0.0.0/0 to:111.222.62.160 37024 2416K SNAT all -- * enp2s0f0 10.1.1.62 0.0.0.0/0 to:111.222.62.161 54308 3610K SNAT all -- * enp2s0f0 10.1.1.63 0.0.0.0/0 to:111.222.62.161 0 0 SNAT all -- * enp2s0f0 10.1.1.64 0.0.0.0/0 to:111.222.62.162 420K 26M SNAT all -- * enp2s0f0 10.1.1.65 0.0.0.0/0 to:111.222.62.162 93274 8624K SNAT all -- * enp2s0f0 10.1.1.66 0.0.0.0/0 to:111.222.62.163 207K 14M SNAT all -- * enp2s0f0 10.1.1.67 0.0.0.0/0 to:111.222.62.163 103K 6942K SNAT all -- * enp2s0f0 10.1.1.68 0.0.0.0/0 to:111.222.62.164 234K 20M SNAT all -- * enp2s0f0 10.1.1.69 0.0.0.0/0 to:111.222.62.164 130K 8657K SNAT all -- * enp2s0f0 10.1.1.70 0.0.0.0/0 to:111.222.62.165 0 0 SNAT all -- * enp2s0f0 10.1.1.71 0.0.0.0/0 to:111.222.62.165 36398 3140K SNAT all -- * enp2s0f0 10.1.1.73 0.0.0.0/0 to:111.222.62.166 97306 15M SNAT all -- * enp2s0f0 10.1.1.74 0.0.0.0/0 to:111.222.62.167 2275 143K SNAT all -- * enp2s0f0 10.1.1.75 0.0.0.0/0 to:111.222.62.167 404K 35M SNAT all -- * enp2s0f0 10.1.1.76 0.0.0.0/0 to:111.222.62.168 32052 2056K SNAT all -- * enp2s0f0 10.1.1.77 0.0.0.0/0 to:111.222.62.168 28211 2045K SNAT all -- * enp2s0f0 10.1.1.78 0.0.0.0/0 to:111.222.62.169 54749 3809K SNAT all -- * enp2s0f0 10.1.1.80 0.0.0.0/0 to:111.222.62.170 786 52297 SNAT all -- * enp2s0f0 10.1.1.81 0.0.0.0/0 to:111.222.62.170 27780 1898K SNAT all -- * enp2s0f0 10.1.1.82 0.0.0.0/0 to:111.222.62.171 195K 13M SNAT all -- * enp2s0f0 10.1.1.83 0.0.0.0/0 to:111.222.62.171 1466 97841 SNAT all -- * enp2s0f0 10.1.1.84 0.0.0.0/0 to:111.222.62.172 0 0 SNAT all -- * enp2s0f0 10.1.1.85 0.0.0.0/0 to:111.222.62.172 22968 1526K SNAT all -- * enp2s0f0 10.1.1.86 0.0.0.0/0 to:111.222.62.173 56645 3705K SNAT all -- * enp2s0f0 10.1.1.87 0.0.0.0/0 to:111.222.62.173 13654 1125K SNAT all -- * enp2s0f0 10.1.1.88 0.0.0.0/0 to:111.222.62.174 148K 9979K SNAT all -- * enp2s0f0 10.1.1.89 0.0.0.0/0 to:111.222.62.174 514K 94M SNAT all -- * enp2s0f0 10.1.1.90 0.0.0.0/0 to:111.222.62.175 18243 1235K SNAT all -- * enp2s0f0 10.1.1.91 0.0.0.0/0 to:111.222.62.175 30617 2214K SNAT all -- * enp2s0f0 10.1.1.92 0.0.0.0/0 to:111.222.62.176 0 0 SNAT all -- * enp2s0f0 10.1.1.93 0.0.0.0/0 to:111.222.62.176 31116 2061K SNAT all -- * enp2s0f0 10.1.1.94 0.0.0.0/0 to:111.222.62.177 74 4974 SNAT all -- * enp2s0f0 10.1.1.95 0.0.0.0/0 to:111.222.62.177 3482 215K SNAT all -- * enp2s0f0 10.1.1.96 0.0.0.0/0 to:111.222.62.178 90743 5996K SNAT all -- * enp2s0f0 10.1.1.97 0.0.0.0/0 to:111.222.62.178 0 0 SNAT all -- * enp2s0f0 10.1.1.98 0.0.0.0/0 to:111.222.62.179 91806 5965K SNAT all -- * enp2s0f0 10.1.1.99 0.0.0.0/0 to:111.222.62.179 4243 287K SNAT all -- * enp2s0f0 10.1.1.100 0.0.0.0/0 to:111.222.62.180 10963 711K SNAT all -- * enp2s0f0 10.1.1.101 0.0.0.0/0 to:111.222.62.180 0 0 SNAT all -- * enp2s0f0 10.1.1.102 0.0.0.0/0 to:111.222.62.181 373K 23M SNAT all -- * enp2s0f0 10.1.1.104 0.0.0.0/0 to:111.222.62.182 120K 7599K SNAT all -- * enp2s0f0 10.1.1.105 0.0.0.0/0 to:111.222.62.182 224K 15M SNAT all -- * enp2s0f0 10.1.1.106 0.0.0.0/0 to:111.222.62.183 6730 434K SNAT all -- * enp2s0f0 10.1.1.107 0.0.0.0/0 to:111.222.62.183 7337 473K SNAT all -- * enp2s0f0 10.1.1.108 0.0.0.0/0 to:111.222.62.184 4096 328K SNAT all -- * enp2s0f0 10.1.1.109 0.0.0.0/0 to:111.222.62.184 1326K 125M SNAT all -- * enp2s0f0 10.1.1.110 0.0.0.0/0 to:111.222.62.185 0 0 SNAT all -- * enp2s0f0 10.1.1.111 0.0.0.0/0 to:111.222.62.185 96620 6447K SNAT all -- * enp2s0f0 10.1.1.112 0.0.0.0/0 to:111.222.62.186 528K 34M SNAT all -- * enp2s0f0 10.1.1.113 0.0.0.0/0 to:111.222.62.186 0 0 SNAT all -- * enp2s0f0 10.1.1.114 0.0.0.0/0 to:111.222.62.187 2247 149K SNAT all -- * enp2s0f0 10.1.1.115 0.0.0.0/0 to:111.222.62.187 .... 355K 31M SNAT all -- * enp2s0f0 10.1.1.204 0.0.0.0/0 to:111.222.62.232 157K 11M SNAT all -- * enp2s0f0 10.1.1.205 0.0.0.0/0 to:111.222.62.232 0 0 SNAT all -- * enp2s0f0 10.1.1.206 0.0.0.0/0 to:111.222.62.233 244K 16M SNAT all -- * enp2s0f0 10.1.1.207 0.0.0.0/0 to:111.222.62.233 37067 2526K SNAT all -- * enp2s0f0 10.1.1.208 0.0.0.0/0 to:111.222.62.234 322K 19M SNAT all -- * enp2s0f0 10.1.1.209 0.0.0.0/0 to:111.222.62.234 506K 32M SNAT all -- * enp2s0f0 10.1.1.210 0.0.0.0/0 to:111.222.62.235 899K 78M SNAT all -- * enp2s0f0 10.1.1.211 0.0.0.0/0 to:111.222.62.235 422K 26M SNAT all -- * enp2s0f0 10.1.1.212 0.0.0.0/0 to:111.222.62.236 0 0 SNAT all -- * enp2s0f0 10.1.1.213 0.0.0.0/0 to:111.222.62.236 431K 28M SNAT all -- * enp2s0f0 10.1.1.215 0.0.0.0/0 to:111.222.62.237 839K 75M SNAT all -- * enp2s0f0 10.1.1.216 0.0.0.0/0 to:111.222.62.238 673K 43M SNAT all -- * enp2s0f0 10.1.1.217 0.0.0.0/0 to:111.222.62.238 571K 40M SNAT all -- * enp2s0f0 10.1.1.218 0.0.0.0/0 to:111.222.62.239 293K 23M SNAT all -- * enp2s0f0 10.1.1.219 0.0.0.0/0 to:111.222.62.239 582K 37M SNAT all -- * enp2s0f0 10.1.1.220 0.0.0.0/0 to:111.222.62.240 0 0 SNAT all -- * enp2s0f0 10.1.1.221 0.0.0.0/0 to:111.222.62.240 0 0 SNAT all -- * enp2s0f0 10.1.1.222 0.0.0.0/0 to:111.222.62.241 11039 758K SNAT all -- * enp2s0f0 10.1.1.223 0.0.0.0/0 to:111.222.62.241 106K 7021K SNAT all -- * enp2s0f0 10.1.1.224 0.0.0.0/0 to:111.222.62.242 0 0 SNAT all -- * enp2s0f0 10.1.1.225 0.0.0.0/0 to:111.222.62.242 391K 24M SNAT all -- * enp2s0f0 10.1.1.226 0.0.0.0/0 to:111.222.62.243 588K 37M SNAT all -- * enp2s0f0 10.1.1.227 0.0.0.0/0 to:111.222.62.243 427K 27M SNAT all -- * enp2s0f0 10.1.1.228 0.0.0.0/0 to:111.222.62.244 315K 20M SNAT all -- * enp2s0f0 10.1.1.229 0.0.0.0/0 to:111.222.62.244 28029 2421K SNAT all -- * enp2s0f0 10.1.1.230 0.0.0.0/0 to:111.222.62.245 0 0 SNAT all -- * enp2s0f0 10.1.1.231 0.0.0.0/0 to:111.222.62.245 0 0 SNAT all -- * enp2s0f0 10.1.1.232 0.0.0.0/0 to:111.222.62.246 0 0 SNAT all -- * enp2s0f0 10.1.1.233 0.0.0.0/0 to:111.222.62.246 0 0 SNAT all -- * enp2s0f0 10.1.1.234 0.0.0.0/0 to:111.222.62.247 0 0 SNAT all -- * enp2s0f0 10.1.1.235 0.0.0.0/0 to:111.222.62.247 0 0 SNAT all -- * enp2s0f0 10.1.1.236 0.0.0.0/0 to:111.222.62.248 0 0 SNAT all -- * enp2s0f0 10.1.1.237 0.0.0.0/0 to:111.222.62.248 0 0 SNAT all -- * enp2s0f0 10.1.1.238 0.0.0.0/0 to:111.222.62.249 0 0 SNAT all -- * enp2s0f0 10.1.1.239 0.0.0.0/0 to:111.222.62.249 0 0 SNAT all -- * enp2s0f0 10.1.1.240 0.0.0.0/0 to:111.222.62.250 0 0 SNAT all -- * enp2s0f0 10.1.1.241 0.0.0.0/0 to:111.222.62.250 0 0 SNAT all -- * enp2s0f0 10.1.1.242 0.0.0.0/0 to:111.222.62.251 0 0 SNAT all -- * enp2s0f0 10.1.1.243 0.0.0.0/0 to:111.222.62.251 0 0 SNAT all -- * enp2s0f0 10.1.1.244 0.0.0.0/0 to:111.222.62.252 0 0 SNAT all -- * enp2s0f0 10.1.1.245 0.0.0.0/0 to:111.222.62.252 0 0 SNAT all -- * enp2s0f0 10.1.1.246 0.0.0.0/0 to:111.222.62.253 0 0 SNAT all -- * enp2s0f0 10.1.1.247 0.0.0.0/0 to:111.222.62.253 0 0 SNAT all -- * enp2s0f0 10.1.1.248 0.0.0.0/0 to:111.222.62.254 0 0 SNAT all -- * enp2s0f0 10.1.1.249 0.0.0.0/0 to:111.222.62.254 1416 155K SNAT all -- * enp2s0f0 10.1.1.79 0.0.0.0/0 to:111.222.62.169 2178 266K SNAT all -- * enp2s0f0 10.1.1.72 0.0.0.0/0 to:111.222.62.166 1745 224K SNAT all -- * enp2s0f0 10.1.1.132 0.0.0.0/0 to:111.222.62.196 351 66601 SNAT all -- * enp2s0f0 10.1.1.61 0.0.0.0/0 to:111.222.62.160 22542 1519K SNAT all -- * enp2s0f0 10.1.1.37 0.0.0.0/0 to:111.222.62.148 2528 248K SNAT all -- * enp2s0f0 10.1.1.190 0.0.0.0/0 to:111.222.62.225 50795 3156K SNAT all -- * enp2s0f0 10.1.1.214 0.0.0.0/0 to:111.222.62.237 8893 688K SNAT all -- * enp2s0f0 10.1.1.15 0.0.0.0/0 to:111.222.62.137 2262 308K SNAT all -- * enp2s0f0 10.1.1.188 0.0.0.0/0 to:111.222.62.224 27080 1630K SNAT all -- * enp2s0f0 10.1.1.157 0.0.0.0/0 to:111.222.62.208 41620 2742K SNAT all -- * enp2s0f0 10.1.1.127 0.0.0.0/0 to:111.222.62.193 170 10545 SNAT all -- * enp2s0f0 10.1.1.46 0.0.0.0/0 to:111.222.62.153 0 0 SNAT all -- * enp2s0f0 10.1.1.124 0.0.0.0/0 to:111.222.62.192 11838 3173K SNAT all -- * enp2s0f0 10.1.1.21 0.0.0.0/0 to:111.222.62.140 59117 3942K SNAT all -- * enp2s0f0 10.1.1.103 0.0.0.0/0 to:111.222.62.181 154K 16M SNAT all -- * enp2s0f0 10.1.1.176 0.0.0.0/0 to:111.222.62.218 407 29599 SNAT all -- * enp2s0f0 10.1.1.13 0.0.0.0/0 to:111.222.62.136 2666 223K SNAT all -- * enp2s0f0 10.1.1.9 0.0.0.0/0 to:111.222.62.134

而从iptables -L FORWARD -v -n: 

 Chain FORWARD (policy ACCEPT 9052M packets, 10T bytes) pkts bytes target prot opt in out source destination 28M 53G ACCEPT all -- enp2s0f0 ppp0 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 27M 3429M ACCEPT all -- ppp0 enp2s0f0 0.0.0.0/0 0.0.0.0/0

从ip规则ls && ip路由ls 

 0: from all lookup local 32766: from all lookup main 32767: from all lookup default default via 111.222.62.129 dev enp2s0f0 onlink 10.1.1.4 dev ppp135 proto kernel scope link src 10.1.1.0 10.1.1.5 dev ppp14 proto kernel scope link src 10.1.1.0 10.1.1.6 dev ppp117 proto kernel scope link src 10.1.1.0 10.1.1.7 dev ppp60 proto kernel scope link src 10.1.1.0 10.1.1.8 dev ppp99 proto kernel scope link src 10.1.1.0 10.1.1.9 dev ppp92 proto kernel scope link src 10.1.1.0 10.1.1.11 dev ppp179 proto kernel scope link src 10.1.1.0 10.1.1.13 dev ppp143 proto kernel scope link src 10.1.1.0 10.1.1.14 dev ppp42 proto kernel scope link src 10.1.1.0 10.1.1.15 dev ppp164 proto kernel scope link src 10.1.1.0 10.1.1.16 dev ppp17 proto kernel scope link src 10.1.1.0 10.1.1.18 dev ppp82 proto kernel scope link src 10.1.1.0 10.1.1.19 dev ppp63 proto kernel scope link src 10.1.1.0 10.1.1.20 dev ppp153 proto kernel scope link src 10.1.1.0 10.1.1.21 dev ppp1 proto kernel scope link src 10.1.1.0 10.1.1.22 dev ppp155 proto kernel scope link src 10.1.1.0 10.1.1.23 dev ppp134 proto kernel scope link src 10.1.1.0 10.1.1.25 dev ppp88 proto kernel scope link src 10.1.1.0 10.1.1.26 dev ppp56 proto kernel scope link src 10.1.1.0 10.1.1.27 dev ppp75 proto kernel scope link src 10.1.1.0 10.1.1.28 dev ppp160 proto kernel scope link src 10.1.1.0 10.1.1.29 dev ppp171 proto kernel scope link src 10.1.1.0 10.1.1.30 dev ppp59 proto kernel scope link src 10.1.1.0 10.1.1.32 dev ppp13 proto kernel scope link src 10.1.1.0 10.1.1.34 dev ppp36 proto kernel scope link src 10.1.1.0 10.1.1.35 dev ppp146 proto kernel scope link src 10.1.1.0 10.1.1.36 dev ppp18 proto kernel scope link src 10.1.1.0 10.1.1.37 dev ppp103 proto kernel scope link src 10.1.1.0 10.1.1.37 dev ppp37 proto kernel scope link src 10.1.1.0 10.1.1.38 dev ppp104 proto kernel scope link src 10.1.1.0 10.1.1.39 dev ppp23 proto kernel scope link src 10.1.1.0 10.1.1.41 dev ppp31 proto kernel scope link src 10.1.1.0 10.1.1.42 dev ppp158 proto kernel scope link src 10.1.1.0 10.1.1.43 dev ppp121 proto kernel scope link src 10.1.1.0 10.1.1.44 dev ppp132 proto kernel scope link src 10.1.1.0 10.1.1.46 dev ppp138 proto kernel scope link src 10.1.1.0 10.1.1.47 dev ppp79 proto kernel scope link src 10.1.1.0 10.1.1.49 dev ppp61 proto kernel scope link src 10.1.1.0 10.1.1.50 dev ppp87 proto kernel scope link src 10.1.1.0 10.1.1.51 dev ppp46 proto kernel scope link src 10.1.1.0 10.1.1.52 dev ppp167 proto kernel scope link src 10.1.1.0 10.1.1.53 dev ppp166 proto kernel scope link src 10.1.1.0 10.1.1.54 dev ppp20 proto kernel scope link src 10.1.1.0 10.1.1.56 dev ppp93 proto kernel scope link src 10.1.1.0 10.1.1.57 dev ppp118 proto kernel scope link src 10.1.1.0 10.1.1.58 dev ppp24 proto kernel scope link src 10.1.1.0 10.1.1.60 dev ppp29 proto kernel scope link src 10.1.1.0 10.1.1.62 dev ppp52 proto kernel scope link src 10.1.1.0 10.1.1.63 dev ppp26 proto kernel scope link src 10.1.1.0 10.1.1.65 dev ppp89 proto kernel scope link src 10.1.1.0 10.1.1.66 dev ppp125 proto kernel scope link src 10.1.1.0 10.1.1.67 dev ppp147 proto kernel scope link src 10.1.1.0 10.1.1.68 dev ppp165 proto kernel scope link src 10.1.1.0 10.1.1.69 dev ppp112 proto kernel scope link src 10.1.1.0 10.1.1.70 dev ppp107 proto kernel scope link src 10.1.1.0 10.1.1.73 dev ppp115 proto kernel scope link src 10.1.1.0 10.1.1.73 dev ppp96 proto kernel scope link src 10.1.1.0 10.1.1.74 dev ppp130 proto kernel scope link src 10.1.1.0 10.1.1.75 dev ppp19 proto kernel scope link src 10.1.1.0 10.1.1.76 dev ppp3 proto kernel scope link src 10.1.1.0 10.1.1.77 dev ppp172 proto kernel scope link src 10.1.1.0 10.1.1.78 dev ppp184 proto kernel scope link src 10.1.1.0 10.1.1.80 dev ppp141 proto kernel scope link src 10.1.1.0 10.1.1.81 dev ppp149 proto kernel scope link src 10.1.1.0 10.1.1.82 dev ppp188 proto kernel scope link src 10.1.1.0 10.1.1.83 dev ppp15 proto kernel scope link src 10.1.1.0 .... 111.222.62.128/25 dev enp2s0f0 proto kernel scope link src 111.222.62.130

正如我现在所看到的,从您的详细更新中,很可能您没有在您的本地networking接口上分配这些IP。 您只在服务器上添加了111.222.62.130 。 为了使linux S(ource)NAT正常工作,你必须让每一个你正在NAT(到源代码)的IP地址实际添加到你的networking接口上。

检查ip address help ,了解如何将其他IP分配给接口。 您必须为每个想要SNAT工作的IP发出ip address add 111.222.62.X dev enp2s0f0 。 写一个脚本来填充这些值将会很方便。

请注意,一旦您将这些IP添加到您的本地界面,您将通过它们“暴露”您的服务器到Internet。 您可以使用iptables的input表来阻止不必要的本地连接到这些IP。 当地我的意思是只对你的服务器。 那些通过NAT来的只是FORWARD表。

PS:如果不是这样,也请检查并发布您的ip addr ls