Translate

<literal>REDIRECT</literal> (only in the <literal>nat</literal> table): redirect a packet to a given port of the firewall itself; this can be used to set up a transparent web proxy that works with no configuration on the client side, since the client thinks it connects to the recipient whereas the communications actually go through the proxy.
SourceTranslationState
72
<replaceable>chain_name</replaceable>: jump to the given chain and evaluate its rules;
<replaceable>链名(chain_name)</replaceable>:跳转到指定链并处理其规则;
73
<literal>RETURN</literal>: interrupt processing of the current chain, and return to the calling chain; in case the current chain is a standard one, there's no calling chain, so the default action (defined with the <literal>-P</literal> option to <command>iptables</command>) is executed instead;
<literal>返回</literal>:中断当前链的处理过程,并返回调用链;如果当前链是一个标准链,并且没有调用链,默认(有<command>iptables</command>中 <literal>-P</literal> 定义)就会执行该链;
74
<literal>SNAT</literal> (only in the <literal>nat</literal> table): apply <emphasis>Source NAT</emphasis> (extra options describe the exact changes to apply);
<literal>DNAT</literal>(仅存在于 <literal>nat</literal> 表中,即只在 IPv4 中):申请 <emphasis>目的地 NAT</emphasis>(额外选项描述而外的应用改变);
75
<literal>DNAT</literal> (only in the <literal>nat</literal> table): apply <emphasis>Destination NAT</emphasis> (extra options describe the exact changes to apply);
<literal>DNAT</literal>(仅存在于 <literal>nat</literal> 表中,即只在 IPv4 中):应用 <emphasis>目的地 NAT</emphasis>(额外的选项描述应用的精细改变);
76
<literal>MASQUERADE</literal> (only in the <literal>nat</literal> table): apply <emphasis>masquerading</emphasis> (a special case of <emphasis>Source NAT</emphasis>);
<literal>MASQUERADE</literal>(仅存在于 <literal>nat</literal> 表中,即只在 IPv4 中):申请 <emphasis>伪装</emphasis>( <emphasis>源 NAT</emphasis>的一个特例);
77
<literal>REDIRECT</literal> (only in the <literal>nat</literal> table): redirect a packet to a given port of the firewall itself; this can be used to set up a transparent web proxy that works with no configuration on the client side, since the client thinks it connects to the recipient whereas the communications actually go through the proxy.
<literal>重定向(REDIRECT)</literal>(仅存在于 <literal>nat</literal> 表中,即只在 IPv4 中):将数据包重定向到防火墙的指定端口;它可以用来设置透明网络代理,而不需要在客户端进行配置,客户端认为它在连接至接受者,而实际上它是通过代理通信。
78
Other actions, particularly those concerning the <literal>mangle</literal> table, are outside the scope of this text. The <citerefentry><refentrytitle>iptables</refentrytitle> <manvolnum>8</manvolnum></citerefentry> and <citerefentry><refentrytitle>ip6tables</refentrytitle> <manvolnum>8</manvolnum></citerefentry> have a comprehensive list.
其他规则,特别是和 <literal>mangle</literal> 表相关的,不在本章的范围。 <citerefentry><refentrytitle>iptables</refentrytitle> <manvolnum>8</manvolnum></citerefentry> 和 <citerefentry><refentrytitle>ip6tables</refentrytitle> <manvolnum>8</manvolnum></citerefentry> 有全面的清单介绍。
79
Syntax of <command>iptables</command> and <command>ip6tables</command>
<command>iptables</command> 和 <command>ip6tables</command>语法
80
The <command>iptables</command> and <command>ip6tables</command> commands allow manipulating tables, chains and rules. Their <literal>-t <replaceable>table</replaceable></literal> option indicates which table to operate on (by default, <literal>filter</literal>).
<command>iptables</command> 和 <command>ip6tables</command> 命令允许操作表格,链和规则。<literal>-t <replaceable>table</replaceable></literal> 选项指明要操作哪个表(默认,<literal>filter</literal>)。
81
Commands
命令
82
The <literal>-N <replaceable>chain</replaceable></literal> option creates a new chain. The <literal>-X <replaceable>chain</replaceable></literal> deletes an empty and unused chain. The <literal>-A <replaceable>chain</replaceable> <replaceable>rule</replaceable></literal> adds a rule at the end of the given chain. The <literal>-I <replaceable>chain</replaceable> <replaceable>rule_num</replaceable> <replaceable>rule</replaceable></literal> option inserts a rule before the rule number <replaceable>rule_num</replaceable>. The <literal>-D <replaceable>chain</replaceable> <replaceable>rule_num</replaceable></literal> (or <literal>-D <replaceable>chain</replaceable> <replaceable>rule</replaceable></literal>) option deletes a rule in a chain; the first syntax identifies the rule to be deleted by its number, while the latter identifies it by its contents. The <literal>-F <replaceable>chain</replaceable></literal> option flushes a chain (deletes all its rules); if no chain is mentioned, all the rules in the table are deleted. The <literal>-L <replaceable>chain</replaceable></literal> option lists the rules in the chain. Finally, the <literal>-P <replaceable>chain</replaceable> <replaceable>action</replaceable></literal> option defines the default action, or “policy”, for a given chain; note that only standard chains can have such a policy.
<literal>-N <replaceable>chain</replaceable></literal> 选项创建一个新链。<literal>-X <replaceable>chain</replaceable></literal> 删除不使用的空链。<literal>-A <replaceable>chain</replaceable><replaceable>rule</replaceable></literal> 在指定链的末尾添加规则。<literal>-I <replaceable>chain</replaceable> <replaceable>rule_num</replaceable><replaceable>rule</replaceable></literal> 选项在规则 <replaceable>rule_num</replaceable> 前插入一条规则。<literal>-D <replaceable>chain</replaceable><replaceable>rule_num</replaceable></literal>(或者<literal>-D <replaceable>chain</replaceable><replaceable>rule</replaceable></literal>)选项用来删除链中的一条规则;第一个语法根据号码指明要删除的规则,后者通过内容。<literal>-F <replaceable>chain</replaceable></literal> 选项冲掉一个链(删除所有规则);如果没有指明规则,则删除表中的所有规则。<literal>-L <replaceable>chain</replaceable></literal> 选项列出表中的规则。<literal>-P <replaceable>chain</replaceable><replaceable>action</replaceable></literal> 选项对指定的链定义默认操作,或“策略”;注意只有标准链可以设置该规则。

Loading…

Loading…

Glossary

Source Translation
BACK TO BASICS 基本知识
collection of tools 工具集
Firewall 防火墙
IN PRACTICE 实践
port 端口

Source information

Flags
xml-text
Source string age
3 years ago
Translation file
zh-CN/​14_security.po, string 77
String priority
Medium