1、开启NAT转发
检查是否允许 NAT 转发
firewall-cmd –query-masquerade
开启 NAT 转发
firewall-cmd –permanent –zone=public –add-masquerade
禁止防火墙 NAT 转发
firewall-cmd –remove-masquerade
2、端口转发
添加
firewall-cmd –permanent –zone=public –add-forward-port=port=12345:proto=tcp:toaddr=x.x.x.x:toport=12345
移除
firewall-cmd –remove-forward-port=port=12345:proto=tcp:toaddr=x.x.x.x:toport=12345
3、重新读取防火墙配置
firewall-cmd –reload && firewall-cmd –list-all