1、每台伺服器指定明細路由:
- route -n
- route add -host 218.218.218.218 gw 192.168.0.28
- route -n
2、0.28伺服器指定明細轉發規則。同時指定DNAT與SNAT
- iptables -t nat -A PREROUTING -d 123.123.123.123 -p tcp --dport 22205 -j DNAT --to-destination 192.168.0.5:5666
- iptables -t nat -A PREROUTING -d 123.123.123.123 -p tcp --dport 22226 -j DNAT --to-destination 192.168.0.26:5666
- iptables -t nat -A PREROUTING -d 123.123.123.123 -p tcp --dport 22227 -j DNAT --to-destination 192.168.0.27:5666
- iptables -t nat -A PREROUTING -d 123.123.123.123 -p tcp --dport 22231 -j DNAT --to-destination 192.168.0.31:5666
- iptables -t nat -A PREROUTING -d 123.123.123.123 -p tcp --dport 22241 -j DNAT --to-destination 192.168.0.41:5666
- iptables -t nat -A PREROUTING -d 123.123.123.123 -p tcp --dport 22242 -j DNAT --to-destination 192.168.0.42:5666
- iptables -t nat -A PREROUTING -d 123.123.123.123 -p tcp --dport 22243 -j DNAT --to-destination 192.168.0.43:5666
- iptables -t nat -A PREROUTING -d 123.123.123.123 -p tcp --dport 22244 -j DNAT --to-destination 192.168.0.44:5666
- iptables -t nat -A PREROUTING -d 123.123.123.123 -p tcp --dport 22245 -j DNAT --to-destination 192.168.0.45:5666
- iptables -t nat -A PREROUTING -d 123.123.123.123 -p tcp --dport 22246 -j DNAT --to-destination 192.168.0.46:5666
- iptables -t nat -A PREROUTING -d 123.123.123.123 -p tcp --dport 22247 -j DNAT --to-destination 192.168.0.47:5666
- iptables -t nat -A PREROUTING -d 123.123.123.123 -p tcp --dport 22248 -j DNAT --to-destination 192.168.0.48:5666
- iptables -t nat -A PREROUTING -d 123.123.123.123 -p tcp --dport 22249 -j DNAT --to-destination 192.168.0.49:5666
- iptables -t nat -A PREROUTING -d 123.123.123.123 -p tcp --dport 22250 -j DNAT --to-destination 192.168.0.50:5666
- iptables -t nat -A POSTROUTING -p tcp -s 192.168.0.5 --sport 5666 -j SNAT --to-source 123.123.123.123:22205
- iptables -t nat -A POSTROUTING -p tcp -s 192.168.0.25 --sport 5666 -j SNAT --to-source 123.123.123.123:22225
- iptables -t nat -A POSTROUTING -p tcp -s 192.168.0.26 --sport 5666 -j SNAT --to-source 123.123.123.123:22226
- iptables -t nat -A POSTROUTING -p tcp -s 192.168.0.27 --sport 5666 -j SNAT --to-source 123.123.123.123:22227
- iptables -t nat -A POSTROUTING -p tcp -s 192.168.0.31 --sport 5666 -j SNAT --to-source 123.123.123.123:22231
- iptables -t nat -A POSTROUTING -p tcp -s 192.168.0.41 --sport 5666 -j SNAT --to-source 123.123.123.123:22241
- iptables -t nat -A POSTROUTING -p tcp -s 192.168.0.42 --sport 5666 -j SNAT --to-source 123.123.123.123:22242
- iptables -t nat -A POSTROUTING -p tcp -s 192.168.0.43 --sport 5666 -j SNAT --to-source 123.123.123.123:22243
- iptables -t nat -A POSTROUTING -p tcp -s 192.168.0.44 --sport 5666 -j SNAT --to-source 123.123.123.123:22244
- iptables -t nat -A POSTROUTING -p tcp -s 192.168.0.45 --sport 5666 -j SNAT --to-source 123.123.123.123:22245
- iptables -t nat -A POSTROUTING -p tcp -s 192.168.0.46 --sport 5666 -j SNAT --to-source 123.123.123.123:22246
- iptables -t nat -A POSTROUTING -p tcp -s 192.168.0.47 --sport 5666 -j SNAT --to-source 123.123.123.123:22247
- iptables -t nat -A POSTROUTING -p tcp -s 192.168.0.48 --sport 5666 -j SNAT --to-source 123.123.123.123:22248
- iptables -t nat -A POSTROUTING -p tcp -s 192.168.0.49 --sport 5666 -j SNAT --to-source 123.123.123.123:22249
- iptables -t nat -A POSTROUTING -p tcp -s 192.168.0.50 --sport 5666 -j SNAT --to-source 123.123.123.123:22250
3、配置各nrpe,添加218.218.218.218監控ip
vi /usr/local/nagios/etc/nrpe.conf
4、重新開機nrpe
找到nrpe的程序号,
kill -HUP 程序号
或者kill -9 程序号
然後運作以下指令:
/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d
![企業資訊安全管理制度計算機管理制度機房管理制度網絡安全管理制度計算機病毒防治管理制度密碼安全保密制度涉密和非涉密移動存儲媒體管理制度病毒檢測和網絡安全漏洞檢測制度 案件報告和協查制度[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)