登陆系统后:
1.显示防火墙 当前生效配置参数。
<H3C>display current-configuration
找到如下信息:
#
interface Ethernet0/0
ip address 172.16.1.1 255.255.255.0
nat outbound 2000
nat server protocol tcp global 172.16.1.1 www inside 192.168.1.254 www
nat server protocol tcp global 172.16.1.1 22 inside 192.168.1.254 22
2.进入系统视图
<H3C>system-view
[H3C]
3.进入网卡0
[H3C]interface ethernet0/0
[H3C-Ethernet0/0]
4.运行nat 命令添加FTP端口映射。
[H3C-Ethernet0/0] nat server protocol tcp global 172.16.1.1 ftp inside 192.168.1.254 ftp
5.查看防火墙当前生效配置参数。
<H3C>display current-configuration
找到如下信息:
interface Ethernet0/0
ip address 172.16.1.1 255.255.255.0
nat outbound 2000
nat server protocol tcp global 172.16.1.1 www inside 192.168.1.254 www
nat server protocol tcp global 172.16.1.1 22 inside 192.168.1.254 22
nat server protocol tcp global 172.16.1.1 ftp inside 192.168.1.254 ftp
6.测试FTP端口是否映射成功。
C:/Documents and Settings/aran>ftp 5X.21X.24X.24X
Connected to 5X.21X.24X.24X.
220 (vsFTPd 2.0.1)
User (5X.21X.24X.24X:(none)): aran
331 Please specify the password.
Password:
530 Login incorrect.
Login failed.
ftp> user
Username aran
331 Please specify the password.
Password:
230 Login successful.
ftp>
成功!拍照留念!~~睡觉~~~~~~~~
附:删除映射命令。
undo nat server protocol tcp global 172.16.1.1 ftp inside 192.168.1.254 ftp
![Netfilter——Netfilter中的HOOK机制一、如何在协议栈中调用钩子函数二、NF_HOOK 钩子函数[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)