博威---云架构决胜云计算

 找回密码
 注册

QQ登录

只需一步,快速开始

搜索
查看: 2450|回复: 0

策略不起作用时,启用火墙的路由转发功能(IP和SPLAT平台)

[复制链接]
发表于 2010-10-9 10:48:15 | 显示全部楼层 |阅读模式
策略不起作用时,启用火墙的路由转发功能(IP和SPLAT平台)

  

通常大家都知道火墙策略在执行网关是unload状态时,内部网络无法访问到外网,默认情况下IP Forwarding 是禁用的,如需让内内网访问需要如下命令:

IPSO平台:

To manually enable IP Forwarding on a system with VPN-1/FireWall-1 installed, use the command:

nokia[admin]# ipsofwd on admin

To manually disable IP Forwarding, use the command:

nokia[admin]# ipsofwd off admin

The "admin" part of both commands is simply a tag to let you know who last changed IP Forwarding. You can determine who last changed the state of IP Forwarding by using the command: 'ipsofwd list'

On a system without VPN-1/FireWall-1 installed, you can enable IP forwarding with the following command:

nokia[admin]# ipsctl -w net:ip:forwarding 1

To disableIP forwarding without VPN-1/FireWall-1 installed:

nokia[admin]# ipsctl -w net:ip:forwarding 0


SPLAT平台:

校验如果 IP Forwarding 是否被启用:

more /proc/sys/net/ipv4/ip_forward

Note:如果提示文件不存在请允许如下命令:

touch /proc/sys/net/ipv4/ip_forward

如果“more”命令I输出的不是1,则运行如下命令:

echo 1 > /proc/sys/net/ipv4/ip_forward
您需要登录后才可以回帖 登录 | 注册

本版积分规则

小黑屋|手机版|Archiver|boway Inc. ( 冀ICP备10011147号 )

GMT+8, 2024-11-22 11:15 , Processed in 0.085601 second(s), 16 queries .

Powered by Discuz! X3.4

Copyright © 2001-2021, Tencent Cloud.

快速回复 返回顶部 返回列表