openEuler2203sp3中把ens33的网络分享给virbr0网卡

使用 ebtables 进行网卡桥接

  • 如果尚未安装 ebtables,可以通过包管理器安装:

    yum install ebtables

  • 添加 ebtables 规则: 使用 ebtables 将 ens33 的流量转发到 virbr0:

iptables -F
sudo ebtables -A FORWARD -i ens33 -o virbr0 -j ACCEPT
sudo ebtables -A FORWARD -i virbr0 -o ens33 -j ACCEPT
  • 设置 iptables 规则: 允许转发流量:
sudo iptables -A FORWARD -i ens33 -o virbr0 -j ACCEPT
sudo iptables -A FORWARD -i virbr0 -o ens33 -j ACCEPT
  • 启用 IP 转发:
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
sysctl -p
  • 保存规则: 使用 iptables-save 和 ebtables-save 命令保存规则,确保重启后规则仍然有效。
[root@32-op2203sp3 ~]# iptables-save
# Generated by iptables-save v1.8.7 on Sat Jul 27 19:46:56 2024
*mangle
:PREROUTING ACCEPT [9603:48616612]
:INPUT ACCEPT [972:62646]
:FORWARD ACCEPT [8414:48536746]
:OUTPUT ACCEPT [754:84076]
:POSTROUTING ACCEPT [9168:48620822]
:LIBVIRT_PRT - [0:0]
COMMIT
# Completed on Sat Jul 27 19:46:56 2024
# Generated by iptables-save v1.8.7 on Sat Jul 27 19:46:56 2024
*nat
:PREROUTING ACCEPT [162:12174]
:INPUT ACCEPT [20:1478]
:OUTPUT ACCEPT [50:3580]
:POSTROUTING ACCEPT [50:3580]
:LIBVIRT_PRT - [0:0]
-A POSTROUTING -o eth0 -j MASQUERADE
-A POSTROUTING -s 192.168.122.0/24 -o ens33 -j MASQUERADE
COMMIT
# Completed on Sat Jul 27 19:46:56 2024
# Generated by iptables-save v1.8.7 on Sat Jul 27 19:46:56 2024
*filter
:INPUT ACCEPT [150:9744]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [111:13304]
-A FORWARD -i ens33 -o virbr0 -j ACCEPT
-A FORWARD -i virbr0 -o ens33 -j ACCEPT
COMMIT
# Completed on Sat Jul 27 19:46:56 2024
[root@32-op2203sp3 ~]# ebtables-save
# Generated by ebtables-save v1.0 (legacy) on Sat Jul 27 07:47:05 PM CST 2024
*filter
:INPUT ACCEPT
:FORWARD ACCEPT
:OUTPUT ACCEPT
-A FORWARD -i ens33 -o virbr0 -j ACCEPT
-A FORWARD -i virbr0 -o ens33 -j ACCEPT

除规则

ebtables -F
iptables -F
vi /etc/sysconfig/iptables
...
-A POSTROUTING -o eth0 -j MASQUERADE                         # 删掉
-A POSTROUTING -s 192.168.122.0/24 -o ens33 -j MASQUERADE    # 删掉
...

results matching ""

    No results matching ""