root@server:~# iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 80 -o eth0 -m statistic --mode nth --every 3 --packet 0 -j SNAT --to-source XXX.XXX.XXX.133root@server:~# iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 80 -o eth0 -m statistic --mode nth --every 3 --packet 0 -j SNAT --to-source XXX.XXX.XXX.134root@server:~# iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 80 -o eth0 -m statistic --mode nth --every 3 --packet 0 -j SNAT --to-source XXX.XXX.XXX.135
它似乎有点工作,但有些事情并不可靠.传出IP的排序不太可预测,有时它们分布不均匀.
这是一个完全裸的Ubuntu安装,所以我不认为这个端口上有任何其他传出连接,但我可能是错的.
有谁知道如何使这更可靠?或者它已经做了正确的事情,我正在解释错误的结果?
我希望IP一个接一个地完美均匀可靠地分发.
以下是结果:
{"ip":"XXX.XXX.XXX.135","about":"/about","Pro!":"http://getJsonip.com"}root@server:~# curl Jsonip.com{"ip":"XXX.XXX.XXX.134","Pro!":"http://getJsonip.com"}root@server:~# curl Jsonip.com{"ip":"XXX.XXX.XXX.133","Pro!":"http://getJsonip.com"}root@server:~# curl Jsonip.com{"ip":"XXX.XXX.XXX.135","Pro!":"http://getJsonip.com"}root@server:~# curl Jsonip.com解决方法 如果你尝试会发生什么 –mode nth –every 3 –packet 0
–mode nth –every 2 –packet 0
–mode nth –every 1 –packet 0
我问,因为我看到几个引用计数器不是全局的事实.
This is a common misunderstanding – the counters are not shared and
since the rules are all terminal,the second rule will only see the
packets not caught by the first rule etc. So the proportions need to
be adjusted for the “missing” packetsIn the old days before nth was part of the statistics module –every 2 –packet 0….–every 2 –packet 1 would have been correct. Now there is no global counter and it is reset per rule. So,I needed to do –every 2 –packet 0…. –every 1 –packet 0 instead. Now it works perfectly.
这是其他人试图做你至少发现的事情.
总结以上是内存溢出为你收集整理的linux – 使用iptables轮换传出IP全部内容,希望文章能够帮你解决linux – 使用iptables轮换传出IP所遇到的程序开发问题。
如果觉得内存溢出网站内容还不错,欢迎将内存溢出网站推荐给程序员好友。
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)