...
Code Block | ||||
---|---|---|---|---|
| ||||
$ sudo dladm create-etherstub stub2vsw0 $ sudo dladm create-vnic -l stub2vsw0 vz1int0 # for global zone and will be using as gateway for zones with exclusive interface # usedo ipadmskip ifstep neededbelow orbecause justzone usewill ifconfigup vnic #$with sudozone ipadm create-addr -T static -a 192.168.0.1/24 vz1/v4stat # static address for gateway for zones $boot, just add 'int1' to zone and primary link to 'vsw0' #$ sudo dladm create-vnic -l stub2vsw0 vz2int1 # for zone - look it, save mac address for exclusive ip-type and remove it $ sudo routeadm -u -e ipv4-forwarding # enable port forwarding $ sudo ndd -get /dev/tcp ip_forwarding # check it - it should be 1 |
...
root@myhost:/etc/ipf# cat ipnat.conf
map vmxnet3s0 192int0 10.16868.20.0/24 -> 0/32 proxy port ftp ftp/tcp
map vmxnet3s0 192int0 10.16868.20.0/24 -> 0/32 portmap tcp/udp auto
map vmxnet3s0 192int0 10.16868.20.0/24 -> 0/32
if need rule for access to 22 port to zone IP we can add
rdr vmxnet3s0 0int0 0/0 port 2222 -> 19210.16868.20.2 port 22
if will add access to zone 19210.16868.20.2:22 from external IP:2222
...