一、route
-j 即jump
-A 即append
-F 刷新,-N新建,-X删除 链操作
-D删除
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.25.126.0 * 255.255.255.192 U 0 0 0 vmnet1
135.252.170.0 * 255.255.255.0 U 0 0 0 eth0
135.252.162.0 * 255.255.255.0 U 0 0 0 eth1
169.254.0.0 * 255.255.0.0 U 0 0 0 eth1
default Bj107306-apac-L 0.0.0.0 UG 0 0 0 eth0
route -A inet6 -n
Kernel IPv6 routing table
Destination Next Hop Flags Metric Ref Use Iface
2001:da8:8003:801::/64 :: U 256 1 0 eth0
fe80::/64 :: U 256 0 0 eth0
::/0 2001:da8:8003:801::1 UG 1 0 0 eth0
::1/128 :: U 0 124 1 lo
2001:da8:8003:801:202:120:1:2/128 :: U 0 0 1 lo
fe80::20c:29ff:fe0f:aa40/128 :: U 0 0 1 lo
ff00::/8 :: U 256 0 0 eth2
ff00::/8 :: U 256 0 0 eth0
route add -net 1.2.3.4 netmask 255.255.255.0 gw eth0
route add -net 1.2.3.4 netmask 255.255.255.0 dev eth0
route del -net 1.2.3.4 netmask 255.255.255.0 dev eth0
route add -host 1.2.3.4 dev eth0
二、iptables - administration tool for IPv4 packet filtering and NAT
Iptables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel. Several different tables may be defined.
Each table contains a number of built-in chains and may also contain user-defined chains.
Each chain is a list of rules which can match a set of packets. Each rule specifies what to do with a packet that matches. This is called a 'target',
which may be a jump to a user-defined chain in the same table.