Forward proxy scenarios:
Assume that the company has multiple servers on the same segment, there is only one server outside the network, other machines not outside the network, but want other machines also have a network, use yum to install the software, this time to do a forward proxy server , to achieve proxy access.
CentOS7 configure the gateway server by firewalld
Segment the network is 172.16.1.0/24
Outside the network can access the network server ip is 172.16.1.41
Internal network interface is ens37
1, the server can access the Internet
Start by adding forward ip_forward
vim / etc / the sysctl.conf net.ipv4.ip_forward = 1 allows to add content to take effect sysstl -p
2, forwarding traffic within the network, execute commands firewalld
First open the firewall service, perform the following actions
[root@ localhost ~]# firewall-cmd --add-masquerade --permanent success [root@ localhost ~]# firewall-cmd --permanent --direct --passthrough ipv4 -t nat -I POSTRPUTING -o ens37 -j MASQUERADE -s 172.16.1.0/24 success [root@ localhost ~]# firewall-cmd --reload success
3, the gateway adding the network server (without external server)
ens33 ifdown route the Add default gw 172.16 . 1.41 dev ens37 / provisional entry into force of vim the ifcfg - ens37 GATEWAY = machine outside the network ip have to restart the network card