ROS | Plnl‘s Notes笔记分享https://memo.plnl.me由于部分小伙伴家中有NAS或者需要跑PCDN,所以需要设置upnp、全局NAT1和端口映射、端口回流等 #ROS1、开启upnp打开upnp settings设置enabled,allow-disable-external-interface打勾interfaces菜单,选择“+”号pppoe-out1 【or】 wan-eth0,type:external(外网)Bridge1,type:internal(内网)https://memo.plnl.me/posts/38https://memo.plnl.me/posts/38Mon, 16 Mar 2026 08:04:33 GMT由于部分小伙伴家中有NAS或者需要跑PCDN,所以需要设置upnp、全局NAT1和端口映射、端口回流等 <a href="/search/%23ROS">#ROS</a><br /><br />1、开启upnp<br /><br />打开upnp settings设置enabled,allow-disable-external-interface打勾<br /><br />interfaces菜单,选择“+”号<br /><br />pppoe-out1 【or】 wan-eth0,type:external(外网)<br /><br />Bridge1,type:internal(内网)<br /><br /><pre><code> <span>/</span>ip upnp <span>set</span> enabled<span>=</span>yes <span>/</span>ip upnp <span>set</span> allow<span>-</span>disable<span>-</span>external<span>-</span>interface<span>=</span>yes <span>/</span>ip upnp interfaces add interface<span>=</span>pppoe<span>-</span>out1 <span>type</span><span>=</span>external disabled<span>=</span>no <span>/</span>ip upnp interfaces add interface<span>=</span>bridge1 <span>type</span><span>=</span>internal disabled<span>=</span>no </code></pre><br /><br />2、开启全局NAT1<br /><br />在防火墙内,进入NAT选项<br /><br />Chain:srcnat,Protocol:udp,Action:endpoint-independent-nat<br /><br />Chain:dstnat,Protocol:udp,Action:endpoint-independent-nat<br /><br /><pre><code> <span>/</span>ip firewall nat add action<span>=</span>endpoint<span>-</span>independent<span>-</span>nat chain<span>=</span>srcnat protocol<span>=</span>udp comment<span>=</span>FullCone<span>-</span>Nat <span>/</span>ip firewall nat add action<span>=</span>endpoint<span>-</span>independent<span>-</span>nat chain<span>=</span>dstnat protocol<span>=</span>udp comment<span>=</span>FullCone<span>-</span>Nat </code></pre><br /><br />3、设置端口映射<br /><br />打开IP 防火墙,在nat选项卡内,添加一条记录<br /><br />Chain:dstnat,In. Interface:pppoe-out1 【or】 wan-eth0,Action:dst-nat,To Address:内网主机IP,protocol:udp&amp;tcp<br /><br /><pre><code> <span>#</span>映射全部端口 <span>/</span>ip firewall nat add chain<span>=</span>dstnat <span>in</span><span>-</span>interface<span>=</span>pppoe<span>-</span>out1 protocol<span>=</span>udp action<span>=</span>dst<span>-</span>nat to<span>-</span>address<span>=</span>【内网主机IP】 <span>/</span>ip firewall nat add chain<span>=</span>dstnat <span>in</span><span>-</span>interface<span>=</span>pppoe<span>-</span>out1 protocol<span>=</span>tcp action<span>=</span>dst<span>-</span>nat to<span>-</span>address<span>=</span>【内网主机IP】 <span>#</span>如需值映射部分端口,添加dst<span>.</span>port <span>/</span>ip firewall nat add chain<span>=</span>dstnat dst<span>-</span>port<span>=</span>【需要映射的外网端口】 <span>in</span><span>-</span>interface<span>=</span>pppoe<span>-</span>out1 protocol<span>=</span>udp action<span>=</span>dst<span>-</span>nat to<span>-</span>address<span>=</span>【内网主机IP】 to<span>-</span>port<span>=</span>【需要映射的内网端口】 <span>/</span>ip firewall nat add chain<span>=</span>dstnat dst<span>-</span>port<span>=</span>【需要映射的外网端口】 <span>in</span><span>-</span>interface<span>=</span>pppoe<span>-</span>out1 protocol<span>=</span>tcp action<span>=</span>dst<span>-</span>nat to<span>-</span>address<span>=</span>【内网主机IP】 to<span>-</span>port<span>=</span>【需要映射的内网端口】 </code></pre><br /><br />4、设置端口映射后内网访问的端口回流<br /><br />打开IP防火墙,在nat选项卡内,添加一条记录<br /><br /><pre><code> #内网访问的端口回流,TCP协议 <span>/</span>ip firewall nat add action<span>=</span>masquerade chain<span>=</span>srcnat dst<span>-</span>address<span>=</span>【映射地址】 out<span>-</span>interface<span>=</span>bridge1 protocol<span>=</span>tcp src<span>-</span>address<span>=</span>【lan口ip网段】<span>/</span><span>24</span></code></pre>