ADSL+RH8.0透明網關指南
2024-07-21 02:37:07
供稿:網友
一) 概述:
利用RH8.0實現透明網關
內部網絡機器的ip地址將由網關所在機器自動分配.
(二) 硬件設備:
ISP VDSL MODEM(以太網口MEDEM)一個(其他ADSL也應該可以).
10M/100M自適應以太網卡兩個,最好找RH8.0能自動識別的網卡.
(三) 操作系統:
RedHat8.0全部安裝。
(四) 配置者身份:
root
(五) 配置過程:
1.啟動“系統設置”中RedHat的“互聯網配置向導
2.選擇xDSL設備
3.前進到DSL配置
網卡設備選擇與VDSL MODEM相連的網卡;提供者名稱隨便寫;賬號和密碼用ISP給的信息。
4.前進到完成界面
直接選擇應用,完成VDSL的設置
5.此時出現網絡設備配置工具
也可以在“開始”菜單中選擇該工具
6.配置eth0
7.配置eth1
靜態IP192.168.0.1是該局域網內的網關,默認網關由ISP提供,或者從windows撥號屬性中獲得(DOS命令為: ipconfig /all ).
linux下用ifconfig獲得, 如下P-t-P:后面的就是你ISP的網關.
ppp0 Link encap:Point-to-Point PRotocol
inet addr:156.34.89.120 P-t-P:142.166.182.77 Mask:255.255.255.255
9.配置DHCPD使內部網絡機器自動獲得IP地址.
修改/etc/dhcpd.conf, 修改后如下:
#Start of /etc/dhcpd.conf
ddns-update-style interim;
ignore client-updates;
subnet 192.168.0.0 netmask 255.255.255.0 {
# --- default gateway
option routers 192.168.0.1;
option subnet-mask 255.255.255.0;
option nis-domain "domain.org";
option domain-name "domain.org";
# --- option domain-name-servers ISP's DNS1,ISP's DNS2;
option domain-name-servers 192.168.0.1,142.177.1.2,142.177.129.11;
option time-offset -18000; # Eastern Standard Time
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- you understand Netbios very well
# option netbios-node-type 2;
range dynamic-bootp 192.168.0.2 192.168.0.254;
default-lease-time 21600;
max-lease-time 43200;
}
#End of /etc/dhcpd.conf
不要把192.168.0.1和192.168.0.255放在動態獲取ip范圍內就可以了
正確的應該如上: range dynamic-bootp 192.168.0.2 192.168.0.254;
10.修改/etc/sysconfig/iptables(把原有的內容都刪除),修改完如下,以使VDSL和代理在開機時自動生效。
# Generated by iptables-save v1.2.6a on Tue Oct 29 22:28:14 2002
*mangle
:PREROUTING ACCEPT [3184:1818661]
:INPUT ACCEPT [3182:1818397]
:FORWARD ACCEPT [2:264]
:OUTPUT ACCEPT [2797:234072]
:POSTROUTING ACCEPT [2799:234336]
COMMIT
# Completed on Tue Oct 29 22:28:14 2002
# Generated by iptables-save v1.2.6a on Tue Oct 29 22:28:14 2002
*nat
:PREROUTING ACCEPT [73:5959]
:POSTROUTING ACCEPT [22:1320]
:OUTPUT ACCEPT [213:12855]
[212:12654] -A POSTROUTING -o ppp0 -j MASQUERADE
COMMIT
# Completed on Tue Oct 29 22:28:14 2002
# Generated by iptables-save v1.2.6a on Tue Oct 29 22:28:14 2002
*filter
:INPUT ACCEPT [20227:22971175]
:FORWARD ACCEPT [370:103827]
:OUTPUT ACCEPT [15374:1263630]
COMMIT
# Completed on Tue Oct 29 22:28:14 2002
12. 修改/etc/sysctl.conf,把net.ipv4.ip_forward設置成1,如下:
net.ipv4.ip_forward = 1
如此一來,每次你重新啟動機器或重新啟動網絡服務(/etc/init.d/network restart)時就會自動啟動ip轉發功能!
13.關閉ipchain自動啟動服務,開啟iptables自動啟動服務(假如已經設定,可以忽略這步)
輸入以下命令行:
[jackey@localhost jackey]$ su
PassWord:
[root@localhost jackey]# cd /etc/init.d/
[root@localhost init.d]# chkconfig --del ipchains --level 2345
[root@localhost init.d]# chkconfig --add iptables --level 2345
14.重啟機器,進入系統后檢查是否正確啟動VDSL:
(1)ifconfig 看ip地址是否正確,結果如下:
[jackey@localhost jackey]$ ifconfig
eth0 Link encap:Ethernet HWaddr XX:XX:XX:XX:XX:XX
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:106296 errors:0 dropped:0 overruns:0 frame:0
TX packets:105021 errors:0 dropped:0 overruns:0 carrier:0
collisions:162 txqueuelen:100
RX bytes:109833929 (104.7 Mb) TX bytes:17211245 (16.4 Mb)
Interrupt:5 Base address:0x8000
eth1 Link encap:Ethernet HWaddr XX:XX:XX:XX:XX:XX
inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9297 errors:0 dropped:0 overruns:0 frame:0
TX packets:10244 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:1254722 (1.1 Mb) TX bytes:9722244 (9.2 Mb)
Interrupt:10 Base address:0x9000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:3466 errors:0 dropped:0 overruns:0 frame:0
TX packets:3466 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:463036 (452.1 Kb) TX bytes:463036 (452.1 Kb)
ppp0 Link encap:Point-to-Point Protocol
inet addr:156.34.89.120 P-t-P:142.166.182.77 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:38629 errors:0 dropped:0 overruns:0 frame:0
TX packets:28802 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:47576177 (45.3 Mb) TX bytes:2319149 (2.2 Mb)
其中XX:XX:XX:XX:XX:XX是你網卡的物理地址
(2)route -n 看路由是否正確,結果如下:
[jackey@localhost jackey]$ route -n
[b]Kernel IP routing table
[b]Destination Gateway Genmask Flags Metric Ref Use Iface
142.166.182.77 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 142.166.182.77 0.0.0.0 UG 0 0 0 ppp0
(3)iptables -t nat -L -n 看代理規則是否正確,結果如下:
[root@localhost jackey]# iptables -t nat -L -n
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
(4)cat /proc/sys/net/ipv4/ip_forward 看值是否為1,
結果如下:[/b]
[jackey@localhost jackey]$ cat /proc/sys/net/ipv4/ip_forward
1
