实战Redhat9配置ADSL共享上网服务器

网上的许多文章都不全，但按照他们的方法大多都不管用，综合一下他们的方法，终于成功了！写出来希望对大家有帮助，有问题请联系petehero@126.com讨论

 

redhat服务器:
网卡eth0: 192.168.0.1/255.255.255.0 其他网关,dns等都不要配置
客户端：
IP地址设置成192.168.0.2－192.168.0.254之间的ip地址，子网掩码都是255.255.255.0，网关都指向192.168.0.1，DNS指向ISP的DNS地址，如202.106.0.20等。

redhat9已经默认安装了adsl拨号程序。直接可以进行配置。

命令行输入：adsl-setup 进入配置对话（若没找到路径，输入/sbin/adsl-setup）

Welcome to the ADSL client setup. First, I will run some checks on
your system to make sure the PPPoE client is installed properly...

The following DSL config was found on your system:

Device:  Name:
ppp0     DSLppp0

Please enter the device if you want to configure the present DSL config
(default ppp0) or enter n if you want to create a new one: 建立的拨号连接名字,直接回车默认就行

LOGIN NAME

Enter your Login Name (default ): 输入ADSL账号的登陆用户名

INTERFACE

Enter the Ethernet interface connected to the ADSL modem
For Solaris, this is likely to be something like /dev/hme0.
For Linux, it will be ethX, where X is a number.
(default eth0): ADSL拨号使用的的网卡,如果只有一块网卡,回车使用默认值

Do you want the link to come up on demand, or stay up continuously?
If you want it to come up on demand, enter the idle time in seconds
after which the link should be dropped. If you want the link to
stay up permanently, enter no (two letters, lower-case.)
NOTE: Demand-activated links do not interact well with dynamic IP
addresses. You may have some problems with demand-activated links.
Enter the demand value (default no): 默认就行

DNS

Please enter the IP address of your ISPs primary DNS server.
If your ISP claims that the server will provide dynamic DNS addresses,
enter server (all lower-case) here.
If you just press enter, I will assume you know what you are
doing and not modify your DNS setup.
Enter the DNS information here:不要填写任何DNS地址,ADSL自动从ISP中获取dns地址

PASSWORD

Please enter your Password: 输入ADSL账号的密码
Please re-enter your Password: 密码验证

USERCTRL

Please enter yes (two letters, lower-case.) if you want to allow
normal user to start or stop DSL connection (default yes): 默认就行

FIREWALLING

Please choose the firewall rules to use. Note that these rules are
very basic. You are strongly encouraged to use a more sophisticated
firewall setup; however, these will provide basic security. If you
are running any servers on your machine, you must choose NONE and
set up firewalling yourself. Otherwise, the firewall rules will deny
access to all standard servers like Web, e-mail, ftp, etc. If you
are using SSH, the rules will block outgoing SSH connections which
allocate a privileged source port.

The firewall choices are:
0 - NONE: This script will not set any firewall rules. You are responsible
for ensuring the security of your machine. You are STRONGLY
recommended to use some kind of firewall rules.
1 - STANDALONE: Appropriate for a basic stand-alone web-surfing workstation
2 - MASQUERADE: Appropriate for a machine acting as an Internet gateway
for a LAN
Choose a type of firewall (0-2): 所以选择2,作为网关

Start this connection at boot time

Do you want to start this connection at boot time?
Please enter no or yes (default no): 如果是包月的话就选yes,启动时就连上网络

** Summary of what you entered **

Ethernet Interface: eth1
User name: username
Activate-on-demand: No
DNS: Do not adjust
Firewalling: MASQUERADE
User Control: yes
Accept these settings and adjust configuration files (y/n)? 选择yes,保存设置.

到此adsl配置完成，我们用命令/sbin/adsl-start来激活ADSL连接，如果你的用户名和密码正确，应该就可以连上了。
还可以用命令/sbin/adsl-status来察看ADSL连接状态,如果出现:

adsl-status: Link is up and running on interface ppp0
ppp0      Link encap:Point-to-Point Protocol
          inet addr:x.x.x.x  P-t-P:y.y.y.y  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1
          RX packets:8191 errors:0 dropped:0 overruns:0 frame:0
          TX packets:12153 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:7135851 (6.8 Mb)  TX bytes:1083961 (1.0 Mb)
         
说明已经连上adsl网络。x.x.x.x表示你的ip地址,y.y.y.y表示adsl网关地址。
打开浏览器看是否能够上网。如果还是不行。运行下列命令：

/sbin/route del default
/sbin/route add default  gw  y.y.y.y

y.y.y.y是adsl网关地址，在前面讲的用/sbin/adsl-status命令可以看到。
此时ping外部ip地址应该没有问题，本机也可以通过浏览器上网了。
把上面的两句加到/etc/rc.d/rc.local中，保证每次启动时路由正确能连上网络。

下面配置共享上网：
修改/etc/sysconfig/iptables(把原有的内容都删除),修改完如下

# Firewall configuration written by petehero
# Manual customization of this file is not recommended.
# Note: ifup-post will punch the current nameservers through the
# firewall; such entries will *not* be listed here.
*mangle
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -s 192.168.0.0/255.255.255.0 -o ppp0 -j MASQUERADE
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT

修改/etc/sysctl.conf，把net.ipv4.ip_forward设置成1，如下：
net.ipv4.ip_forward = 1

iptables -t nat -L -n 看代理规则是否正确,结果如下:
[root@localhost root]# iptables -t nat -L -n
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  192.168.0.0/24       0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

cat /proc/sys/net/ipv4/ip_forward 看值是否为1,结果如下:
[root@localhost root]$ cat /proc/sys/net/ipv4/ip_forward
1

重起network服务和iptables服务，或者直接重起机器就可以完成配置。

到现在如果客户机已经设置ip地址和dns地址的话,就可以通过服务器共享上网了。