一张集成网卡eth0,一张usb扩展网卡eth1;usb网卡为AX系列,其驱动已经安装在内核里面了。eth0连接外网,eth1连接内网,实现eth1内网可以访问外网,需要进行3个步骤;1.编辑网卡配置文件;2.修改dnsmasq.conf利用dnsmasq服务的dhcp功能开启dhcp自动分配ip;3.通过防火墙开启eth1与eth0之间的转发;
注:usb网卡在系统reboot重启时不会自动重启,需要拔插一次才能使用;正确重启步骤为:系统重启reboot->拔插usb网卡->查看ifconfig是否有eth1信息如果没有ifconfig eth1 up->启动 dnsmasq服务->开启防火墙转发
1.编辑/network/interface文件为:
vi /etc/network/interfaces
# interfaces(5) file used by ifup(8) and ifdown(8)
# Include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d
auto lo
iface lo inet loopback
auto eth0
allow-hotplug eth0
iface eth0 inet dhcp
auto eth1
allow-hotplug eth1
iface eth1 inet static
address 192.168.2.1
netmask 255.255.255.0
allow-hotplug wlan0
iface wlan0 inet manual
wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
iface default inet dhcp
2.编辑dnsmasq.conf分配一段ip地址192.168.2.1
mv /etc/dnsmasq.conf /etc/dnsmasq.conf.bak
vi /etc/dnsmasq.conf
interface=lo,eth1
no-dhcp-interface=lo
dhcp-range=192.168.2.20,192.168.2.254,255.255.255.0,12h启动dnsmasq服务
service dnsmasq start
3.利用iptables实现防火墙eth0-eth1端口转发
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
1783
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
