我的squid+iptable在redhat 9.0上配置笔记

我的squid+iptable在redhat 9.0上配置笔记

搞了半天,也在不知不觉中做好,也不知怎么做好的:)希望对每个初始配置squid的朋友有所帮忙吧,也希望有对iptables熟悉的朋友帮忙在安全方面做一下改动
环境：redhat 9.0 +squid+iptables（9.0附带)

一,IP的设置:eth0是连接内网的, eth1是连接ADSL的

[root@ADSLserver network-scripts]# cat ifcfg-eth0
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=static
IPADDR=172.16.3.2
NETMASK=255.255.255.0
NETWORK=172.16.3.0
[root@ADSLserver network-scripts]# cat ifcfg-eth1
DEVICE=eth1
BOOTPROTO=dhcp
ONBOOT=yes
[root@ADSLserver network-scripts]#
[root@ADSLserver sysconfig]# cat network
NETWORKING=yes
HOSTNAME=ADSLserver
GATEWAYDEV=ppp0
GATEWAY=
[root@ADSLserver sysconfig]#
二,设置pppoe拨号

[root@ADSLserver sysconfig]##adsl-setup
Welcome to the ADSL client setup. First, I will run some checks on
your system to make sure the PPPoE client is installed properly...

LOGIN NAME

Enter your Login Name (default root): ADSL提供商给的用户名，写在这里(###@163.gd)

INTERFACE

Enter the Ethernet interface connected to the ADSL modem
For Solaris, this is likely to be something like /dev/hme0.
For Linux, it will be ethX, where X is a number.
(default eth0): eth1 我的通过eth1提供ADSL上网的

Do you want the link to come up on demand, or stay up continuously?
If you want it to come up on demand, enter the idle time in seconds
after which the link should be dropped. If you want the link to
stay up permanently, enter no (two letters, lower-case.)
NOTE: Demand-activated links do not interact well with dynamic IP
addresses. You may have some problems with demand-activated links.
Enter the demand value (default no):在这里按一下回车就行了。

DNS

Please enter the IP address of your ISPs primary DNS server.
If your ISP claims that the server will provide dynamic DNS addresses,
enter server (all lower-case) here.
If you just press enter, I will assume you know what you are
doing and not modify your DNS setup.
Enter the DNS information here: 202.96.134.133这是DSN，最好用你本地电信给的
Please enter the IP address of your ISPs secondary DNS server.
If you just press enter, I will assume there is only one DNS server.
Enter the secondary DNS server address here: 202.96.168.68这是第二个DNS，也是电信给的。

PASSWORD

Please enter your Password:在这里把ADSL提供商给的密码写上
Please re-enter your Password:

USERCTRL

Please enter yes (two letters, lower-case.) if you want to allow
normal user to start or stop DSL connection (default yes): yes

FIREWALLING

Please choose the firewall rules to use. Note that these rules are
very basic. You are strongly encouraged to use a more sophisticated
firewall setup; however, these will provide basic security. If you
are running any servers on your machine, you must choose NONE and
set up firewalling yourself. Otherwise, the firewall rules will deny
access to all standard servers like Web, e-mail, ftp, etc. If you
are using SSH, the rules will block outgoing SSH connections which
allocate a privileged source port.

The firewall choices are:
0 - NONE: This script will not set any firewall rules. You are responsible
for ensuring the security of your machine. You are STRONGLY
recommended to use some kind of firewall rules.
1 - STANDALONE: Appropriate for a basic stand-alone web-surfing workstation
2 - M