如何使用Red Had Linux8.0设置双网卡代理服务
我买了Red Had Linux8.0 personal无法设置双网卡代理服务
#! /bin/sh
IPTABLES=/usr/sbin/iptables
EXTERNAL="eth1" ---> 外网的接口
INTERNAL="eth0" ---> 内网的接口
IP=192.168.0.0/24 ---> 内网地址
kver=`uname -r | cut -c 1-3`
if [ "$kver" != "2.4" ] && [ "$kver" != "2.5" ]; then
echo "Your Linux Kernel Version may not be suported by this script!"
echo "This scripts will not be runing"
exit
fi
ipchains=`lsmod | grep ipchains`
if [ "$ipchains" != "" ]; then
echo "unload ipchains in your system"
rmmod ipchains 2> /dev/null
fi
$IPTABLES -P INPUT ACCEPT
$IPTABLES -P FORWARD ACCEPT
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -t nat -P PREROUTING ACCEPT
$IPTABLES -t nat -P POSTROUTING ACCEPT
$IPTABLES -t nat -P OUTPUT ACCEPT
$IPTABLES -F
$IPTABLES -t nat -F
$IPTABLES -X
$IPTABLES -t nat -X
start() {
echo -n $"Starting firewall "
# Enable IPV4 Packet Forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
for i in /lib/modules/`uname -r`/kernel/net/ipv4/netfilter/*
do
t=`echo $i |sed 's//.o$//g'`
module=`basename $t`
modprobe $module
done
#
#允许ICMP数据包(ping)
$IPTABLES -A INPUT -p icmp -j ACCEPT
#允许内部网之间的数据通讯
$IPTABLES -A INPUT -i $INTERNAL -s $PRINET -j ACCEPT
$IPTABLES -A OUTPUT -o $INTERNAL -d $PRINET -j ACCEPT
$IPTABLES -t nat -A POSTROUTING -o $EXTERNAL -j MASQUERADE
echo_success
}
stop(){
echo -n $"Stopping Firewall"
flush
for i in /lib/modules/`uname -r`/kernel/net/ipv4/netfilter/*
do
t=`echo $i |sed 's//.o$//g'`
module=`basename $t`
modprobe -r $module
done
# Disale IPV4 Packet Forwarding
echo "0" > /proc/sys/net/ipv4/ip_forward
echo_success
}
restart()
{
stop
start
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
*)
echo $"Usage: $0 {start|stop|restart}"
exit 1
esac
修改此脚本后执行就可以了。
IPTABLES=/usr/sbin/iptables
EXTERNAL="eth1" ---> 外网的接口
INTERNAL="eth0" ---> 内网的接口
IP=192.168.0.0/24 ---> 内网地址
kver=`uname -r | cut -c 1-3`
if [ "$kver" != "2.4" ] && [ "$kver" != "2.5" ]; then
echo "Your Linux Kernel Version may not be suported by this script!"
echo "This scripts will not be runing"
exit
fi
ipchains=`lsmod | grep ipchains`
if [ "$ipchains" != "" ]; then
echo "unload ipchains in your system"
rmmod ipchains 2> /dev/null
fi
$IPTABLES -P INPUT ACCEPT
$IPTABLES -P FORWARD ACCEPT
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -t nat -P PREROUTING ACCEPT
$IPTABLES -t nat -P POSTROUTING ACCEPT
$IPTABLES -t nat -P OUTPUT ACCEPT
$IPTABLES -F
$IPTABLES -t nat -F
$IPTABLES -X
$IPTABLES -t nat -X
start() {
echo -n $"Starting firewall "
# Enable IPV4 Packet Forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
for i in /lib/modules/`uname -r`/kernel/net/ipv4/netfilter/*
do
t=`echo $i |sed 's//.o$//g'`
module=`basename $t`
modprobe $module
done
#
#允许ICMP数据包(ping)
$IPTABLES -A INPUT -p icmp -j ACCEPT
#允许内部网之间的数据通讯
$IPTABLES -A INPUT -i $INTERNAL -s $PRINET -j ACCEPT
$IPTABLES -A OUTPUT -o $INTERNAL -d $PRINET -j ACCEPT
$IPTABLES -t nat -A POSTROUTING -o $EXTERNAL -j MASQUERADE
echo_success
}
stop(){
echo -n $"Stopping Firewall"
flush
for i in /lib/modules/`uname -r`/kernel/net/ipv4/netfilter/*
do
t=`echo $i |sed 's//.o$//g'`
module=`basename $t`
modprobe -r $module
done
# Disale IPV4 Packet Forwarding
echo "0" > /proc/sys/net/ipv4/ip_forward
echo_success
}
restart()
{
stop
start
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
*)
echo $"Usage: $0 {start|stop|restart}"
exit 1
esac
修改此脚本后执行就可以了。
来源于:http://www.chinalinuxpub.com/bbs/showthread.php?t=17308