本文所述在red hat linux 9.0 and Fedora Core 10 测试通过
服务器环境:red hat linux 9.0 (rh linux 7.0以上的应当都可以)
客户机环境:一般的操作系统。
硬件环境:adsl拔号上网,无路由器,多台交换机。10-20台机器,每台机器一张网卡。所有机器都接在交换机上,交换机接ADSL。
先选择一台机器做为服务器,假设其局域网IP为192.168.1.1
服务器设置:
如果对设置拔号熟悉,请跳到下一步:
1. 设置拔号:
/sbin/adsl-setup
Welcome to the ADSL client setup. First, I will run some checks on
your system to make sure the PPPoE client is installed properly...
The following DSL config was found on your system:
Device: Name:
ppp0 DSLppp0
Please enter the device if you want to configure the present DSL config
(default ppp0) or enter /'n/' if you want to create a new one:
(注:发现了已经装过的拔号连接,输入n可以创建一个新的,回车则是编辑原有的拔号设置,如果以前系统没有设置过拔号,则不会出现此步)
LOGIN NAME
Enter your Login Name (default xx@163.gd):
(注:输入拔号的用户名)
INTERFACE
Enter the Ethernet interface connected to the ADSL modem
For Solaris, this is likely to be something like /dev/hme0.
For Linux, it will be ethX, where /'X/' is a number.
(default eth0):
(注:输入网卡名。eth0指的是你的第一个网卡,eht1第二个,... 默认回车就
可以了)
Do you want the link to come up on demand, or stay up continuously?
If you want it to come up on demand, enter the idle time in seconds
after which the link should be dropped. If you want the link to
stay up permanently, enter /'no/' (two letters, lower-case.)
NOTE: Demand-activated links do not interact well with dynamic IP
addresses. You may have some problems with demand-activated links.
Enter the demand value (default no):
(注:一直保持连接,还是空闲时断开连接,如果想在空闲时断开连接,输入空闲时间,如:输入1200表示机器在空闲20分钟(1200秒)后断开连接,输入no表示一直保持连接)
DNS
Please enter the IP address of your ISP/'s primary DNS server.
If your ISP claims that /'the server will provide dynamic DNS
addresses/',
enter /'server/' (all lower-case) here.
If you just press enter, I will assume you know what you are
doing and not modify your DNS setup.
Enter the DNS information here:
(注:域名服务器,如果是动态获取的DNS的话,输入server,否则输入DNS的IP )
PASSWORD
Please enter your Password:
Please re-enter your Password:
(注:输入拔号密码)
USERCTRL
Please enter /'yes/' (two letters, lower-case.) if you want to allow
normal user to start or stop DSL connection (default yes):
(注:是否允许一般用户开启和挂断拔号)
FIREWALLING
Please choose the firewall rules to use. Note that these rules are
very basic. You are strongly encouraged to use a more sophisticated
firewall setup; however, these will provide basic security. If you
are running any servers on your machine, you must choose /'NONE/' and
set up firewalling yourself. Otherwise, the firewall rules will deny
access to all standard servers like Web, e-mail, ftp, etc. If you
are using SSH, the rules will block outgoing SSH connections which
allocate a privileged source port.
The firewall choices are:
0 - NONE: This script will not set any firewall rules. You are
responsible
for ensuring the security of your machine. You are STRONGLY
recommended to use some kind of firewall rules.
1 - STANDALONE: Appropriate for a basic stand-alone web-surfing
workstation
2 - MASQUERADE: Appropriate for a machine acting as an Internet gateway
for a LAN
Choose a type of firewall (0-2):
(注:选择防火墙类型。0:没有防火墙,1:不太明白2:网关使用基于iptables的防火墙规则。一般选0就可以了)
Start this connection at boot time
Do you want to start this connection at boot time?
Please enter no or yes (default no):
(注:是否在启动时开启拔号)
Do you want to start this connection at boot time?
Please enter no or yes (default no):
** Summary of what you entered **
Ethernet Interface: eth0
User name: xx@163.gd
Activate-on-demand: No
DNS: Do not adjust
Firewalling: NONE
User Control: yes
Accept these settings and adjust configuration files (y/n)?
(注:保存,输入y)
好了,adsl算是安装完成了,如果安装错了,回来再重来过:)
2. 开启拔号:
/sbin/adsl-start
3. 测试一网络是否已经通了:
ping www.google.com (注:最好是ping 一下dns, 有些网站不让ping的,还让人 以为网络不通呢)
4. iptables的加载
在/etc/rc.local 文件中加入以下内容:
# share adsl, and add iptable
echo 1 > /proc/sys/net/ipv4/ip_forward
modprobe iptables
modprobe ip_nat_ftp
modprobe ip_conntrack
modprobe ip_conntrack_ftp
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o ppp0 -j MASQUERADE
(注:192.168.1.0/24 192.168.1.0指的是内网的IP段,24指的是俺码位数)
5. 重启服务
最简单的就是reboot。(按理说linux不需要重启的,可以我在修改这些文件之后,重新启动network,iptables, xinetd 服务后都不行,也加载了rc.local中的内容,客户机都是不能上网。现在还没弄懂是什么原因,有高手知道的麻烦告知噢!
客户机的设置:
每台机分配一个内网IP(或者有DHCP服务器,DHCP也可)
网关设为服务器的内网IP,也就是本文开头的192.168.1.1
DNS设为网络提供商给的DNS,或者自己的DNS服务器IP
服务器环境:red hat linux 9.0 (rh linux 7.0以上的应当都可以)
客户机环境:一般的操作系统。
硬件环境:adsl拔号上网,无路由器,多台交换机。10-20台机器,每台机器一张网卡。所有机器都接在交换机上,交换机接ADSL。
先选择一台机器做为服务器,假设其局域网IP为192.168.1.1
服务器设置:
如果对设置拔号熟悉,请跳到下一步:
1. 设置拔号:
/sbin/adsl-setup
Welcome to the ADSL client setup. First, I will run some checks on
your system to make sure the PPPoE client is installed properly...
The following DSL config was found on your system:
Device: Name:
ppp0 DSLppp0
Please enter the device if you want to configure the present DSL config
(default ppp0) or enter /'n/' if you want to create a new one:
(注:发现了已经装过的拔号连接,输入n可以创建一个新的,回车则是编辑原有的拔号设置,如果以前系统没有设置过拔号,则不会出现此步)
LOGIN NAME
Enter your Login Name (default xx@163.gd):
(注:输入拔号的用户名)
INTERFACE
Enter the Ethernet interface connected to the ADSL modem
For Solaris, this is likely to be something like /dev/hme0.
For Linux, it will be ethX, where /'X/' is a number.
(default eth0):
(注:输入网卡名。eth0指的是你的第一个网卡,eht1第二个,... 默认回车就
可以了)
Do you want the link to come up on demand, or stay up continuously?
If you want it to come up on demand, enter the idle time in seconds
after which the link should be dropped. If you want the link to
stay up permanently, enter /'no/' (two letters, lower-case.)
NOTE: Demand-activated links do not interact well with dynamic IP
addresses. You may have some problems with demand-activated links.
Enter the demand value (default no):
(注:一直保持连接,还是空闲时断开连接,如果想在空闲时断开连接,输入空闲时间,如:输入1200表示机器在空闲20分钟(1200秒)后断开连接,输入no表示一直保持连接)
DNS
Please enter the IP address of your ISP/'s primary DNS server.
If your ISP claims that /'the server will provide dynamic DNS
addresses/',
enter /'server/' (all lower-case) here.
If you just press enter, I will assume you know what you are
doing and not modify your DNS setup.
Enter the DNS information here:
(注:域名服务器,如果是动态获取的DNS的话,输入server,否则输入DNS的IP )
PASSWORD
Please enter your Password:
Please re-enter your Password:
(注:输入拔号密码)
USERCTRL
Please enter /'yes/' (two letters, lower-case.) if you want to allow
normal user to start or stop DSL connection (default yes):
(注:是否允许一般用户开启和挂断拔号)
FIREWALLING
Please choose the firewall rules to use. Note that these rules are
very basic. You are strongly encouraged to use a more sophisticated
firewall setup; however, these will provide basic security. If you
are running any servers on your machine, you must choose /'NONE/' and
set up firewalling yourself. Otherwise, the firewall rules will deny
access to all standard servers like Web, e-mail, ftp, etc. If you
are using SSH, the rules will block outgoing SSH connections which
allocate a privileged source port.
The firewall choices are:
0 - NONE: This script will not set any firewall rules. You are
responsible
for ensuring the security of your machine. You are STRONGLY
recommended to use some kind of firewall rules.
1 - STANDALONE: Appropriate for a basic stand-alone web-surfing
workstation
2 - MASQUERADE: Appropriate for a machine acting as an Internet gateway
for a LAN
Choose a type of firewall (0-2):
(注:选择防火墙类型。0:没有防火墙,1:不太明白2:网关使用基于iptables的防火墙规则。一般选0就可以了)
Start this connection at boot time
Do you want to start this connection at boot time?
Please enter no or yes (default no):
(注:是否在启动时开启拔号)
Do you want to start this connection at boot time?
Please enter no or yes (default no):
** Summary of what you entered **
Ethernet Interface: eth0
User name: xx@163.gd
Activate-on-demand: No
DNS: Do not adjust
Firewalling: NONE
User Control: yes
Accept these settings and adjust configuration files (y/n)?
(注:保存,输入y)
好了,adsl算是安装完成了,如果安装错了,回来再重来过:)
2. 开启拔号:
/sbin/adsl-start
3. 测试一网络是否已经通了:
ping www.google.com (注:最好是ping 一下dns, 有些网站不让ping的,还让人 以为网络不通呢)
4. iptables的加载
在/etc/rc.local 文件中加入以下内容:
# share adsl, and add iptable
echo 1 > /proc/sys/net/ipv4/ip_forward
modprobe iptables
modprobe ip_nat_ftp
modprobe ip_conntrack
modprobe ip_conntrack_ftp
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o ppp0 -j MASQUERADE
(注:192.168.1.0/24 192.168.1.0指的是内网的IP段,24指的是俺码位数)
5. 重启服务
最简单的就是reboot。(按理说linux不需要重启的,可以我在修改这些文件之后,重新启动network,iptables, xinetd 服务后都不行,也加载了rc.local中的内容,客户机都是不能上网。现在还没弄懂是什么原因,有高手知道的麻烦告知噢!
客户机的设置:
每台机分配一个内网IP(或者有DHCP服务器,DHCP也可)
网关设为服务器的内网IP,也就是本文开头的192.168.1.1
DNS设为网络提供商给的DNS,或者自己的DNS服务器IP
937
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
