你的位置: LAMP中文网论坛 -> LAMP平台 -> lIUNX 下 ADSL代理共享上网

lIUNX 下 ADSL代理共享上网

ch7213851
ch7213851

UID
21126 
帖子
积分
在线时间
10 分钟 
1# ch7213851 发表于 2007-07-30 17:26

lIUNX 下 ADSL代理共享上网

lIUNX  下 ADSL代理共享上网,网上的方法,搞来搞去,还是只能够单机上,

有没有完整的说明步骤啊      
Roc.Ken
Roc.Ken

UID
11395 
帖子
173 
积分
397 
在线时间
1 天 17 小时 
2# Roc.Ken 发表于 2007-07-30 22:32
怎么做的? 有什么错误提示?      
ch7213851
ch7213851

UID
21126 
帖子
积分
在线时间
10 分钟 
3# ch7213851 发表于 2007-07-31 08:49
就是照下面说得。
1、拔号上网
1.1拔号软件
    linux下的拔号软件很多,但比较好的是rp-pppoe,一般linux系统会自带拔号软件,如果你没装,请自己到google去找一个来装上。
1.2拔号设置
    切换为root用户,只有root才能配置。
    $ su
    Password:
    # /sbin/adsl-setup
    按提示设置用户名、密码、DNS、及其它相关信息,下面是我的参考配置:
Welcome to the ADSL client setup.  First, I will run some checks on
your system to make sure the PPPoE client is installed properly...

The following DSL config was found on your system:

  Device:      Name:
  ppp0         DSLppp0

Please enter the device if you want to configure the present DSL config
(default ppp0) or enter 'n' if you want to create a new one:

LOGIN NAME

Enter your Login Name (default xyn0699647):

INTERFACE

Enter the Ethernet interface connected to the ADSL modem
For Solaris, this is likely to be something like /dev/hme0.
For Linux, it will be ethX, where 'X' is a number.
(default eth0):

Do you want the link to come up on demand, or stay up continuously?
If you want it to come up on demand, enter the idle time in seconds
after which the link should be dropped.  If you want the link to
stay up permanently, enter 'no' (two letters, lower-case.)
NOTE: Demand-activated links do not interact well with dynamic IP
addresses.  You may have some problems with demand-activated links.
Enter the demand value (default no):

DNS

Please enter the IP address of your ISP's primary DNS server.
If your ISP claims that 'the server will provide dynamic DNS addresses',
enter 'server' (all lower-case) here.
If you just press enter, I will assume you know what you are
doing and not modify your DNS setup.
Enter the DNS information here:

PASSWORD

Please enter your Password:
Please re-enter your Password:

USERCTRL

Please enter 'yes' (two letters, lower-case.) if you want to allow
normal user to start or stop DSL connection (default yes):

FIREWALLING

Please choose the firewall rules to use.  Note that these rules are
very basic.  You are strongly encouraged to use a more sophisticated
firewall setup; however, these will provide basic security.  If you
are running any servers on your machine, you must choose 'NONE' and
set up firewalling yourself.  Otherwise, the firewall rules will deny
access to all standard servers like Web, e-mail, ftp, etc.  If you
are using SSH, the rules will block outgoing SSH connections which
allocate a privileged source port.

The firewall choices are:
0 - NONE: This script will not set any firewall rules.  You are responsible
          for ensuring the security of your machine.  You are STRONGLY
          recommended to use some kind of firewall rules.
1 - STANDALONE: Appropriate for a basic stand-alone web-surfing workstation
2 - MASQUERADE: Appropriate for a machine acting as an Internet gateway
                for a LAN
Choose a type of firewall (0-2):
Please enter a number from 0 to 2
The firewall choices are:
0 - NONE: This script will not set any firewall rules.  You are responsible
          for ensuring the security of your machine.  You are STRONGLY
          recommended to use some kind of firewall rules.
1 - STANDALONE: Appropriate for a basic stand-alone web-surfing workstation
2 - MASQUERADE: Appropriate for a machine acting as an Internet gateway
                for a LAN
Choose a type of firewall (0-2): 0

Start this connection at boot time

Do you want to start this connection at boot time?
Please enter no or yes (default no):

** Summary of what you entered **

Ethernet Interface: eth0
User name:          xyn0699647
Activate-on-demand: No
DNS:                Do not adjust
Firewalling:        NONE
User Control:       yes
Accept these settings and adjust configuration files (y/n)? y
Adjusting /etc/sysconfig/network-scripts/ifcfg-ppp0
Adjusting /etc/ppp/chap-secrets and /etc/ppp/pap-secrets
  (But first backing it up to /etc/ppp/chap-secrets.bak)
  (But first backing it up to /etc/ppp/pap-secrets.bak)



Congratulations, it should be all set up!

Type '/sbin/ifup ppp0' to bring up your xDSL link and '/sbin/ifdown ppp0'
to bring it down.
Type '/sbin/adsl-status /etc/sysconfig/network-scripts/ifcfg-ppp0'
to see the link status.



1.3拔号连接与断开
    输入 '/sbin/ifup ppp0' 进行拔号连接戓'/sbin/ifdown ppp0'断开拔号连接。
    至此,如果一切正常,你就可以正常网上冲浪!
2、共享上网
    通过上面的设置,你只能自己上网,要想其它电脑共享linux的连接上网,需要作如下的设置。

LINUX网络设置:
内网IP:192.168.0.1
子网掩码:255.255.255.0
网关:192.168.0.1
DNS:根据各地的网络服务商不同,云南昆明的是 202.98.160.68

注:要使设置生效,请先停止网卡,然后再激活。

其它的机器的设置只要保证与linux机器在一个网段并且网关设置为192.168.0.1就可以了,如:
192.168.0.2
255.255.255.0
192.168.0.1
DNS和主机一样。

用你喜欢的编辑器(如vi,gedit等)打开LINUX主机的/etc/rc.d/rc.local
在最后补上如下内容:
echo "1" > /proc/sys/net/ipv4/ip_forward
/sbin/ modprobe ip_nat_ftp
/sbin/ modprobe ip_conntrack
/sbin/ modprobe ip_conntrack_ftp
/sbin/ modprobe ip_conntrack_irc
/sbin/iptables -t nat -A POSTROUTING -o ppp0 -s 192.168.0.1/24 -j MASQUERADE

运行一下rc.local
    /etc/rc.d/rc.local
重新拔号,这样linux下的共享连接就设置OK了!

----------------
不知道上面那里有不对的地方      
ch7213851
ch7213851

UID
21126 
帖子
积分
在线时间
10 分钟 
4# ch7213851 发表于 2007-07-31 08:52
其中的有2句是什么意思?

echo "1" > /proc/sys/net/ipv4/ip_forward

/sbin/iptables -t nat -A POSTROUTING -o ppp0 -s 192.168.0.1/24 -j MASQUERADE

我的局域网IP段设置的是192.168.1.1-----192.168.1.254
我该怎么做呢
谢谢      
Roc.Ken
Roc.Ken

UID
11395 
帖子
173 
积分
397 
在线时间
1 天 17 小时 
5# Roc.Ken 发表于 2007-07-31 10:27
这两句比较关键, 是做NAT地址映射, 配置不当就无法上网. 你需要改成:

echo "1" > /proc/sys/net/ipv4/ip_forward

/sbin/iptables -t nat -A POSTROUTING -o ppp0 -s 192.168.1.1/24 -j MASQUERADE      
ch7213851
ch7213851

UID
21126 
帖子
积分
在线时间
10 分钟 
6# ch7213851 发表于 2007-07-31 12:45
呵呵,肯定改成192.168.1.1了,还是共享上网不了

其实Iptables的简单操作极为容易,如果是仅仅想实现共享上网,就2句话,已经可以上网了

版主再帮我分析下这下面的
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth0 -j MASQUERADE
route add default gw xxx.xxx.xxx.xxx
就是添加网关


----
有些不一样      
ken719608
ken719608

UID
38871 
帖子
166 
积分
381 
在线时间
1 天 13 小时 
7# ken719608 发表于 2007-08-02 23:24
因为内网和外网的网端不同,但你做好了NAT,现只用设置路由表即可。
外网地址:10.0.0.2-10.0.0.254
路由器网关:192.168.1.1
route add -net 10.0.0.0 netmask 255.255.255.0 gw 192.168.1.1      
szkingrose
szkingrose

UID
10274 
帖子
37 
积分
85 
在线时间
2 小时 
8# szkingrose 发表于 2007-08-03 16:23
很简单:
拨号确定可以上后。

执行
server iptables stop

echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -t nat -A POSTROUTING -s 0.0.0.0/0.0.0.0 -j  MASQUERADE      
ch7213851
ch7213851

UID
21126 
帖子
积分
在线时间
10 分钟 
9# ch7213851 发表于 2007-08-07 10:39
#!/bin/sh
echo "1" >/proc/sys/net/ipv4/ip_forward
/sbin/modprobe ip_tables
/sbin/modprobe ip_nat_ftp
INTIF=eth0
EXTIF=ppp+
PPPIF=ppp0
ANY=0.0.0.0/0
LAN=192.168.1.0/24

/sbin/iptables -F INPUT
/sbin/iptables -F OUTPUT
/sbin/iptables -F FORWARD
/sbin/iptables -F -t nat

/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -P OUTPUT ACCEPT
/sbin/iptables -P FORWARD ACCEPT

/sbin/iptables -t nat -A POSTROUTING -s $LAN -o $EXTIF -j MASQUERADE

#ADSL下的代理脚本。其中,eth0为外网,eth1为内网,IP为192.168.1.1
eth0如果在拨号的时候拨不上,则必须设置ip。

直接放到代理服务器上运行就行了
或者直接把这些内容加到rc.local里面/etc/rc.d/rc.local


IPTABLES共享上网详解其实Iptables的简单操作极为容易,如果是仅仅想实现共享上网,就2句话,已经可以上网了
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth0 -j MASQUERADE
route add default gw xxx.xxx.xxx.xxx
就是添加网关      
cwl5294519
cwl5294519

UID
21118 
帖子
积分
在线时间
10 分钟 
10# cwl5294519 发表于 2007-11-12 20:24
这样直接代理跨系统可以吗??比如说REDHAT做代理WINDOWS上网      
© 2009-2024 LAMP中文网 | 关于我们 | 联系我们 | 免责声明