有關雙網卡NAT主機的問題 - Linux
By Frederic
at 2011-03-09T00:26
at 2011-03-09T00:26
Table of Contents
※ 引述《alwaysfind ( )》之銘言:
: 經過修改後的route:
: Destination Gateway Genmask Flags Metric Ref Use Iface
: 172.10.20.x * 255.255.255.255 UH 0 0 0 eth3
: 172.10.20.0 * 255.255.255.240 U 5 0 0 bnep0
: 192.168.1.0 * 255.255.255.0 U 1 0 0 eth3
: default 172.10.20.x 0.0.0.0 UG 0 0 0 bnep0
根據你的敘述,拓樸大概是這樣
PC-----------------------------Server--------------------------CellPhone
192.168.1.100 eth3:192.168.1.1 bnep0:172.10.20.100 172.10.20.1
其實有兩種做法,一種是route,另一種是NAT
以下是NAT的作法
#請把其他沒用到的介面全部關掉
ifconfig eth0 down
ifconfig eth1 down
ifconfig eth2 down
ifconfig eth3 down
ifconfig eth3 192.168.1.1 netmask 255.255.255.0
ifconfig bnep0 172.10.20.100 netmask 255.255.255.0
route add default gw 172.10.20.1
#enable forward
echo "1"> /proc/sys/net/ipv4/ip_forward
#NAT
iptables -t nat -A POSTROUTING -o bnep0 -s 192.168.1.0/24 -j MASQUERADE
#允許可直接從外面進來的封包
iptables -A INPUT -i bnep0 -p udp --sport 53 -j ACCEPT
iptables -A INPUT -i bnep0 -p tcp --sport 80 -j ACCEPT
iptables -A INPUT -i bnep0 -p tcp --sport 81 -j ACCEPT
#接受icmp
#iptables -A INPUT -i bnep0 -p icmp -j ACCEPT
#其他未經允許的封包通通丟掉
iptables -A INPUT -i bnep0 -j DROP
#DNS
echo "nameserver 168.95.1.1">/etc/reslov.conf
echo "nameserver 168.95.192.1">>/etc/reslov.conf
--
CPU:AMD Athlon64 X2 3800+ 35W AM2 VGA:Asus 7300GT DDR-3 256M
MB:Asus M2NPV-MX PSU:AcBel 430W
RAM:Transcend 667/1G *4 CASE:GMC H-60
DVD-RW:Benq DW1640 DVD-RW:SONY DUR-800A
DVD-RW:Benq DW1670 IDE HDD:WD 160G + Seagate 120G
SATA HDD:Seagate 250G + Seagate 500G USB-HDD:Toshiba 250G SATA2
--
: 經過修改後的route:
: Destination Gateway Genmask Flags Metric Ref Use Iface
: 172.10.20.x * 255.255.255.255 UH 0 0 0 eth3
: 172.10.20.0 * 255.255.255.240 U 5 0 0 bnep0
: 192.168.1.0 * 255.255.255.0 U 1 0 0 eth3
: default 172.10.20.x 0.0.0.0 UG 0 0 0 bnep0
根據你的敘述,拓樸大概是這樣
PC-----------------------------Server--------------------------CellPhone
192.168.1.100 eth3:192.168.1.1 bnep0:172.10.20.100 172.10.20.1
其實有兩種做法,一種是route,另一種是NAT
以下是NAT的作法
#請把其他沒用到的介面全部關掉
ifconfig eth0 down
ifconfig eth1 down
ifconfig eth2 down
ifconfig eth3 down
ifconfig eth3 192.168.1.1 netmask 255.255.255.0
ifconfig bnep0 172.10.20.100 netmask 255.255.255.0
route add default gw 172.10.20.1
#enable forward
echo "1"> /proc/sys/net/ipv4/ip_forward
#NAT
iptables -t nat -A POSTROUTING -o bnep0 -s 192.168.1.0/24 -j MASQUERADE
#允許可直接從外面進來的封包
iptables -A INPUT -i bnep0 -p udp --sport 53 -j ACCEPT
iptables -A INPUT -i bnep0 -p tcp --sport 80 -j ACCEPT
iptables -A INPUT -i bnep0 -p tcp --sport 81 -j ACCEPT
#接受icmp
#iptables -A INPUT -i bnep0 -p icmp -j ACCEPT
#其他未經允許的封包通通丟掉
iptables -A INPUT -i bnep0 -j DROP
#DNS
echo "nameserver 168.95.1.1">/etc/reslov.conf
echo "nameserver 168.95.192.1">>/etc/reslov.conf
--
CPU:AMD Athlon64 X2 3800+ 35W AM2 VGA:Asus 7300GT DDR-3 256M
MB:Asus M2NPV-MX PSU:AcBel 430W
RAM:Transcend 667/1G *4 CASE:GMC H-60
DVD-RW:Benq DW1640 DVD-RW:SONY DUR-800A
DVD-RW:Benq DW1670 IDE HDD:WD 160G + Seagate 120G
SATA HDD:Seagate 250G + Seagate 500G USB-HDD:Toshiba 250G SATA2
--
Tags:
Linux
All Comments
By Yedda
at 2011-03-09T10:12
at 2011-03-09T10:12
By Delia
at 2011-03-11T13:30
at 2011-03-11T13:30
Related Posts
Ubuntu上網
By Irma
at 2011-03-09T00:03
at 2011-03-09T00:03
ubuntu 10.04 安裝問題
By Rae
at 2011-03-08T23:28
at 2011-03-08T23:28
請問RHCE證照
By Harry
at 2011-03-08T20:48
at 2011-03-08T20:48
有關雙網卡NAT主機的問題
By Yuri
at 2011-03-08T20:33
at 2011-03-08T20:33
ATI HD5570 driver in CentOS-5-i386
By Donna
at 2011-03-08T17:52
at 2011-03-08T17:52