lych
2003-05-21, 07:52 PM
我用一快網路卡想做nat功能,讓其他電腦也能連上網路
這塊網路卡eth0用實體ip,我另外又在多加一個虛擬介面eth0:0
用的是內部ip 192.168.1.5
script 是參考鳥哥網站的設定,設定內容如下
#!/bin/bash
EXIF='eth0'
EXNET='192.168.1.0/24'
# 底下如無需要,請不要變動了!
# 0.1 Testing your Kernel version ..
echo -n "Check your kernel version... "
kver=`uname -r | cut -c 1-3`
if [ "$kver" == "2.4" ] || [ "$kver" == "2.5" ]; then
echo "[OK]"
echo "Your Linux Kernel Version is no problem!"
else
echo "[Failure]"
echo "Your Linux Kernel Version may not be suported by this script!"
echo "This scripts will not be runing"
exit
fi
# 0.2 Tell you what is this
echo " "
echo "Note:"
echo " This script will clear your iptables' rules"
echo " Please make sure that you want to do this script!"
echo " Ha Ha! No problem ! If you just want to be an NAT server !"
echo " "
# 0.3 remove ipchains modules
ipchains=`lsmod | grep ipchains`
if [ "$ipchains" != "" ]; then
rmmod ipchains 2> /dev/null
modprobe ip_tables 2> /dev/null
fi
# 1. 宣告變數、啟動 Routing 與清除規則:
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
export PATH
echo "1" > /proc/sys/net/ipv4/ip_forward
modprobe ip_tables 2> /dev/null
/sbin/iptables -F
/sbin/iptables -X
/sbin/iptables -Z
/sbin/iptables -F -t nat
/sbin/iptables -X -t nat
/sbin/iptables -Z -t nat
/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -P OUTPUT ACCEPT
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables -t nat -P PREROUTING ACCEPT
/sbin/iptables -t nat -P POSTROUTING ACCEPT
/sbin/iptables -t nat -P OUTPUT ACCEPT
# 2. 載入模組
modprobe ip_nat_ftp 2> /dev/null
modprobe ip_nat_irc 2> /dev/null
modprobe ip_conntrack 2> /dev/null
modprobe ip_conntrack_ftp 2> /dev/null
modprobe ip_conntrack_irc 2> /dev/null
# 3. 啟動 IP 偽裝:
/sbin/iptables -t nat -A POSTROUTING -o $EXIF -s $EXNET -j MASQUERADE
我的上定如上,執行後設定windows的tcp/ip
ip 192.168.1.15
netmask 255.255.255.0
gateway 192.168.1.5
dns 168.95.1.1
沒有設定proxy,我也沒有proxy server
請問我的scripts是否是因為錯誤才無法啟動nat功能呢
如果是設定錯誤那要怎麼設定呢,目前是用mandrake 9.1
之前有用兩張網卡就可以用(redhat 9),但是我把他減為一張網卡就變不行了
請問這樣要如何解決呢
贊助商連結
這塊網路卡eth0用實體ip,我另外又在多加一個虛擬介面eth0:0
用的是內部ip 192.168.1.5
script 是參考鳥哥網站的設定,設定內容如下
#!/bin/bash
EXIF='eth0'
EXNET='192.168.1.0/24'
# 底下如無需要,請不要變動了!
# 0.1 Testing your Kernel version ..
echo -n "Check your kernel version... "
kver=`uname -r | cut -c 1-3`
if [ "$kver" == "2.4" ] || [ "$kver" == "2.5" ]; then
echo "[OK]"
echo "Your Linux Kernel Version is no problem!"
else
echo "[Failure]"
echo "Your Linux Kernel Version may not be suported by this script!"
echo "This scripts will not be runing"
exit
fi
# 0.2 Tell you what is this
echo " "
echo "Note:"
echo " This script will clear your iptables' rules"
echo " Please make sure that you want to do this script!"
echo " Ha Ha! No problem ! If you just want to be an NAT server !"
echo " "
# 0.3 remove ipchains modules
ipchains=`lsmod | grep ipchains`
if [ "$ipchains" != "" ]; then
rmmod ipchains 2> /dev/null
modprobe ip_tables 2> /dev/null
fi
# 1. 宣告變數、啟動 Routing 與清除規則:
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
export PATH
echo "1" > /proc/sys/net/ipv4/ip_forward
modprobe ip_tables 2> /dev/null
/sbin/iptables -F
/sbin/iptables -X
/sbin/iptables -Z
/sbin/iptables -F -t nat
/sbin/iptables -X -t nat
/sbin/iptables -Z -t nat
/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -P OUTPUT ACCEPT
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables -t nat -P PREROUTING ACCEPT
/sbin/iptables -t nat -P POSTROUTING ACCEPT
/sbin/iptables -t nat -P OUTPUT ACCEPT
# 2. 載入模組
modprobe ip_nat_ftp 2> /dev/null
modprobe ip_nat_irc 2> /dev/null
modprobe ip_conntrack 2> /dev/null
modprobe ip_conntrack_ftp 2> /dev/null
modprobe ip_conntrack_irc 2> /dev/null
# 3. 啟動 IP 偽裝:
/sbin/iptables -t nat -A POSTROUTING -o $EXIF -s $EXNET -j MASQUERADE
我的上定如上,執行後設定windows的tcp/ip
ip 192.168.1.15
netmask 255.255.255.0
gateway 192.168.1.5
dns 168.95.1.1
沒有設定proxy,我也沒有proxy server
請問我的scripts是否是因為錯誤才無法啟動nat功能呢
如果是設定錯誤那要怎麼設定呢,目前是用mandrake 9.1
之前有用兩張網卡就可以用(redhat 9),但是我把他減為一張網卡就變不行了
請問這樣要如何解決呢
贊助商連結