由 home 在 11-12-2003 20:54 发表:
我在Redhat 9.0用vmware装了FreeBSD,请问怎么两个系统同时上网?
不一定要详细的,给点指示我吧,我一点头绪都没有!!!
先谢了!~~~~
open your eyes
Come from www.xlzx.com
我在chinaunix.
由 NetSnake 在 11-13-2003 09:43 发表:
在配置vmware虚拟机时使用网桥模式,bridged network,并给bsd分配一个和主机类似的IP,例如主机是10.0.0.5,可以给bsd分配10.0.0.6,其他配置和主机一样。总而言之,就象局域网中的另一台机器。如果这两个IP都被允许上网,那这两个系统也都可以上。
学习 ...
由 home 在 11-13-2003 14:49 发表:
> quote:
>
> * * *
>
> 最初由 NetSnake 发表
>
> 在配置vmware虚拟机时使用网桥模式,bridged network,并给bsd分配一个和主机类似的IP,例如主机是10.0.0.5,可以给bsd分配10.0.0.6,其他配置和主机一样。总而言之,就象局域网中的另一台机器。如果这两个IP都被允许上网,那这两个系统也都可以上。
>
> * * *
谢谢,但我是用动态的ip,是用电信的ADSL上网。而且ISP不允许重复拔号。
能不能把主机做能路由器?真的一点都不懂的说
open your eyes
Come from www.xlzx.com
我在chinaunix.
由 home 在 11-16-2003 13:52 发表:
只能用一个IP,那做端口映射行吗?没弄过,一点都不懂。
open your eyes
Come from www.xlzx.com
我在chinaunix.
由 Snoopy 在 11-16-2003 13:59 发表:
#!/bin/bash
Script name: ipt_masq
A simple script for masquerading, used in Linux (kernel 2.4.x).
Copyleft 2002 by netman ([email protected]).
Redistribution of this file is permitted under the terms of
the GNU General Public License (GPL).
Date: 2002/02/04
Version: 1.2
PATH=/sbin:/usr/sbin:/bin:/usr/bin
RC_SQUID=/etc/rc.d/init.d/squid
EXT_IF=ppp0
INT_IF=eth0
ALLOWED_ICMP="0 3 3/4 4 11 12 14 16 18"
DENIED_ICMP="8"
------------- ensure iptables ----------
which iptables &>/dev/null || {
echo
echo "$(basename $0): iptables program is not found."
echo " Please install the program first."
echo
exit 1
}
------------- disable ipchains ----------
lsmod | grep ipchains &>/dev/null && {
echo "Disabling ipchains..."
rmmod ipchains &>/dev/null
}
------------- modules -----------
echo "Loading modules..."
modprobe ip_tables &>/dev/null || {
echo -n "$(basename $0): loading ip_tables module failure."
echo " Please Fix it!"
exit 3
}
for file in /lib/modules/uname -r
/kernel/net/ipv4/netfilter/ip_conntrack_*.o
do
module=$(basename $file)
modprobe ${module%.*} &>/dev/null
done
for file in /lib/modules/uname -r
/kernel/net/ipv4/netfilter/ip_nat_*.o
do
module=$(basename $file)
modprobe ${module%.*} &>/dev/null
done
------------- ipforwarding -----------
echo "Turning on IP forwarding..."
echo "1" > /proc/sys/net/ipv4/ip_forward
------------- anti spoofing -----------
echo "Turning on anti-spoofing..."
for file in /proc/sys/net/ipv4/conf/*/rp_filter; do
echo "1" > $file
done
------------- flushing ----------
echo "Cleaning up..."
iptables -F -t filter
iptables -X -t filter
iptables -Z -t filter
iptables -F -t nat
iptables -X -t nat
iptables -Z -t nat
------------- policies -------------
echo "Setting up policies to ACCEPT..."
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -t nat -P PREROUTING ACCEPT
iptables -t nat -P POSTROUTING ACCEPT
iptables -t nat -P OUTPUT ACCEPT
------------- ICMP -------------
echo "Creating icmpfilter chain..."
iptables -N icmpfilter
for TYPE in $DENIED_ICMP; do
iptables -A icmpfilter -i $EXT_IF -p icmp \
--icmp-type $TYPE -j DROP
done
for TYPE in $ALLOWED_ICMP; do
iptables -A icmpfilter -i $EXT_IF -p icmp \
--icmp-type $TYPE -j ACCEPT
done
------------- block -------------
echo "Creating block chain..."
iptables -N block
iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A block -m state --state NEW,INVALID -i $EXT_IF -j DROP
iptables -A block -m state --state NEW -i ! $EXT_IF -j ACCEPT
iptables -A block -j DROP
------------- filter -------------
echo "Filtering packets..."
iptables -A INPUT -j icmpfilter
iptables -A INPUT -j block
iptables -A FORWARD -j icmpfilter
iptables -A FORWARD -j block
------------- masq -------------
echo "Masquerading internel network..."
iptables -t nat -A POSTROUTING -o $EXT_IF -j MASQUERADE
------------- tproxy -------------
$RC_SQUID status | grep pid &>/dev/null && {
echo "Enabling transparent proxy..."
INT_IP=$(ifconfig | grep "$INT_IF " -A 1 \
| awk '/inet/ {print $2}' | sed -e s/addr://)
if [ -z "$INT_IP" ]; then
echo
echo "$(basename $0): there is no IP found on $INT_IF."
echo " Please make sure $INT_IF is setup properly."
echo
exit 3
fi
iptables -t nat -A PREROUTING -d $INT_IP -i $INT_IF \
-p tcp -m tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -i $INT_IF -p tcp -m tcp \
--dport 80 -j REDIRECT --to-por