由 home 在 11-12-2003 20:54 发表:

我在Redhat 9.0用vmware装了FreeBSD,请问怎么两个系统同时上网？

不一定要详细的，给点指示我吧，我一点头绪都没有！！！

先谢了！~~~~

open your eyes

Come from www.xlzx.com

我在chinaunix.

由 NetSnake 在 11-13-2003 09:43 发表:

在配置vmware虚拟机时使用网桥模式，bridged network，并给bsd分配一个和主机类似的IP，例如主机是10.0.0.5，可以给bsd分配10.0.0.6，其他配置和主机一样。总而言之，就象局域网中的另一台机器。如果这两个IP都被允许上网，那这两个系统也都可以上。

学习 ...

由 home 在 11-13-2003 14:49 发表:

> quote: > > * * * > > 最初由 NetSnake 发表
>
> 在配置vmware虚拟机时使用网桥模式，bridged network，并给bsd分配一个和主机类似的IP，例如主机是10.0.0.5，可以给bsd分配10.0.0.6，其他配置和主机一样。总而言之，就象局域网中的另一台机器。如果这两个IP都被允许上网，那这两个系统也都可以上。 > > * * *

谢谢，但我是用动态的ip，是用电信的ADSL上网。而且ISP不允许重复拔号。

能不能把主机做能路由器？真的一点都不懂的说

open your eyes

Come from www.xlzx.com

我在chinaunix.

由 home 在 11-16-2003 13:52 发表:

只能用一个IP，那做端口映射行吗？没弄过，一点都不懂。

open your eyes

Come from www.xlzx.com

我在chinaunix.

由 Snoopy 在 11-16-2003 13:59 发表:

#!/bin/bash

Script name: ipt_masq

A simple script for masquerading, used in Linux (kernel 2.4.x).

Copyleft 2002 by netman ([email protected]).

Redistribution of this file is permitted under the terms of

the GNU General Public License (GPL).

Date: 2002/02/04

Version: 1.2

PATH=/sbin:/usr/sbin:/bin:/usr/bin

RC_SQUID=/etc/rc.d/init.d/squid

EXT_IF=ppp0

INT_IF=eth0

ALLOWED_ICMP="0 3 3/4 4 11 12 14 16 18"

DENIED_ICMP="8"

------------- ensure iptables ----------

which iptables &>/dev/null || {

echo

echo "$(basename $0): iptables program is not found."

echo " Please install the program first."

echo

exit 1

}

------------- disable ipchains ----------

lsmod | grep ipchains &>/dev/null && {

echo "Disabling ipchains..."

rmmod ipchains &>/dev/null

}

------------- modules -----------

echo "Loading modules..."

modprobe ip_tables &>/dev/null || {

echo -n "$(basename $0): loading ip_tables module failure."

echo " Please Fix it!"

exit 3

}

for file in /lib/modules/uname -r/kernel/net/ipv4/netfilter/ip_conntrack_*.o

do

module=$(basename $file)

modprobe ${module%.*} &>/dev/null

done

for file in /lib/modules/uname -r/kernel/net/ipv4/netfilter/ip_nat_*.o

do

module=$(basename $file)

modprobe ${module%.*} &>/dev/null

done

------------- ipforwarding -----------

echo "Turning on IP forwarding..."

echo "1" > /proc/sys/net/ipv4/ip_forward

------------- anti spoofing -----------

echo "Turning on anti-spoofing..."

for file in /proc/sys/net/ipv4/conf/*/rp_filter; do

echo "1" > $file

done

------------- flushing ----------

echo "Cleaning up..."

iptables -F -t filter

iptables -X -t filter

iptables -Z -t filter

iptables -F -t nat

iptables -X -t nat

iptables -Z -t nat

------------- policies -------------

echo "Setting up policies to ACCEPT..."

iptables -P INPUT ACCEPT

iptables -P OUTPUT ACCEPT

iptables -P FORWARD ACCEPT

iptables -t nat -P PREROUTING ACCEPT

iptables -t nat -P POSTROUTING ACCEPT

iptables -t nat -P OUTPUT ACCEPT

------------- ICMP -------------

echo "Creating icmpfilter chain..."

iptables -N icmpfilter

for TYPE in $DENIED_ICMP; do

iptables -A icmpfilter -i $EXT_IF -p icmp \

--icmp-type $TYPE -j DROP

done

for TYPE in $ALLOWED_ICMP; do

iptables -A icmpfilter -i $EXT_IF -p icmp \

--icmp-type $TYPE -j ACCEPT

done

------------- block -------------

echo "Creating block chain..."

iptables -N block

iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT

iptables -A block -m state --state NEW,INVALID -i $EXT_IF -j DROP

iptables -A block -m state --state NEW -i ! $EXT_IF -j ACCEPT

iptables -A block -j DROP

------------- filter -------------

echo "Filtering packets..."

iptables -A INPUT -j icmpfilter

iptables -A INPUT -j block

iptables -A FORWARD -j icmpfilter

iptables -A FORWARD -j block

------------- masq -------------

echo "Masquerading internel network..."

iptables -t nat -A POSTROUTING -o $EXT_IF -j MASQUERADE

------------- tproxy -------------

$RC_SQUID status | grep pid &>/dev/null && {

echo "Enabling transparent proxy..."

INT_IP=$(ifconfig | grep "$INT_IF " -A 1 \

| awk '/inet/ {print $2}' | sed -e s/addr://)

if [ -z "$INT_IP" ]; then

echo

echo "$(basename $0): there is no IP found on $INT_IF."

echo " Please make sure $INT_IF is setup properly."

echo

exit 3

fi

iptables -t nat -A PREROUTING -d $INT_IP -i $INT_IF \

-p tcp -m tcp --dport 80 -j ACCEPT

iptables -t nat -A PREROUTING -i $INT_IF -p tcp -m tcp \

--dport 80 -j REDIRECT --to-por