SME server configuration solution (IP camouflage)
2001-06-05 12:34
Publisher: NetBull Readings: 118 Tang Haizhen (Submission) Section IP Camouflage & 4.1 Introduction Using the Internet's proxy server technology can solve the current IP address of the Internet, network resource dispute, and network security. The proxy server is a mechanism to take a proxy, that is, the internal client must communicate with the external server side, while any of the mains can only access the proxy server. This article focuses on problems such as the use of Linux proxy servers to resolve IP addresses, network resource dispute, and network security. With the rapid development of Internet technology, more and more computers are connected to the Internet. There have been more than 160 countries and regions, and the Internet has more than 50 million units. It promotes the development of the information industry and will change people's lives, study and work. For many people, the Internet has become an indispensable tool. As the development of the Internet has also produced problems such as IP address depletion, network resource dispute and network security. The proxy server is an effective network security product that is generated to solve these problems. (LinuxByte Download IPchains & 4.2 Required Resources & 4.2.1 Requirements IPChains-1.3.9-5.rpm & 4.2.2 Required Profile / Root / Ipchains Once Write & 4.3 Configuration Scheme 1./sbin/rules Description: source file: # Here's what you need to increase the forwarding control module / sbin / modprobe ip_masq_ftp / sbin / modprobe ip_masq_quake / sbin / modprobe ip_masq_irc / sbin / modprobe ip_masq_user / sbin / modprobe ip_masq_raudio / sbin / ipchains -P forward DENY # default status Reject all IP forwardings. Echo 1> / proc / sys / net / ipv4 / ip_forward # Open IP Forward Ipchains -i Forward-S 192.168.0.0/24 -D 0/0 -j Masq # will be derived from 192.168.0.0 network segment & 4.4 test And Administration Measures & 4.4.1 Test Method 1. Find a client in a local area network, set IP to 192.168.0.0 network segment, ping, can see it, you can see it. & 4.5 Other References 1. Huang Zhiwei, IP Masquerade HOWTO Chinese version please visit: http://www.linux.org.tw/cldp/gb/ip-masquerade-howto.html & 4.6 Related Tips 1. If the control module is not Existence, maybe not in the path, you can perform DEPMOD -A & 4.7 Summary Use ipchains as enterprise online IP camouflage very practical, and its configuration is very simple, and powerful, management is also very simple. Of course, it is inadequate in security and needs to be improved.