4 months ago, ask the above functions in Linux, first search for a lot of information on the Internet, but it is not suitable for my online current situation, we are fiber, after their own exploration and experiment, finally achieved the above functions However, the virtual host under Apache has not yet been done, and the DNS is still unstable. I didn't get it for a week, because there were other things, I didn't get it again. Let's talk about how I implemented. (The following is in the following article, there are some articles that reference the online article, but I forgot who the author is, herein. If anyone wants to quote, please specify the original author, thank you!
1. Gateway's implementation is very easy to implement Gateway in Windows2000 Server, but implementing Gateway to be complex in Linux, where the dual network card settings and firewall settings are involved.
Software: Redhat Linux 7.3, personal feeling of this version is better. Hardware: One server, the configuration is generally, the PIII1G is above the CPU, 40G or more hard disk (actually 2G, as long as it is impossible to consider only 2G hard drive, there is also a way to provide FTP and HTTP services, need to give each Users have a certain hard disk space, 512M memory, dual network card, of course, there is also a CD-ROM and a monitor, some online article introduces no displays, but according to my practical experience, you still need a monitor, some debug commands It is not possible to run remote. Of course, an external IP can be fixed, or a dynamic IP (ADSL dial). Here I mainly introduce the configuration method of fixed IP, the dynamic IP configuration method is similar. The specific implementation is described below. First, the software is installed is relatively simple, but you should pay attention to the following: VAR partitions, because all Internet users' files, and HTTP release websites are in this partition. It is best to set a TEMP partition, as Administrator's temporary file usage. When selecting a file wrap group, you must select two groups of KDE, Squid. Publish a website in the LAN, then choose http. If you don't know how to choose, then choose Server (Server ) Also, anyway, there is no big effect. Also, when the configuration of the NIC is configured, the network card is configured, and the NIC is two, Eth1, select Active Boot (activated during startup), do not choose DHCP, Eth0 Set the external network IP, Eth1 Sets the intranet IP.
For example: Eth0: IP 220.171.98.5, Netmark 255.255.255.0, Gateway 220.171.98.1, DNS 61.128.99.134; Eth1: IP 192.168.0.1, Netmark 255.255.255.0, other no need to set up. Host Name is Linux.home.cn, Domain Name is Home.cn.
After the system is installed, restart, enter the system, ping a host name on the Internet, such as www.sina.com.cn or its IP address. If you are connected, you can get online in the Linux environment. Most cases can be ping. Here are the shared access to the LAN. First add a static route to do a routing gateway for the computer in the LAN: Find and modify the / etc / sysconfig / static-routes file, write "Eth1 Net 192.168.0.0 Netmask 255.255.255.255 GW 192.168.0.1". At the same time, don't forget to configure the forwarding of the IP report: find and modify the /etc/sysctl.conf file, there is a "net.ipv4.ip_forward = 0" and change 0 to 1. If you don't worry, you can also enter: "Echo 1> / Proc / Sys / Net / IPv4 / IP_Forward". After restarting the network process, use the route command to use a static route in the routing table: Next, set the IP camouflage, which allows the private address in the LAN to transparently access the Internet in a NAT mode. In the RedHat7.3 version has built a more excellent iptables process than the original version of IPChains, use it as an engine translated as an address translation. Enter: [root @ Linux /] # iptables -t nat -a postrouting -o eth0 -j masquerade // Sets a rule of IP packet filtering.
Everything is ready, restart the network card:
[root @ Linux /] # /etc/rc.d/init.d/network restart
From a computer ping www.sina.com.cn in a shared LAN, all shared access settings have no problem, and the computer in the LAN can enjoy the surfing of the Internet. If ping is not available, you should carefully check whether the above configuration steps and IP settings are improper or omissions. Finally, in order to let Linux automatically start these configurations, you can do the following: In /etc/rc.d/ directory, create a firewall file, content is: echo "starting iptables rules ..." iptables -t NAT -A PostRouting -o eth0 -j masquerade echo 1> / proc / sys / net / ipv4 / ip_forward The last statement is determined. If the /etc/sysctl.conf is already set, there is no relationship. At the same time, modify the permissions of this file to the executive mode:
[root @ linux rc.d] # chmod 755 firewall
Modify the /etc/rc.d/rc.local file, add: "/ etc / rc.d / firewall". Restart the Linux server, if everything is normal, the server can be automatically connected to the Internet and set IP camouflage. In this way, the Linux server has bornes the original services of the LAN while doing the engine for local area network sharing access.
Today, I will write this here, I will say the implementation of HTTP.
