ÔÚLinux(Fedora 7)ÏÂʵÏÖ¹²ÏíÉÏÍø

×÷ÕߣºÀîÏȾ²

ÎÒµÄ×ÀÃæ»úÓÐÁ½¸öÍø¿¨£¬Ò»¸öÁ¬½ÓÌìÍþµÄMODEN£¬Ò»¸öÁ¬½Ó±Ê¼Ç±¾µçÄÔ¡£±Ê¼Ç±¾µçÄÔºÍ×ÀÃæ»úÖ®¼ä¹²ÏíÊý¾ÝûÓÐÎÊÌ⣬µ«±Ê¼Ç±¾µçÄÔÓÐʱҲҪ·ÃÎÊÍâÍø£¬Ôõô°ìÄØ£¿ÒÔÇ°ÔÚ×ÀÃæ»úÉÏ°²×°µÄWindows£¬Òª¹²ÏíÉÏÍø·Ç³£¼òµ¥£¬°ÑÍøÂçÁ¬½ÓÉèÖÃΪ¹²Ïí¾ÍÐÐÁË¡£ÏÖÔÚ°²×°ÁËFedora 7£¬°´³£¹æÀ´¿´£¬ÊµÏÖ¹²ÏíÉÏÍø¸ü¼òµ¥²Å¶Ô£¬Ö»Òª´ò¿ªTCPת·¢(forward)¿ª¹Ø¼´¿É¡£

ÔÚÅäÖÃÎļþÖÐ/etc/sysctl.confÔö¼Ónet.ipv4.ip_forward = 1£¬ÖØÆðÖ®ºó£¬/proc/sys/net/ipv4/ip_forwardµÄÄÚÈݱäΪ1ÁË£¬µ«»¹ÊÇÎÞ·¨ÊµÏÖ¹²ÏíÉÏÍø¡£

ºóÀ´ÕÒµ½Ò»¸ö½Å±¾£¬ÔËÐÐһϾͿÉÒÔÁË£¬·Ç³£ºÃÓã¬ÕªÂ¼µ½ÕâÀï×ö±¸Íü¡£

#!/bin/sh
INTIF="eth0"
EXTIF="eth1"
EXTIP="`/sbin/ifconfig eth1 | grep 'inet addr' | awk '{print $2}' | sed -e 's/.*://'`"

/sbin/depmod -a
/sbin/modprobe ip_tables
/sbin/modprobe ip_conntrack
/sbin/modprobe ip_conntrack_ftp
/sbin/modprobe ip_conntrack_irc
/sbin/modprobe iptable_nat
/sbin/modprobe ip_nat_ftp

echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
iptables -P INPUT ACCEPT
iptables -F INPUT
iptables -P OUTPUT ACCEPT
iptables -F OUTPUT
iptables -P FORWARD DROP
iptables -F FORWARD
iptables -t nat -F
iptables -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT
iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE

~~end~~