配置centos6.0为Router

1.ETH0--LAN

[root@server ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=00:XX:XX:00:97:XX
ONBOOT=yes
TYPE=Ethernet
BOOTPROTO=none
IPADDR=192.168.0.254
NETMASK=255.255.255.0

 

2.EHT1--WAN

[root@server ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
HWADDR=00:XX:XX:00:97:XX
ONBOOT=yes
BOOTPROTO=none
TYPE=Ethernet
IPADDR=58.240.XX.IP
NETMASK=255.255.255.240
GATEWAY=58.240.XX.GW

 

3.sysctl

[root@server ~]# cat /etc/sysctl.conf
# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled.  See sysctl(8) and
# sysctl.conf(5) for more details.

# Controls IP packet forwarding
net.ipv4.ip_forward = 1

... ...

[root@server ~]# sysctl -p
net.ipv4.ip_forward = 1

 

4.SNAT

[root@server ~]# iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth1 -j SNAT --to 58.240.XX.IP
or

[root@server ~]# iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE

保存SNAT配置:

[root@server ~]# /etc/init.d/iptables save

[root@server ~]# cat /etc/sysconfig/iptables
# Generated by iptables-save v1.4.7 on Fri Mar 30 14:10:34 2012
*filter
:INPUT ACCEPT [19774:1796237]
:FORWARD ACCEPT [2088:205908]
:OUTPUT ACCEPT [4335:25558058]
COMMIT
# Completed on Fri Mar 30 14:10:34 2012
# Generated by iptables-save v1.4.7 on Fri Mar 30 14:10:34 2012
*nat
:PREROUTING ACCEPT [152787:30285172]
:POSTROUTING ACCEPT [4:236]
:OUTPUT ACCEPT [9:586]

#-A POSTROUTING -s 192.168.0.0/24 -o eth1 -j SNAT --to 58.240.XX.IP
-A POSTROUTING -o eth1 -j MASQUERADE

COMMIT
# Completed on Fri Mar 30 14:10:34 2012

打完,收工。

posted @ 2012-03-30 14:14  xiahaitao  阅读(334)  评论(1编辑  收藏  举报