Linux下NAT配置详解

必须安装iptables,否则无法配置nat。

# iptables -v,查看iptables版本。

2,开始配置

配置NAT采用双网卡(也可用单网卡,但不推荐),

一定将网卡ip配置成固定ip，别动态获取ip

外网IP:135.252.139.28

内网IP是:192.168.1.1

下面看一下我的网卡IP配置情况

#vi /etc/../network-scripts/ifcfg-eth1
DEVICE=eth1
BOOTPROTO=static
BROADCAST=135.252.139.255
IPADDR=135.252.139.1
NETMASK=255.255.255.0
NETWORK=135.252.139.0
ONBOOT=yes
TYPE=Ethernet

# vi /etc/./network-scripts/ifcfg-eth0
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.1.1
NETMASK=255.255.255.0
 

看看dns情况，这个一般不需要改，内网采用外网的dns就可以了

# vi /etc/resolv.conf
nameserver 135.252.142.166 // 外网DNS地址

nameserver 135.252.44.59 //// 外网备用DNS地址

修改网关

# vi /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=tpwb
GATEWAY=135.252.139.1    你的网关(135.252.139.28的网关)，这个如果在ifcong—eth1写了则不用

查看路由情况

# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
135.252.139.0   *               255.255.255.0   U     0      0        0 eth1
192.168.1.0     *               255.255.255.0   U     0      0        0 eth0
169.254.0.0     *               255.255.0.0     U     0      0        0 eth1
default       135.252.139.1    0.0.0.0      UG    0      0       0 eth1

保证default是 135.252.139.1

最后将网卡重启

#service named restart
停止 named：
启动 named：                                               [ 确定 ]

好到现在前期准备工作差不多了!

我的是固定IP地址,所以输入

[root@tpwb ~]#iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth1 -j SNAT --to 135.252.139.28

如果你是拨号上网，iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o ppp0 -j MASQUERADE
打开ip转发功能.

1,要把IPTABLES的配置保存.

#etc/rc.d/init.d/iptables save

2,查看# vi /etc/rc.d/rc.local
#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.

touch /var/lock/subsys/local
echo 1 > /proc/sys/net/ipv4/ip_forward      看这一行,是添加的!

~
~

保存,退出.

3, # ntsysv
ntsysv 1.3.13.3 - (C) 2000-2001 Red Hat, Inc.                                  
                                                                               
                       lqqqqqqqqqqqqu 服务 tqqqqqqqqqqqqk                      
                       x                                x                      
                       x 您想自动启动哪些服务？         x                      
                       x                                x                      
                       x   [ ] FreeWnn             #    x                      
                       x   [ ] NetworkManager      a    x                      
                       x   [*] acpid               a    x                      
                       x   [ ] amanda              a    x                      
                       x   [ ] amandaidx           a    x                      
                       x   [ ] amd                 a    x                      
                       x   [ ] amidxtape           a    x                      
                       x   [*] anacron             a    x                      
                       x                                x                      
                       x    lqqqqqqk       lqqqqqqk     x                      
                       x    x 确定 x       x 取消 x     x                      
                       x    mqqqqqqj       mqqqqqqj     x                      
                       x                                x                      
                       x                                x                      
                       mqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqj                      
                                                                               
                                                                               
按 <F1> 可获取关于某项服务的详情。       

在named,iptables的[]里点空格见出现*号后,确定,表示开机自动加载!

重起
[root@tpwb rc.d]# reboot