每一个“丑得人神共愤”的泡妞高 手都有一颗坚忍的心,这证明了人类 在绝境中毫不妥协的求生精神,反正丑都丑了,索性放开手脚大干一场,这就叫“无产阶级失去的是锁链,得到的是全世界”
2013年(130)
分类: LINUX
2013-05-19 14:25:26
Router:
该文章对如何设置进行了详细的说明,主要步骤包括:
需要注意的是,若要做无线路由器,文中使用的WEP加密方式,这是很不安全的,下面我们介绍下如何做WPA加密方式的无线路由器
- 设置内/外网络接口
- 启用IP转发和伪装
第一步以我的配置为例(eth1外网(wifi),eth0内网):
- #路由器(有线)
iface eth0 inet static
address 192.168.0.1
network 192.168.0.0
netmask 255.255.255.0
broadcast 192.168.0.255第二步的脚本粘帖如下(旨在告诉大家是怎么设置的,根据不同的环境需做相应的修改才可使用):
- echo -e "nnLoading simple rc.firewall-iptables version $FWVER..n"
- DEPMOD=/sbin/depmod
- MODPROBE=/sbin/modprobe
- EXTIF="eth0"
- INTIF="eth1"
- #INTIF2="eth0"
- echo " External Interface: $EXTIF"
- echo " Internal Interface: $INTIF"
- #======================================================================
- #== No editing beyond this line is required for initial MASQ testing ==
- echo -en " loading modules: "
- echo " - Verifying that all kernel modules are ok"
- $DEPMOD -a
- echo "----------------------------------------------------------------------"
- echo -en "ip_tables, "
- $MODPROBE ip_tables
- echo -en "nf_conntrack, "
- $MODPROBE nf_conntrack
- echo -en "nf_conntrack_ftp, "
- $MODPROBE nf_conntrack_ftp
- echo -en "nf_conntrack_irc, "
- $MODPROBE nf_conntrack_irc
- echo -en "iptable_nat, "
- $MODPROBE iptable_nat
- echo -en "nf_nat_ftp, "
- $MODPROBE nf_nat_ftp
- echo "----------------------------------------------------------------------"
- echo -e " Done loading modules.n"
- echo " Enabling forwarding.."
- echo "1" > /proc/sys/net/ipv4/ip_forward
- echo " Enabling DynamicAddr.."
- echo "1" > /proc/sys/net/ipv4/ip_dynaddr
- echo " Clearing any existing rules and setting default policy.."
- iptables-restore <<-EOF
- *nat
- -A POSTROUTING -o "$EXTIF" -j MASQUERADE
- COMMIT
- *filter
- :INPUT ACCEPT [0:0]
- :FORWARD DROP [0:0]
- :OUTPUT ACCEPT [0:0]
- -A FORWARD -i "$EXTIF" -o "$INTIF" -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
- -A FORWARD -i "$INTIF" -o "$EXTIF" -j ACCEPT
- -A FORWARD -j LOG
- COMMIT
- EOF
- echo -e "nrc.firewall-iptables v$FWVER done.n"
