分类: LINUX
2006-05-13 23:38:04
| #!/bin/bash IPTABLES=/sbin/iptables IFCONFIG=/sbin/ifconfig MODPROBE=/sbin/modprobe if [ $# -lt 1 ]; then echo Usage $0 GatewayIP exit fi GATEWAYIP=$1 echo -n Setup network card ... public_ip=`ifconfig eth0 | sed -n 's/\([ \t]*\)inet addr:\([^ \t]*\)\(.*\)/\2/p'` $IFCONFIG eth0:1 $GATEWAYIP netmask 255.255.255.0 [ $? -eq 0 ] || exit echo OK echo Load necessary modules MODULEPATH=/lib/modules/`uname -r`/kernel/net/ipv4/netfilter KERNELMAJOR=`uname -r` KERNELMAJOR=${KERNELMAJOR%%-*} left=${KERNELMAJOR#*.} left=${left#*.} left=".$left" KERNELMAJOR=${KERNELMAJOR%$left} if [ -d $MODULEPATH ]; then for i in $MODULEPATH/ip_nat_*; do if [ "X$KERNELMAJOR" = "X2.6" ]; then i=${i%.ko} else i=${i%.o} fi i=${i##*/} echo -n Load module $i ... $MODPROBE $i [ $? -eq 0 ] || exit echo OK done fi echo -n Allow forwarding ... echo 1 > /proc/sys/net/ipv4/ip_forward [ $? -eq 0 ] || exit echo OK echo -n Set default rules ... $IPTABLES -P FORWARD DROP && $IPTABLES -F FORWARD && $IPTABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT && $IPTABLES -t nat -F POSTROUTING [ $? -eq 0 ] || exit echo OK while read ip ; do echo -n Allow $ip ... $IPTABLES -A FORWARD -s $ip/32 -j ACCEPT && $IPTABLES -t nat -A POSTROUTING -s $ip/32 -j SNAT --to-source $public_ip [ $? -eq 0 ] || exit echo OK done < /etc/iplist.conf |
| 192.168.0.2 192.168.0.3 192.168.0.4 192.168.0.5 192.168.0.6 |
| gateway.sh 192.168.0.1 |
