Сервер Red Hat Linux 7.1
Настройка маршрутизатора pups.it.ru
Конфигурационный файл /etc/host.conf
[root@pups /root]# less /etc/host.conf order hosts,bind
Конфигурационный файл /etc/sysctl.conf
[root@pups /root]# less /etc/sysctl.conf # Disables packet forwarding # net.ipv4.ip_forward = 0 net.ipv4.ip_forward = 1 # Enables source route verification net.ipv4.conf.all.rp_filter = 1 # Disables the magic-sysrq key kernel.sysrq = 0
Конфигурационный файл /etc/sysconfig/network-scripts/ifcfg-eth0
[root@pups /root]# less /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0 BOOTPROTO=static BROADCAST=172.18.157.255 IPADDR=172.18.157.2 NETMASK=255.255.255.0 NETWORK=172.18.157.0 ONBOOT=yes IPXACTIVE_802_3=yes IPXPRIMARY_802_3=yes IPXNETNUM_802_3=15705
Конфигурационный файл /etc/sysconfig/network-scripts/ifcfg-ppp0
[root@pups /root]# less /etc/sysconfig/network-scripts/ifcfg-ppp0 DEVICE=ppp0 MODEMPORT=/dev/ttyS18 LINESPEED=38400 HARDFLOWCTL=yes DEFROUTE=no # MRU=296 # MTU=296 MRU=576 MTU=576 PPPOPTIONS="passive persist lcp-restart 60" REMIP=172.18.161.2 IPADDR=172.18.161.1 NETMASK=255.255.255.0 # NETWORK=172.18.160.0 # BROADCAST=172.18.160.255 ONBOOT=yes BOOTPROTO=none
Конфигурационный файл /etc/sysconfig/network-scripts/ifup-ppp
[root@pups /root]# less /etc/sysconfig/network-scripts/ifup-ppp #!/bin/bash PATH=/sbin:/usr/sbin:/bin:/usr/bin cd /etc/sysconfig/network-scripts . network-functions . /etc/rc.d/init.d/functions # ifup-post for PPP is handled through /etc/ppp/ip-up if [ "${1}" = daemon ] ; then # we've been called from ppp-watch, so don't invoke it for persistence shift else # just in case a full path to the configuration file is passed in CONFIG=$(basename $1) [ -f "${CONFIG}" ] || CONFIG=ifcfg-${1} source_config # exec /sbin/ppp-watch "${DEVICE}" "$@" /sbin/ppp-watch "${DEVICE}" "$@" & exit fi CONFIG=$1 [ -f "${CONFIG}" ] || CONFIG=ifcfg-${1} source_config if [ -z "${DISCONNECTTIMEOUT}" ]; then DISCONNECTTIMEOUT=2 fi if [ -z "${RETRYTIMEOUT}" ]; then RETRYTIMEOUT=30 fi if [ -z "${IDLETIMEOUT}" ]; then IDLETIMEOUT=600 fi if [ "${2}" = "boot" -a "${ONBOOT}" = "no" ]; then exit fi [ -x /usr/sbin/pppd ] || { echo $"/usr/sbin/pppd does not exist or is not executable" echo $"ifup-ppp for ${DEVICE} exiting" logger -p daemon.info -t ifup-ppp \ $"/usr/sbin/pppd does not exist or is not executable for ${DEVICE}" exit 1 } PEERCONF=/etc/ppp/peers/${DEVNAME} if [ ! -f ${PEERCONF} ]; then if [ -z "${WVDIALSECT}" ] ; then CHATSCRIPT=/etc/sysconfig/network-scripts/chat-${DEVNAME} [ -f ${CHATSCRIPT} ] || { CHATSCRIPT=/etc/sysconfig/network-scripts/chat-${PARENTDEVNAME} } [ -f ${CHATSCRIPT} ] || { echo $"/etc/sysconfig/network-scripts/chat-${DEVNAME} does not exist" echo $"ifup-ppp for ${DEVNAME} exiting" logger -p daemon.info -t ifup-ppp \ $"/etc/sysconfig/network-scripts/chat-${DEVNAME} does not exist for ${DEVICE}" exit 1 } fi logger -s -p daemon.notice -t ifup-ppp \ $"Setting up a new ${PEERCONF} config file" if [ -f /etc/ppp/peers/${DEVICE} ]; then cp -f /etc/ppp/peers/${DEVICE} ${PEERCONF} else touch ${PEERCONF} fi if [ "${WVDIALSECT}" ]; then echo "connect \"/usr/bin/wvdial --remotename ${DEVNAME} --chat ${WVDIALSECT}\"" >> ${PEERCONF} else echo "connect \"/usr/sbin/chat $chatdbg -f ${CHATSCRIPT}\"" >> ${PEERCONF} fi fi opts="lock" if [ "${HARDFLOWCTL}" != no ] ; then opts="$opts modem crtscts" fi if [ "${ESCAPECHARS}" != yes ] ; then opts="$opts asyncmap 00000000" fi if [ "${DEFROUTE}" != no ] ; then # pppd will no longer delete an existing default route # so we have to help it out a little here. route del default >/dev/null 2>&1 opts="$opts defaultroute" fi if [ "${PEERDNS}" != no ] ; then opts="$opts usepeerdns" fi if [ -n "${MRU}" ] ; then opts="$opts mru ${MRU}" fi if [ -n "${MTU}" ] ; then opts="$opts mtu ${MTU}" fi if [ -n "${IPADDR}${REMIP}" ] ; then # if either IP address is set, the following will work. opts="$opts ${IPADDR}:${REMIP}" fi if [ -n "${PAPNAME}" ] ; then opts="$opts user ${PAPNAME} remotename ${DEVNAME}" fi if [ "${DEBUG}" = yes ] ; then opts="$opts debug" chatdbg="-v" fi if [ ${DEMAND} = yes ] ; then opts="$opts demand ktune idle ${IDLETIMEOUT} holdoff ${RETRYTIMEOUT}" fi (logger -p daemon.info -t ifup-ppp \ $"pppd started for ${DEVNAME} on ${MODEMPORT} at ${LINESPEED}" &)& exec /usr/sbin/pppd -detach $opts ${MODEMPORT} ${LINESPEED} \ ipparam ${DEVNAME} linkname ${DEVNAME} call ${DEVNAME}\ noauth \ ${PPPOPTIONS}
Конфигурационный файл /etc/ipchains
[root@pups /root]# less /etc/sysconfig/ipchains :input ACCEPT :forward DENY :output ACCEPT -A forward -s 0.0.0.0/0.0.0.0 -d 0.0.0.0/0.0.0.0 -i ppp0 -p 17 -j ACCEPT -A forward -s 172.18.160.0/255.255.255.0 -d 0.0.0.0/0.0.0.0 -i eth0 -p 17 -j MASQ -A forward -s 172.18.160.0/255.255.255.0 -d 0.0.0.0/0.0.0.0 -i eth0 -p 1 -j MASQ -A forward -s 172.18.160.0/255.255.255.0 -d 0.0.0.0/0.0.0.0 -i eth0 -p 6 -j MASQ -A forward -s 172.18.161.0/255.255.255.0 -d 0.0.0.0/0.0.0.0 -i eth0 -p 1 -j MASQ -A forward -s 172.18.161.0/255.255.255.0 -d 0.0.0.0/0.0.0.0 -i eth0 -p 6 -j MASQ -A forward -s 172.18.161.0/255.255.255.0 -d 0.0.0.0/0.0.0.0 -i eth0 -p 17 -j MASQ