“UbuntuHelp:InternetConnectionSharing”的版本间的差异
来自Ubuntu中文
小 |
小 |
||
| 第1行: | 第1行: | ||
{{From|https://help.ubuntu.com/community/InternetConnectionSharing}} | {{From|https://help.ubuntu.com/community/InternetConnectionSharing}} | ||
{{Languages|UbuntuHelp:InternetConnectionSharing}} | {{Languages|UbuntuHelp:InternetConnectionSharing}} | ||
| − | + | * On Server: | |
** You will need one or two network cards in the server, or a network card and a PPP interface. One network card connects to your internal network, we will call this card ''eth1''. The other, or your PPP interface, connects to the internet, we will call this ''eth0'' or ''ppp0''. If you are running both networks off of the same card, then use ''eth0:0'' for the internal network and ''eth0'' for the internet. | ** You will need one or two network cards in the server, or a network card and a PPP interface. One network card connects to your internal network, we will call this card ''eth1''. The other, or your PPP interface, connects to the internet, we will call this ''eth0'' or ''ppp0''. If you are running both networks off of the same card, then use ''eth0:0'' for the internal network and ''eth0'' for the internet. | ||
** First, configure the interface of your network card, for example using eth0 or eth0:0 like so: | ** First, configure the interface of your network card, for example using eth0 or eth0:0 like so: | ||
<pre><nowiki> | <pre><nowiki> | ||
$sudo ifconfig eth0 192.168.0.1</nowiki></pre> | $sudo ifconfig eth0 192.168.0.1</nowiki></pre> | ||
| − | + | * then configure NAT on iptables: | |
<pre><nowiki> | <pre><nowiki> | ||
$sudo iptables -A FORWARD -i eth1 -o eth0 -s 192.168.0.0/24 -m state --state NEW -j ACCEPT | $sudo iptables -A FORWARD -i eth1 -o eth0 -s 192.168.0.0/24 -m state --state NEW -j ACCEPT | ||
| 第14行: | 第14行: | ||
<pre><nowiki> | <pre><nowiki> | ||
$sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"</nowiki></pre> (in case of ADSL, you sometimes need to use ppp1) | $sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"</nowiki></pre> (in case of ADSL, you sometimes need to use ppp1) | ||
| − | |||
'''''FYI: There is a "Bug" in Gutsy (Ubuntu 7.10) and you will need to make a small edit in /etc/sysctl.conf''''' | '''''FYI: There is a "Bug" in Gutsy (Ubuntu 7.10) and you will need to make a small edit in /etc/sysctl.conf''''' | ||
| − | |||
Add these lines : | Add these lines : | ||
| − | |||
<pre><nowiki>net.ipv4.conf.default.forwarding=1 | <pre><nowiki>net.ipv4.conf.default.forwarding=1 | ||
net.ipv4.conf.all.forwarding=1</nowiki></pre> | net.ipv4.conf.all.forwarding=1</nowiki></pre> | ||
| − | |||
[https://bugs.launchpad.net/ubuntu/+source/procps/+bug/84537 Launchpad Bug Report] | [https://bugs.launchpad.net/ubuntu/+source/procps/+bug/84537 Launchpad Bug Report] | ||
| − | |||
* Then move on to the clients: | * Then move on to the clients: | ||
** Unconfigure all network cards: | ** Unconfigure all network cards: | ||
<pre><nowiki> | <pre><nowiki> | ||
$sudo /etc/init.d/networking stop</nowiki></pre> | $sudo /etc/init.d/networking stop</nowiki></pre> | ||
| − | + | * Set the new IP address with the same network range as the server (for example 192.168.0.xxx) | |
<pre><nowiki> | <pre><nowiki> | ||
$sudo ifconfig eth<x> <ip></nowiki></pre>, where eth<x> is the network card and <ip> is the IP for the client. | $sudo ifconfig eth<x> <ip></nowiki></pre>, where eth<x> is the network card and <ip> is the IP for the client. | ||
| − | + | * Configure routing: | |
<pre><nowiki> | <pre><nowiki> | ||
$sudo route add default gw <ip></nowiki></pre>, where <ip> is the server IP (in this example 192.168.0.1). | $sudo route add default gw <ip></nowiki></pre>, where <ip> is the server IP (in this example 192.168.0.1). | ||
| − | + | * Add gateways, ask the server maintainer for the DNS and include then on /etc/resolv.conf such as: | |
<pre><nowiki> | <pre><nowiki> | ||
<nameserver> <ipaddress></nowiki></pre> | <nameserver> <ipaddress></nowiki></pre> | ||
| − | |||
And you are all set, any questions/comments, mail me =) | And you are all set, any questions/comments, mail me =) | ||
---- | ---- | ||
A beginner's working example of a Ubuntu Desktop with 2 nic cards, sharing internet connection http://ubuntuforums.org/showthread.php?p=3713684 | A beginner's working example of a Ubuntu Desktop with 2 nic cards, sharing internet connection http://ubuntuforums.org/showthread.php?p=3713684 | ||
| − | |||
=== Other approaches === | === Other approaches === | ||
| − | |||
Internet connection sharing is called masquerading or Network Address Translation. | Internet connection sharing is called masquerading or Network Address Translation. | ||
| − | |||
To serve dynamic addresses, you need to be a DHCP server. You also need to do IP and DNS masquerading. Easy: | To serve dynamic addresses, you need to be a DHCP server. You also need to do IP and DNS masquerading. Easy: | ||
| − | |||
Install dnsmasq (a DNS masquerade as well as a DHCP server) and ipmasq (IP masquerading). | Install dnsmasq (a DNS masquerade as well as a DHCP server) and ipmasq (IP masquerading). | ||
| − | |||
Configure dnsmasq by editing the config file and making it go: (basically, two things) | Configure dnsmasq by editing the config file and making it go: (basically, two things) | ||
<pre><nowiki> | <pre><nowiki> | ||
| 第55行: | 第44行: | ||
</nowiki></pre> | </nowiki></pre> | ||
configure ipmasq to allow dhcp requests, otherwise you need to stop ipmasq to make a connection. You need to copy a .rul from the documentation directory into the /etc config and edit the interface name. Then reconfigure ipmasq to start after networking has been started | configure ipmasq to allow dhcp requests, otherwise you need to stop ipmasq to make a connection. You need to copy a .rul from the documentation directory into the /etc config and edit the interface name. Then reconfigure ipmasq to start after networking has been started | ||
| − | |||
<pre><nowiki> | <pre><nowiki> | ||
sudo dpkg-reconfigure ipmasq. | sudo dpkg-reconfigure ipmasq. | ||
</nowiki></pre> | </nowiki></pre> | ||
| − | |||
| − | |||
Another approach --- set up [[UbuntuHelp:Firestarter]], to run connection sharing, set up dhcp3-server, and set its configuration to listen to the correct eth*. To change this later, run sudo dpkg-reconfigure dhcp3-server. | Another approach --- set up [[UbuntuHelp:Firestarter]], to run connection sharing, set up dhcp3-server, and set its configuration to listen to the correct eth*. To change this later, run sudo dpkg-reconfigure dhcp3-server. | ||
| − | |||
Basically, you need to have Firestarter active/turned on/protecting, to have the connection shared. | Basically, you need to have Firestarter active/turned on/protecting, to have the connection shared. | ||
| − | |||
When you install dhcp3-server, it will place a sample config file in your /etc/dhcp3 folder, called dhcpd.conf. I suggest you install dhcp3-server first, and then firestarter, cause if you are lucky, firestarter will set up a new config file for dhcp3 for you. | When you install dhcp3-server, it will place a sample config file in your /etc/dhcp3 folder, called dhcpd.conf. I suggest you install dhcp3-server first, and then firestarter, cause if you are lucky, firestarter will set up a new config file for dhcp3 for you. | ||
| − | |||
If you are less lucky, well, this file works, and I got it from another person, so it seems generic enough: http://www.mts.net/~danb/sampledhcpd.conf . Remember to change the DNS server if using that file, cause you don't want name resolution to be done by my ISP, it will be slow. To find what DNS server your Ubuntu is using: System>Admin>Network>DNS tab. | If you are less lucky, well, this file works, and I got it from another person, so it seems generic enough: http://www.mts.net/~danb/sampledhcpd.conf . Remember to change the DNS server if using that file, cause you don't want name resolution to be done by my ISP, it will be slow. To find what DNS server your Ubuntu is using: System>Admin>Network>DNS tab. | ||
| − | |||
At any time that changes are made to your dhcpd.conf file, restart the server - sudo /etc/init.d/dhcp3-server restart will do it. | At any time that changes are made to your dhcpd.conf file, restart the server - sudo /etc/init.d/dhcp3-server restart will do it. | ||
Alternatively, every time you run the sudo dpkg-reconfigure dhcp3-server, at the end, your server will restart. | Alternatively, every time you run the sudo dpkg-reconfigure dhcp3-server, at the end, your server will restart. | ||
| − | |||
There are several issues that I had...first of all, the Firestarter firewall won't even start if you don't have it configured to listen to the right interface...You can change which one it listens to in Preferences --> Network Settings. The Local network connected device must be the same as you have dhcp3-server listening to, of course, both checkboxes under that need to be checked. The Internet connected network device will be the one that is configured for Internet. Now, I have two NICs, but I have pppoe configured on eth0, and I have Internet connection sharing configured on the same one, cause eth0 is also configured for a static 192.168 internal IP for my internal network. | There are several issues that I had...first of all, the Firestarter firewall won't even start if you don't have it configured to listen to the right interface...You can change which one it listens to in Preferences --> Network Settings. The Local network connected device must be the same as you have dhcp3-server listening to, of course, both checkboxes under that need to be checked. The Internet connected network device will be the one that is configured for Internet. Now, I have two NICs, but I have pppoe configured on eth0, and I have Internet connection sharing configured on the same one, cause eth0 is also configured for a static 192.168 internal IP for my internal network. | ||
| − | |||
Internet Connection Sharing Documentation thread http://ubuntuforums.org/showthread.php?s=88b74f79f0ab07638e6b361c09040b45&t=503287 | Internet Connection Sharing Documentation thread http://ubuntuforums.org/showthread.php?s=88b74f79f0ab07638e6b361c09040b45&t=503287 | ||
| − | |||
---- | ---- | ||
[[category:CategoryDocumentation]] [[category:CategoryCleanup]] | [[category:CategoryDocumentation]] [[category:CategoryCleanup]] | ||
[[category:UbuntuHelp]] | [[category:UbuntuHelp]] | ||
2007年11月30日 (五) 18:05的版本
 |
点击翻译: |
English |
请不要直接编辑翻译本页,本页将定期与来源同步。 |
- On Server:
- You will need one or two network cards in the server, or a network card and a PPP interface. One network card connects to your internal network, we will call this card eth1. The other, or your PPP interface, connects to the internet, we will call this eth0 or ppp0. If you are running both networks off of the same card, then use eth0:0 for the internal network and eth0 for the internet.
- First, configure the interface of your network card, for example using eth0 or eth0:0 like so:
$sudo ifconfig eth0 192.168.0.1
- then configure NAT on iptables:
$sudo iptables -A FORWARD -i eth1 -o eth0 -s 192.168.0.0/24 -m state --state NEW -j ACCEPT $sudo iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT $sudo iptables -A POSTROUTING -t nat -j MASQUERADE
(rule1 allows forwarded packets (initial ones), rule2 allows forwarding of established connection packets (and those related to ones that started), rule3 does the NAT.):
$sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"(in case of ADSL, you sometimes need to use ppp1)
FYI: There is a "Bug" in Gutsy (Ubuntu 7.10) and you will need to make a small edit in /etc/sysctl.conf Add these lines :
net.ipv4.conf.default.forwarding=1 net.ipv4.conf.all.forwarding=1
- Then move on to the clients:
- Unconfigure all network cards:
$sudo /etc/init.d/networking stop
- Set the new IP address with the same network range as the server (for example 192.168.0.xxx)
$sudo ifconfig eth<x> <ip>, where eth<x> is the network card and <ip> is the IP for the client.
- Configure routing:
$sudo route add default gw <ip>, where <ip> is the server IP (in this example 192.168.0.1).
- Add gateways, ask the server maintainer for the DNS and include then on /etc/resolv.conf such as:
<nameserver> <ipaddress>
And you are all set, any questions/comments, mail me =)
A beginner's working example of a Ubuntu Desktop with 2 nic cards, sharing internet connection http://ubuntuforums.org/showthread.php?p=3713684
Other approaches
Internet connection sharing is called masquerading or Network Address Translation. To serve dynamic addresses, you need to be a DHCP server. You also need to do IP and DNS masquerading. Easy: Install dnsmasq (a DNS masquerade as well as a DHCP server) and ipmasq (IP masquerading). Configure dnsmasq by editing the config file and making it go: (basically, two things)
sudo /etc/init.d/dnsmasq restart
configure ipmasq to allow dhcp requests, otherwise you need to stop ipmasq to make a connection. You need to copy a .rul from the documentation directory into the /etc config and edit the interface name. Then reconfigure ipmasq to start after networking has been started
sudo dpkg-reconfigure ipmasq.
Another approach --- set up UbuntuHelp:Firestarter, to run connection sharing, set up dhcp3-server, and set its configuration to listen to the correct eth*. To change this later, run sudo dpkg-reconfigure dhcp3-server. Basically, you need to have Firestarter active/turned on/protecting, to have the connection shared. When you install dhcp3-server, it will place a sample config file in your /etc/dhcp3 folder, called dhcpd.conf. I suggest you install dhcp3-server first, and then firestarter, cause if you are lucky, firestarter will set up a new config file for dhcp3 for you. If you are less lucky, well, this file works, and I got it from another person, so it seems generic enough: http://www.mts.net/~danb/sampledhcpd.conf . Remember to change the DNS server if using that file, cause you don't want name resolution to be done by my ISP, it will be slow. To find what DNS server your Ubuntu is using: System>Admin>Network>DNS tab. At any time that changes are made to your dhcpd.conf file, restart the server - sudo /etc/init.d/dhcp3-server restart will do it. Alternatively, every time you run the sudo dpkg-reconfigure dhcp3-server, at the end, your server will restart. There are several issues that I had...first of all, the Firestarter firewall won't even start if you don't have it configured to listen to the right interface...You can change which one it listens to in Preferences --> Network Settings. The Local network connected device must be the same as you have dhcp3-server listening to, of course, both checkboxes under that need to be checked. The Internet connected network device will be the one that is configured for Internet. Now, I have two NICs, but I have pppoe configured on eth0, and I have Internet connection sharing configured on the same one, cause eth0 is also configured for a static 192.168 internal IP for my internal network. Internet Connection Sharing Documentation thread http://ubuntuforums.org/showthread.php?s=88b74f79f0ab07638e6b361c09040b45&t=503287
