配置centos6.0为Router

1.ETH0--LAN

[root@server ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0

HWADDR=00:XX:XX:00:97:XX

ONBOOT=yes

TYPE=Ethernet

BOOTPROTO=none

IPADDR=192.168.0.254

NETMASK=255.255.255.0

2.EHT1--WAN

[root@server ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1

DEVICE=eth1

HWADDR=00:XX:XX:00:97:XX

ONBOOT=yes

BOOTPROTO=none

TYPE=Ethernet

IPADDR=58.240.XX.IP

NETMASK=255.255.255.240

GATEWAY=58.240.XX.GW

3.sysctl

[root@server ~]# cat /etc/sysctl.conf

# Kernel sysctl configuration file for Red Hat Linux

#

# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and

# sysctl.conf(5) for more details.

# Controls IP packet forwarding

net.ipv4.ip_forward = 1

... ...

[root@server ~]# sysctl -p

net.ipv4.ip_forward = 1

4.SNAT

[root@server ~]# iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth1 -j SNAT --to 58.240.XX.IP

or

[root@server ~]# iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE

保存SNAT配置：

[root@server ~]# /etc/init.d/iptables save

[root@server ~]# cat /etc/sysconfig/iptables

# Generated by iptables-save v1.4.7 on Fri Mar 30 14:10:34 2012

*filter

:INPUT ACCEPT [19774:1796237]

:FORWARD ACCEPT [2088:205908]

:OUTPUT ACCEPT [4335:25558058]

COMMIT

# Completed on Fri Mar 30 14:10:34 2012

# Generated by iptables-save v1.4.7 on Fri Mar 30 14:10:34 2012

*nat

:PREROUTING ACCEPT [152787:30285172]

:POSTROUTING ACCEPT [4:236]

:OUTPUT ACCEPT [9:586]

#-A POSTROUTING -s 192.168.0.0/24 -o eth1 -j SNAT --to 58.240.XX.IP

-A POSTROUTING -o eth1 -j MASQUERADE

COMMIT

# Completed on Fri Mar 30 14:10:34 2012

打完，收工。