无色无味(杨波) 的Web Log(博客)
DHCP+PPPOE+Squid+SNAT
利用Dchpd+NAT+Squid+PPPOE实现内网完全
1.DHCP配置
2.SQUID配置 (http://blog.ghitr.com/index.php/archives/325)
3.NAT配置(暂无,明天加上)
4.PPPOE配置(暂无,明天加上)
因本机无DHCPD,所以需要安装
http://rpmfind.net/linux/rpm2html/search.php?query=dhcpd
的这上面找到
[ad#ad_article_2]
1.配置DHCPD
/etc/dhcpd.conf
[root@centos ~]# cat /etc/dhcpd.conf
ddns-update-style interim;
ignore client-updates;
subnet 10.10.10.0 netmask 255.255.255.0 {
option routers 10.10.10.1;
option subnet-mask 255.255.255.0;
option domain-name "domain.org";
option domain-name-servers 211.5.203.98;
# option time-offset -18000; # Eastern Standard Time
# option ntp-servers 10.10.10.1;
# option netbios-name-servers 10.10.10.1;
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- you understand Netbios very well
# option netbios-node-type 2;
range 10.10.10.100 10.10.10.250;
default-lease-time 21600;
max-lease-time 43200;
# we want the nameserver to appear at a fixed address
# host ns {
# next-server marvin.redhat.com;
# hardware ethernet 12:34:56:78:AB:CD;
# fixed-address 207.175.42.254;
# }
}
/etc/syconfig/dhcpd 指定监听网卡。
[root@centos ~]# cat /etc/sysconfig/dhcpd # Command line options here DHCPDARGS=eth1
dhcpd eth1 start
2.配置Squid
都默认已经成功安装Squid了哟。rpm 安装方法为:Rpm -i squid-2.6.STABLE21-3.el5.i386.rpm (此文件在第2张光盘中)
默认安装完成后,不做任何配置启动Squid,默认端口为3128. 直接使用此代理服务器,你会得到如下提示:
ERROR
The requested URL could not be retrieved
--------------------------------------------------------------------------------
While trying to retrieve the URL: http://linux.chinaunix.net/bbs/archiver/tid-909629.html
The following error was encountered:
Access Denied.
Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.
Your cache administrator is root.
--------------------------------------------------------------------------------
Generated Mon, 22 Jun 2009 11:52:42 GMT by centos (squid/2.6.STABLE21)
++++++++++++++++++++++++++++
直接访问代理服务器会提示你为:Invalid Request .
Squid安装好后。默认是不能访问外网的,需要你手动的添加Acl列表。
添加Acl一般有两步。
第一步:定义一个网络地址范围 acl aclname ipaddress/netmask 更多高级acl请详见/etc/squid/squid.conf文件的ACL段。可以支持以域名、IP、时间、等对象的ACL范围。
第二步:应用ACL
http_access allow aclname 如果你想 allow表示 允许 。禁止用deny表示。
注意,一定要在http_access deny all这一句前面应用自定义ACL。或者你可以把http_access deny all这一句注释掉。
经过上面两步,你的Squid已经能够正常提供服务了。 更多功能就需要详细研究conf文件了。该文件共有4000多行。包含N个模块。
需使用squid -z 来创建Cache目录。
错误信息:
1:FATAL: Could not determine fully qualified hostname. Please set ‘visible_hostname’
解决办法:使用visible_hostname hostname 指定为自己的主机名。
One Response to “DHCP+PPPOE+Squid+SNAT”
Leave a Reply
我自己
六月 24th, 2009 at 3:23 上午
Pretty cool post. I just stumbled upon your site and wanted to say
that I have really enjoyed browsing your posts. Anyway
I’ll be subscribing to your feed and I hope you write again soon!