[问题求助]rh8如何做nat [复制链接]

机器.server2作为网关，eth.0为192.168.0.254  netmask:255.255.255.0            杀毒
eth1:192.168.2..2 netmask:255.255.255.0 .,gateway:192.168.2.254             电子
系统为rh8.0,
防.火墙 eh0:210.144.XXX.XX, et.h1:192.168.2.254学习
现在server2. 本身能上网，但它网内的机器192.168.0.XX不能上.网，请问怎么用iptables做nat,.
麻烦哪位大虾帮搞一搞，急等救命，不胜感激！.             电子

没人吗，自己顶，斑竹救命啊

老兄的好像不行哎，还是通过不了防火墙啊
以下是以前的rh7下的nat
#!/bin/sh
#
PATH=/sbin:/usr/sbin:/bin:/usr/bin
netinfo ()
{
IP=""
MASK=""
NET=""

for NIC in "$@" ; do {

        IP=`ifconfig $NIC |grep 'inet addr' |awk '{print $2}'|sed -e "s/addr\://"`
        MASK=`ifconfig $NIC |grep 'inet addr' |awk '{print $4}'|sed -e "s/Mask\://"`
        IP1=`echo $IP |awk -F'.' '{print $1}'`
        if [ "$IP1" = "" ]; then
                echo ""
                echo "Warning: there is no IP found on $NIC."
                echo "Action is aborted."
                echo "lease make sure the interface is setup properly, then try again."
                echo ""
                exit 1
        else
        IP2=`echo $IP |awk -F'.' '{print $2}'`
        IP3=`echo $IP |awk -F'.' '{print $3}'`
        IP4=`echo $IP |awk -F'.' '{print $4}'`
        MASK1=`echo $MASK |awk -F'.' '{print $1}'`
        MASK2=`echo $MASK |awk -F'.' '{print $2}'`
        MASK3=`echo $MASK |awk -F'.' '{print $3}'`
        MASK4=`echo $MASK |awk -F'.' '{print $4}'`
        let NET1="$IP1 & $MASK1"
        let NET2="$IP2 & $MASK2"
        let NET3="$IP3 & $MASK3"
        let NET4="$IP4 & $MASK4"
        NET="$NET1.$NET2.$NET3.$NET4"
        fi
        }
done
}

# --- Define interfaces ---
HI="1024:65535"
ALL="0.0.0.0/0"
LO="127.0.0.1"
INT_IF="eth0"
EXT_IF="eth1"

##
##猔?????叫皐癸眤龟悔薄??э?
##

# --- Determine network infortion ---
netinfo "$INT_IF"
INT_IP="$IP"
INT_NET="$NET"/"$MASK"

netinfo "$EXT_IF"
EXT_IP="$IP"
EXT_NET="$NET"/"$MASK"

#
#
# -------------币笆??锣患-----------
echo "Turning on IP forwarding..."
echo 1 >; /proc/sys/net/ipv4/ip_forward

#
#
# -------------币笆鞍杆家舱-----------
echo "Turning on MASQ modules..."
KVERSION="2.2.16-22"
        if [ -f /lib/modules/$KVERSION/ipv4/ip_masq_ftp.o ]; then
                modprobe ip_masq_ftp
        fi
        if [ -f /lib/modules/$KVERSION/ipv4/ip_masq_raudio.o ]; then
                modprobe ip_masq_raudio
        fi
        if [ -f /lib/modules/$KVERSION/ipv4/ip_masq_irc.o ]; then
                modprobe ip_masq_irc
        fi
        if [ -f /lib/modules/$KVERSION/ipv4/ip_masq_autofw.o ]; then
                modprobe ip_masq_autofw
        fi
        if [ -f /lib/modules/$KVERSION/ipv4/ip_masq_cuseeme.o ]; then
                modprobe ip_masq_cuseeme
        fi
        if [ -f /lib/modules/$KVERSION/ipv4/ip_masq_portfw.o ]; then
                modprobe ip_masq_portfw
        fi
        if [ -f /lib/modules/$KVERSION/ipv4/ip_masq_quake.o ]; then
                modprobe ip_masq_quake
        fi
        if [ -f /lib/modules/$KVERSION/ipv4/ip_masq_vdolive.o ]; then
                modprobe ip_masq_vdolive
        fi
        if [ -f /lib/modules/$KVERSION/ipv4/ip_masq_user.o ]; then
                modprobe ip_masq_user
        fi
        if [ -f /lib/modules/$KVERSION/ipv4/ip_masq_mfw.o ]; then
                modprobe ip_masq_mfw
        fi

#
# -------------睲瞶 ipchains----------
echo "Cleaning up rules..."
ipchains -F
ipchains -X
#
# -------------?场 DENY -------------
echo "ACCEPT all..."
ipchains -P input   ACCEPT
ipchains -P output  ACCEPT
ipchains -P forward ACCEPT
#
# -------------す砛セ?呼隔硈絬 -------------
echo "Allow local network..."
ipchains -A input  -i lo -j ACCEPT
ipchains -A output -i lo -j ACCEPT
ipchains -A input  -i $INT_IF -j ACCEPT
ipchains -A output -i $INT_IF -j ACCEPT
ipchains -A input  -i $EXT_IF -j ACCEPT
ipchains -A output -i $EXT_IF -j ACCEPT
#
ipchains -A forward -j MASQ -s $INT_NET -d $ALL
#
#
echo "Current firewall status:"
echo -n "/proc/sys/net/ipv4/ip_forward: "
cat /proc/sys/net/ipv4/ip_forward
echo INT_NET is "$INT_NET" on "$INT_IF" with "$INT_IP"
echo EXT_NET is "$EXT_NET" on "$EXT_IF" with "$EXT_IP"
#
哪位帮我改改，我改了ipchains为iptables，将kversion也改了，但好像没有MASQ的module, 还是没用，救命啊！