架设NAT服务器,系统为freebsd,使用pan限p2p分时段下载
搬到有8万外来人口的TJL村租房,一进村有点在家乡赶集的感觉,印象就是人多,垃圾多,摆摊多,随便找了找,看了看选了一间采光不错的屋子,宽带还免费哈哈,可惜一到晚上就是没法用,问房东才知道是怎么回事;1M网通AD,一个TP路由带30个用户,可以想象问题所在了,,在运营商工作了快5年网维了,所以要解决网络资源合理利用是小菜了 哈哈 吹吹牛,,,所以去房东那边胡喷了一下,叫房东买了台PC解决房东一直困扰的问题,运行快一年了,一直很稳定!系统bsd6.2,加PAN分时段限制p2p下载,4张网卡,
结构:
AD猫>>eth1--(eth2-pan桥-eth3)--eth4>>交换机>>住户
1,编译内核,加nat模块,ipfw
CP /usr/src/sys/i386/conf/GENERIC NAT
VI NAT
options IPFIREWALL
options IPDIVERT
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=100
options IPSTEALTH
options ACCEPT_FILTER_DATA
options ACCEPT_FILTER_HTTP
options ICMP_BANDLIM
options DUMMYNET
options IPFIREWALL_DEFAULT_TO_ACCETP
#IPFIREWALL_FORWARD
#make depend
#make
#make install
#reboot
2,配置rc.conf拨号ppp.conf
NatRouter# cat /etc/rc.conf
# -- sysinstall generated deltas -- # Tue May 19 13:25:38 2009
# Created: Tue May 19 13:25:38 2009
# Enable network daemons for user convenience.
# Please make all changes to this file, not to /etc/defaults/rc.conf.
# This file now contains just the overrides from /etc/defaults/rc.conf.
usbd_enable="YES"
hostname="NatRouter"
sshd_enable="YES"
firewall_enable="YES"
firewall_type="OPEN"
ifconfig_rl0="inet 192.168.1.1/25"
ifconfig_rl3="inet 192.168.1.129/25"
gateway_enable="YES"
inetd_enable="YES"
pf_enable="YES"
sendmail_enable="NO"
dhcpd_enable="YES"
dhcpd_ifaces="rl0"
#ppp
ppp_enable="YES"
ppp_mode="ddial"
ppp_nat="YES"
ppp_profile="ad"
NatRouter# cat /etc/ppp/ppp.conf
#################################################################
# PPPSample Configuration File
# Originally written by Toshiharu OHNO
# Simplified 5/14/1999 by
wself@cdrom.com
#
# See /usr/share/examples/ppp/ for some examples
#
# $FreeBSD: src/etc/ppp/ppp.conf,v 1.10 2004/11/19 17:12:56 obrien Exp $
#################################################################
default:
set log Phase Chat LCP IPCP CCP tun command
ident user-ppp VERSION (built COMPILATIONDATE)
set log Phase tun command
#set ctsrts off
#set speed sync
#set ifaddr 10.0.0.1/0 10.0.0.2/0
#enable dns
#set device PPPoE:re0
ad:
set device PPPoE:rl3
set authname 你的AD帐号
set authkeyad密码
set dial
set login
add default HISADDR
3,安装pan...
4,安装dhcp-sever 放地址
cd/usr/ports/net/isc-dhcp31-server
make install
rehash
vi /usr/local/etc/dhcpd.conf 编辑你要放的地址段
只放半个C够用
This is a very basic subnet declaration.
subnet 192.168.1.0 netmask 255.255.255.128 {
range 192.168.1.2 192.168.1.125;
option routers 192.168.1.126;
}
/usr/local/etc/rc.d/isc-dhcpdstart
5,查看进程情况
ps ax |grep dhcp
ps ax |grep pan
6,查看拨号情况
/etc/rc.d/ppp restart
tail-f /var/log/ppp.log
ifconfig
pfsync0: flags=0 mtu 2020
syncpeer: 224.0.0.240 maxupd: 128
tun0: flags=8051 mtu 1492
inet 221.221.163.125 --> 221.221.160.1 netmask 0xffffffff
Opened by PID 2138
http://blog.chinaunix.net/u2/89213/showart_2080340.html
本文来自ChinaUnix博客,如果查看原文请点:http://blog.chinaunix.net/u2/63141/showart_2145977.html
页:
[1]