自己写的在Linux下共享ADSL的Howto，看到有人要，所以放上来。

心刃

--------------------------------------------------------------------------------

RedHat Linux + ADSL        SOHO Solution

--------------------------------------------------------------------------------

    This solution plantform for SmallOffice & HomeOffice.By using a sample ADSL line.
It is very easy strong and performance.

    Use a ADSL line connect to INTERNET.Use a 10-100MB Hub build Local network.

    Use Linux build a soft route to convert IP address between Internet and Local Network.

    At first I used Windows2000 by NAT addres convert.But it is to slow and have many problem.
For example: can't send OICQ in local netwrok eachother;can't browser sina.com.cn and other site.
And if you want performance it,it ...  It's MicroSoft.I really can't turn it.It is too slow.
I hate MicroSoft,I love Linux.

    The Machine:

    MainBoard:VIA Applo Pro
    CPUIII 350
    RAM:200MB
    HardDisk:9GB SCSI
    VGA:i740 AGP 8MB
    NetCard-Link 100MB

    Linux Release Version:REDHAT 6.2

1.Install RedHat 6.2

    I install it by package Xfree86,KDE,Gnome... and ppp

    Setting NetCard IP address:                192.168.216.151
                            Net Mask:        255.255.255.0

[root@localhost /root]#ifconfig
eth0      Link encap:Ethernet  HWaddr 000:F8:08:5C:BC
          inet addr:192.168.216.151  Bcast:192.168.216.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:375 errors:0 dropped:0 overruns:0 frame:0
          TX packets:229 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          Interrupt:7 Base address:0xe800

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:3924  Metric:1
          RX packets:18 errors:0 dropped:0 overruns:0 frame:0
          TX packets:18 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0

Disable DefaultRout(Gateway).Let ADSL get it from Server

vi /etc/sysconfig/network
delete the line GATEWAY=

su to root
#/etc/rc.d/init.d/network restart

find if installed ppp package:

if has /usr/sbin/pppd It has been Install
rpm -q ppp

If not installed,Install it from RedHatLinux 6.2 CDROM.
The package name:ppp-2.3.11-4.i386.rpm

2.Install ADSL pppoe Driver

Go to http://www.roaringpenguin.com/pppoe/

Down load pppoe driver rp-pppoe-3.4.tar.gz

#tar xvfz rp-pppoe-3.4.tar.gz

# cd rp-pppoe-3.4

# ./go

Welcome to the Roaring Penguin ADSL client setup.  First, I will run
some checks on your system to make sure the PPPoE client is installed
properly...

Looks good!  Now, please enter some information:

USER NAME

>;>;>; Enter your PPPoE user name (default bxxxnxnx@sympatico.ca): a0000@163
这里输入在电信局申请的adsl的帐号

INTERFACE

>;>;>; Enter the Ethernet interface connected to the ADSL modem
For Solaris, this is likely to be something like /dev/hme0.
For Linux, it will be ethn, where 'n' is a number.
(default eth0):
问你用哪片网卡拨号，默认是第一片eth0就可以了

Do you want the link to come up on demand, or stay up continuously?
If you want it to come up on demand, enter the idle time in seconds
after which the link should be dropped.  If you want the link to
stay up permanently, enter 'no' (two letters, lower-case.)
NOTE: Demand-activated links do not interact well with dynamic IP
addresses.  You may have some problems with demand-activated links.
>;>;>; Enter the demand value (default no):

DNS

Please enter the IP address of your ISP's primary DNS server.
If your ISP claims that 'the server will provide DNS addresses',
enter 'server' (all lower-case) here.
If you just press enter, I will assume you know what you are
doing and not modify your DNS setup.
>;>;>; Enter the DNS information here: server
这里填你ISP的DNS地址，server代表从ADSL接入服务器取得DNS地址

PASSWORD
ADSL拨号密码这个东东。

>;>;>; Please enter your PPPoE password:
>;>;>; Please re-enter your PPPoE password:

FIREWALLING

Please choose the firewall rules to use.  Note that these rules are
very basic.  You are strongly encouraged to use a more sophisticated
firewall setup; however, these will provide basic security.  If you
are running any servers on your machine, you must choose 'NONE' and
set up firewalling yourself.  Otherwise, the firewall rules will deny
access to all standard servers like Web, e-mail, ftp, etc.  If you
are using SSH, the rules will block outgoing SSH connections which
allocate a privileged source port.

The firewall choices are:
0 - NONE: This script will not set any firewall rules.  You are responsible
          for ensuring the security of your machine.  You are STRONGLY
          recommended to use some kind of firewall rules.
1 - STANDALONE: Appropriate for a basic stand-alone web-surfing workstation
2 - MASQUERADE: Appropriate for a machine acting as an Internet gateway
                for a LAN
>;>;>; Choose a type of firewall (0-2): 0

** Summary of what you entered **

Ethernet Interface: eth0
User name:          a0000@163
Activate-on-demand: No
DNS addresses:      Supplied by ISP's server
Firewalling:        NONE

>;>;>; Accept these settings and adjust configuration files (y/n)? y
Adjusting /etc/ppp/pppoe.conf
Adjusting /etc/ppp/pap-secrets and /etc/ppp/chap-secrets
  (But first backing it up to /etc/ppp/pap-secrets-bak)
  (But first backing it up to /etc/ppp/chap-secrets-bak)

Congratulations, it should be all set up!

Type 'adsl-start' to bring up your ADSL link and 'adsl-stop' to bring
it down.  Type 'adsl-status' to see the link status.

and you can use adsl-stop to stop adsl connect
and use adsl-status get information about adsl connect

3.动态域名设置(用拷贝3322.org的)

动态域名
首先去http://www.3322.org/ 申请动态域名。

根据您所使用的操作系统下载不同的客 户端。

申请之后，在http://www.3322.org首页上点击客户端下载，或是点击http://www.3322.org/dyndnspage/client.html，下载他的客户端。
ez-ipupdate-3.0.10-linux-i386.tgz
然后解压缩，我是解压缩到 /usr/local/bin下的。

#tar xvfz ez-ipupdate-3.0.10-linux-i386.tgz
#cd ez-ipupdate-3.0.10-linux-i386
#chown root.root *
#mv * /usr/local/bin
#cd /usr/local/bin

我的配置是
/usr/local/bin/qdns.conf
在里面找到qdns.conf， 那个就是3322.org动态域名的 配置文件。在配置文件里面写入：

user=a0000@163xxxxxx                #a0000@163是你申请时的用户名，xxxxxxx是密码
host=web.3322.org                #web.3322.org这是你申请的动态域名。
interface=ppp0                        #这是域名所要指向的IP所在的设备，我们是ADSL拨号，设备就是 ppp0（用ifconfig观察得到）

写完保存后，就可以启动动态域名了
/usr/local/bin/ez-ipupdate -c /usr/local/bin/qdns.conf

之后我们可以用nslookup来看一下，是不是已经把我们注册的动态域名指向了我们 刚刚拨号所分配地址。

如果我们不想每次拨号都输入这个命令，你可以把他写到/etc/rc.d/rc.local文件中，每次启动完毕的时候就可以自动连接到ADSL并且自动更新动态域名，我的配置文件：

/usr/sbin/adsl-start
/usr/local/bin/ez-ipupdate -c /usr/local/bin/qdns.conf


4.设置网关

配置ipchains伪装IP

在setup中的System services中确认，ipchains打开

在 /etc/sysconfig的network文件里保证有： FORWARD_IPV4=true

然后改/etc/rc.d/rc.local这个文件，加入以下内容

/usr/sbin/adsl-start
/usr/local/bin/ez-ipupdate -c /usr/local/bin/qdns.conf

/sbin/route add -net 192.168.216.0 netmask 255.255.255.0 eth0
/sbin/depmod -a
/sbin/modprobe ip_masq_ftp
/sbin/modprobe ip_masq_irc
/sbin/modprobe ip_masq_raudio
/sbin/ipchains -P forward DENY
/sbin/ipchains -A forward -s 192.168.216.0/24 -j MASQ
/bin/echo 1 >; /proc/sys/net/ipv4/ip_forward


5.配置的你每台客户机。

如果用WINDOWNS系列，只要在网络设置的网卡的TCP/IP中加入网关192.168.216.151

6.如果有什么问题请给我写信，我会帮助你的！

zerocool@cnpug.com
lugh@neusoft.com