防火墙内外网隔离实例 1: Linux firewall allow intranet workstation (windows8) to access internet2: Workstation(windows8) get ip from Linux DHCP server.
条件
1: Computer with internet access
2: WMware workstation 9.0.
3: CentOS 6.4(firewall server).
4: CentOS 6.4(DHCP SERVER).
5: Windows 8 (Workstation).
解决方案
虚拟机
1: Install OS system in VMware.
2: OS Network Settings.
Firewall:
1: WAN Network(NAT)
2: LAN Network(Host Only)
DHCP
1: LAN Network.
Windows 8
1: LAN Network.
VM Hostonly Network
防火墙
LAN(eth0) and WAN (eth1) Settings.
vi /etc/sysconfig/network-scripts/eth0
vi /etc/sysconfig/network-scripts/eth1
Service network restart.
Check Firewall ip, WAN: ifconfig eth0 LAN: ifconfig eth1
Check if can access internet: Ping www.google.com
Check the Internet DNS, vi /etc/ resolv.conf
vi /etc/rc.local, sh /etc/rc.local
Check the Route, route -n.
echo "1" > /proc/sys/net/ipv4/ip_forward**
IPTABLES
1: Firewall server: iptables -t nat -A PREROUTING -i eth0 -j DNAT --to-destination 192.168.1.99
2: Firewall server: iptables -t nat -A POSTROUTING -s 192.168.1.99 -o eth0 -j SNAT --to-source 192.168.60.130
3: Firewall server: iptables -t nat -L
DHCP服务器
vi /etc/sysconfig/network-scripts/ifcfg-eth0
vi /etc/dhcp/dhcpd.conf
Service dhcpd restart
Windows客户端
Ip settings
Check the Win8 if get ip from dhcp server. ipconfig/all
客户端测试上网
4: Win8 Workstation: Go to Win8 check, if can access internet.
5:service iptables stop: 再次打开网页,就不能网了
博主个人网站www.davis-wiki.com