LINUX系统的双网卡双IP(双链路)实现方式(2)
/sbin/ip rule add to 221.216.0.0/13 pref 20001 table cnc
/sbin/ip rule add to 221.3.0.0/17 pref 20001 table cnc
/sbin/ip rule add to 221.3.128.0/17 pref 20001 table cnc
/sbin/ip rule add to 221.4.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 221.5.0.0/17 pref 20001 table cnc
/sbin/ip rule add to 221.5.128.0/17 pref 20001 table cnc
/sbin/ip rule add to 221.6.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 221.7.0.0/19 pref 20001 table cnc
/sbin/ip rule add to 221.7.128.0/17 pref 20001 table cnc
/sbin/ip rule add to 221.7.32.0/19 pref 20001 table cnc
/sbin/ip rule add to 221.7.64.0/18 pref 20001 table cnc
/sbin/ip rule add to 221.8.0.0/15 pref 20001 table cnc
/sbin/ip rule add to 222.128.0.0/14 pref 20001 table cnc
/sbin/ip rule add to 222.132.0.0/14 pref 20001 table cnc
/sbin/ip rule add to 222.136.0.0/13 pref 20001 table cnc
/sbin/ip rule add to 222.160.0.0/14 pref 20001 table cnc
/sbin/ip rule add to 58.16.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 58.17.0.0/17 pref 20001 table cnc
/sbin/ip rule add to 58.17.128.0/17 pref 20001 table cnc
/sbin/ip rule add to 58.18.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 58.19.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 58.20.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 58.21.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 58.22.0.0/15 pref 20001 table cnc
/sbin/ip rule add to 58.240.0.0/15 pref 20001 table cnc
/sbin/ip rule add to 58.242.0.0/15 pref 20001 table cnc
/sbin/ip rule add to 58.244.0.0/15 pref 20001 table cnc
/sbin/ip rule add to 58.246.0.0/15 pref 20001 table cnc
/sbin/ip rule add to 58.248.0.0/13 pref 20001 table cnc
/sbin/ip rule add to 58.250.0.0/15 pref 20001 table cnc
/sbin/ip rule add to 58.252.0.0/15 pref 20001 table cnc
/sbin/ip rule add to 58.83.0/22 pref 20001 table cnc
/sbin/ip rule add to 60.0.0.0/13 pref 20001 table cnc
/sbin/ip rule add to 60.10.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 60.11.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 60.12.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 60.13.0.0/18 pref 20001 table cnc
/sbin/ip rule add to 60.13.128.0/17 pref 20001 table cnc
/sbin/ip rule add to 60.13.64.0/18 pref 20001 table cnc
/sbin/ip rule add to 60.14.0.0/15 pref 20001 table cnc
/sbin/ip rule add to 60.14.0.0/15 pref 20001 table cnc
/sbin/ip rule add to 60.16.0.0/13 pref 20001 table cnc
/sbin/ip rule add to 60.208.0.0/13 pref 20001 table cnc
/sbin/ip rule add to 60.216.0.0/15 pref 20001 table cnc
/sbin/ip rule add to 60.218.0.0/15 pref 20001 table cnc
/sbin/ip rule add to 60.220.0.0/14 pref 20001 table cnc
/sbin/ip rule add to 60.24.0.0/14 pref 20001 table cnc
/sbin/ip rule add to 60.253.128.0/17 pref 20001 table cnc
/sbin/ip rule add to 60.255.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 60.28.0.0/15 pref 20001 table cnc
/sbin/ip rule add to 60.30.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 60.31.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 60.8.0.0/15 pref 20001 table cnc
/sbin/ip rule add to 61.133.0.0/17 pref 20001 table cnc
/sbin/ip rule add to 61.134.128.0/18 pref 20001 table cnc
/sbin/ip rule add to 61.134.192.0/18 pref 20001 table cnc
/sbin/ip rule add to 61.134.96.0/19 pref 20001 table cnc
/sbin/ip rule add to 61.135.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 61.136.0.0/18 pref 20001 table cnc
/sbin/ip rule add to 61.136.64.0/18 pref 20001 table cnc
/sbin/ip rule add to 61.137.128.0/17 pref 20001 table cnc
/sbin/ip rule add to 61.138.0.0/18 pref 20001 table cnc
/sbin/ip rule add to 61.138.128.0/18 pref 20001 table cnc
/sbin/ip rule add to 61.138.64.0/18 pref 20001 table cnc
/sbin/ip rule add to 61.139.128.0/18 pref 20001 table cnc
/sbin/ip rule add to 61.148.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 61.156.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 61.158.0.0/17 pref 20001 table cnc
/sbin/ip rule add to 61.158.128.0/17 pref 20001 table cnc
/sbin/ip rule add to 61.159.0.0/18 pref 20001 table cnc
/sbin/ip rule add to 61.161.0.0/18 pref 20001 table cnc
/sbin/ip rule add to 61.161.128.0/17 pref 20001 table cnc
/sbin/ip rule add to 61.162.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 61.163.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 61.167.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 61.168.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 61.176.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 61.179.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 61.180.128.0/17 pref 20001 table cnc
/sbin/ip rule add to 61.181.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 61.182.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 61.189.0.0/17 pref 20001 table cnc
/sbin/ip rule add to 61.52.0.0/15 pref 20001 table cnc
/sbin/ip rule add to 61.54.0.0/16 pref 20001 table cnc
/sbin/ip rule add to 61.55.0.0/16 pref 20001 table cnc
/sbin/ip route flush cache启动项加以下内容
#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.
touch /var/lock/subsys/local
/usr/local/bin/cncip.sh
/usr/local/bin/gw.sh
/sbin/modprobe ip_conntrack hashsize=2621400
/root/iptables.sh
加策略及NAT转换
vi /root/iptables.sh
#!/bin/bash
### load the mod ###
/sbin/modprobe ip_tables
/sbin/modprobe iptable_nat
/sbin/modprobe ip_nat_ftp
/sbin/modprobe ip_nat_irc
/sbin/modprobe ip_conntrack
/sbin/modprobe ip_conntrack_ftp
/sbin/modprobe ip_conntrack_irc
####################
/sbin/iptables -F
/sbin/iptables -X
/sbin/iptables -Z
/sbin/iptables -t nat -F
/sbin/iptables -t nat -X
/sbin/iptables -t nat -Z
/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -P OUTPUT ACCEPT
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables -t nat -P PREROUTING ACCEPT
/sbin/iptables -t nat -P POSTROUTING ACCEPT
/sbin/iptables -t nat -P OUTPUT ACCEPT
### test 172.16.3.102 ###
/sbin/iptables -t nat -A PREROUTING -d 电信IP -i eth0 -j DNAT --to-destination 172.16.3.102
/sbin/iptables -t nat -A PREROUTING -d 网通IP-i eth1 -j DNAT --to-destination 172.16.3.102
#out
/sbin/iptables -t nat -A POSTROUTING -s 172.16.3.102 -o eth0 -j SNAT --to 电信IP
/sbin/iptables -t nat -A POSTROUTING -s 172.16.3.102 -o eth1 -j SNAT --to 网通IP
### test end ###
### NAT ###
/sbin/iptables -t nat -A POSTROUTING -s 172.16.3.0/255.255.255.0 -j MASQUERADE
~
以上三种方法,供大家参考.
顶(0)
踩(0)
- 最新评论