|
在这个地址可以找到最新版的各种 以太网卡的驱动程序的测试版这些驱动程序一般也包括在了标准的Linux内核源码包里 cd /usr/src/linux make menuconfig 一开始有一个提示性的问题Prompt for development and/or incomplete code/drivers _________________________ / 图内核编译时的菜单界面 \_________________________/ 回答Y就可以了当然如果你不需要这些测试版的驱动程序最好 下面讲一下如何在一台机子上配双网卡 首先在内核编译的时候把网卡驱动程序编译成模块PCI卡可以自动被检测到ISA卡就要手 工设一下端口和中断要手工编辑/etc/confmodules比方说你有两块NE兼容网卡 ___________________________ / /etc/confmodules alias eth ne alias eth ne options ne io=x x \___________________________/ 这个顺序就是按照etheth下来的 还有一个方法就是把网卡驱动程序编译进内核那么为了让Linux识别两块网卡就要在LILO上 做手术 ________________________________________________ / /etc/nf append=ether=xeth ether=xeth \________________________________________________/ ____________________________________ / 图dmesg显示的和以太网卡相关的内容 \____________________________________/ =>设置域名服务器 对于拨号用户来说需要的是缓存域名服务 先来配置/etc/nf这是named启动的时候要用到的 ________________________________________________________________________ / // Config file for caching only name server options { directory /var/named; // 这是named的缺省工作目录 // Uncommenting this might help if you have to go through a // firewall and things are not working out: // querysource port ; }; zone { type hint; file roothints; }; zone inaddrarpa { type master; file pz/; }; \________________________________________________________________________/ 接下来是/var/named/roothints这其实就是世界各地的根域名服务器 _____________________________________________________________ / D IN NS GROOTSERVERSNET D IN NS JROOTSERVERSNET D IN NS KROOTSERVERSNET D IN NS LROOTSERVERSNET D IN NS MROOTSERVERSNET D IN NS AROOTSERVERSNET D IN NS HROOTSERVERSNET D IN NS BROOTSERVERSNET D IN NS CROOTSERVERSNET D IN NS DROOTSERVERSNET D IN NS EROOTSERVERSNET D IN NS IROOTSERVERSNET D IN NS FROOTSERVERSNET GROOTSERVERSNET wdh IN A JROOTSERVERSNET wdh IN A KROOTSERVERSNET wdh IN A LROOTSERVERSNET wdh IN A MROOTSERVERSNET wdh IN A AROOTSERVERSNET wdh IN A HROOTSERVERSNET wdh IN A BROOTSERVERSNET wdh IN A CROOTSERVERSNET wdh IN A DROOTSERVERSNET wdh IN A EROOTSERVERSNET wdh IN A IROOTSERVERSNET wdh IN A FROOTSERVERSNET wdh IN A \_____________________________________________________________/ 然后是/var/named/pz/我们先给出一个例子 __________________________________________________________________________ / @ IN SOA nslinuxbogus hostmasterlinuxbogus ( ; Serial H ; Refresh H ; Retry W ; Expire D) ; Minimum TTL NS nslinuxbogus PTR localhost \__________________________________________________________________________/ 这就是一个zone file这里包括有种Resource Records SOAStart Of Authority RR NSName Server RR PTR 第一行上的@就是指nf中这个zone file所对应的本地zoneinaddrarpa NS RR前面有一个缺省的@没有写出来NS这行就是说linuxbogus域的域名服务器就是nslinuxbogus PTR RR这行说明这个zone file所对应的本地zone的这台机子是localhost SOA RR说明这个zone file所在的机子叫做nslinuxbogus负责人是hostmaster@linuxbogus 该zone file的版本号是 ; Serial 最后是/etc/nf ________________________________________________ / search subdomainyourdomainedu yourdomainedu nameserver \________________________________________________/ search这行的意思就是如果你寻找moifa那么实际上就是moifayourdomainedu nameserver就是指定你的域名服务器啦如果你有其他的域名服务器可以多加几个nameserver行 下面我们启动named然后用nslookup来检查一下是否named已经正常工作了 _______________ / 演示nslookup \_______________/ 接下来我们建立一个公司内部网上的真域名服务 先在nf里加上一个新的zone _____________________________ / zone linuxbogus { notify no; type master; file pz/linuxbogus; }; \_____________________________/ 下面我们来编辑我们真域名的zone file _______________________________________________________________________________ / @ IN SOA nslinuxbogus hostmasterlinuxbogus ( ; serial todays date + todays serial # H ; refresh seconds H ; retry seconds W ; expire seconds D ) ; minimum seconds; NS ns ; Inet Address of name server MX maillinuxbogus ; Primary Mail Exchanger MX mailfriendbogus ; Secondary Mail Exchanger; localhost A ns A www A ns mail A \_______________________________________________________________________________/ 最后我们再来看一下reverse zone所谓zone就是把域名转化为ip地址所谓reverse zone就是 把ip地址转化为域名 __________________________________ / zone inaddrarpa { notify no; type master; file pz/; }; \__________________________________/ ________________________________________________________________________ / @ IN SOA nslinuxbogus hostmasterlinuxbogus ( ; Serial todays date + todays serial H ; Refresh H ; Retry W ; Expire D) ; Minimum TTL NS nslinuxbogus PTR gwlinuxbogus PTR nslinuxbogus PTR donaldlinuxbogus PTR maillinuxbogus PTR ftplinuxbogus \________________________________________________________________________/ =>防火墙 第一步编译内核在内核中加入ip masquerade的支持 再安装上ipfwadm这个软件包就可以了下面就开始动手配置 ______________________________________________________________________________________________ / #!/bin/sh # # /etc/rcd/rcfirewall define the firewall configuration invoked from # rclocal # PATH=/sbin:/bin:/usr/sbin:/usr/bin ipfwadm I f ipfwadm I p deny ipfwadm I a accept V S / D / ipfwadm I a deny |
