Debian-Linux-kernel upgrade + route proxy

Source: Internet
Author: User
Tags install perl

Temporary IP address and mask settings:
Ifconfig

Ifconfig eth0 192.168.0.233 netmask 255.255.255.0

Temporary Gateway:
Route add-net 0 GW 192.168.0.100

Fixed IP
The Vim/etc/Network/interfaces content is as follows:

Auto eth0 eth1
Iface eth0 Inet static
Address 192.168.0.176
Netmask 255.255.255.0
Network 192.168.0.0
Broadcast 192.168.0.255
Gateway 192.168.0.1
DNS-nameservers 202.96.128.86

Iface eth1 Inet static
Address Internet IP Address
Netmask Internet mask
Internet network segment
Broadcast Internet broadcast address
Gateway Internet gateway
DNS-nameservers 202.96.128.86

Write apt Source
Deb http://debian.cn99.com/debian unstable main
Deb http://debian.cn99.com/debian/ stable main
Apt-Get dist-Upgrade
Apt-Get update
Install the compilation component
Apt-Get install gcc
Apt-Get install make
Apt-Get install curl
Apt-Get install Perl
Apt-Get install modules-init-Tools
Download kernel source code wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.18.3.tar.bz2
Download iptables wget http://ftp.netfilter.org/pub/iptables/iptables-1.3.6.tar.bz2
Download iptables patch wget http://ftp.netfilter.org/pub/patch-o-matic-ng/snapshot/patch-o-matic-ng-20061124.tar.bz2
Decompress the package to/usr/src/
Tar-xvzf linux-2.6.18.3.tar.bz2/usr/src
Tar-xvzf iptables-1.3.6.tar.bz2/usr/src
Tar-xvzf patch-o-matic-ng-20061124.tar.bz2/usr/src
CD/usr/src/patch-o-matic-ng-20061124 patch directory
Export kernel_dir =/usr/src/2.6.18.3
Export iptables_dir =/usr/src/iptables-1.3.6
./Runme -- Download
./Runme connlimit only applies this connlimit patch.
Apt-Get install linux-headers-2.6.18-* Find the official Debian kernel
Apt-Get install linux-headers-2.6.18-3-686 download Debian official Kernel
CP/usr/src/linux-headers-2.6.18-3-686/. config/usr/src/linux-2.6.18.3 copy Debian official already set. config
CD linux-2.6.18.3
Make-menuconfig select Network ---- the newly added patch connlimit
Make
Make modules_install
Mkinitrd-O/boot/initrd. img-2.6.18 2.6.18.3
Copy System. Map to/boot
Renamed system. Map-2.6.18
Copy ARCH/i386/boot/bzimage to/boot
Bzimage renamed vmlinuz-2.6.18
Finally, add a new kernel to grub.
Vim/boot/GRUB/menu. List

Iptables-a forward-I eth0-P TCP -- syn-M connlimit -- connlimit-abve 25-J reject
Eth0 is the Intranet Nic here. Change it by yourself. Try connlimit

The following are some common commands for proxy routing:

Iptables-T Nat-A postrouting-s 192.168.0.0/24-O eth1-j snat -- to Internet IP address disguise

Iptables-P input TCP-dport 135-J Drop port

Echo 1>/proc/sys/NET/IPv4/ip_forward manually enable forwarding

Edit/etc/Network/options
Ip_forward = Yes
In this way, the forwarding function is automatically enabled every time the instance is started.

Edit/etc/rc. Local
Edit this file and write it to the firewall. Then, you can enable your own iptables policy every time you start the system.
Install iptraf traffic simple viewing tool
Apt-Get install iptraf

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.