Practical Technology: Build a simple Linux LAN server

Source: Internet
Author: User
Tags squid proxy
Article Title: Practical Technology: Build a simple Linux LAN server. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
There are already a large number of families with more than two desktops. Retired Old Machines are tasteless and are a pity. In fact, you can use it as a LAN server. After dinner, you can call friends, call neighbors, pull several network cables, and move your laptop to fight CS and the age of the Empire, or use the proxy server to share the internet. Come with me and build a simple Linux LAN server.
  
The Linux system has very low requirements on servers. I use a MB CPU and MB memory microcomputer as the server.
It can provide 50 single-host services at a high speed. If you use a professional server of pii1g, theoretically it can even meet the needs of 250 users at the same time.
  
First, download the latest version 8.0 of Redhat Linux from www.redhat.com or a Chinese website. The system has an X-Windows application similar to the windows operating interface, which is easy to operate. Second, we need to configure two NICs for the server, one connecting the external line and one connecting the internal network. The configuration of Modem access is different from that of ADSL. This document uses ADSL access as an example. For other access methods, see.
  
Software Installation is relatively simple, but pay attention to the following points during partitioning: The VAR partition is larger, because all files of Internet users and http publishing websites are in this partition. It is best to set a Temp partition to be used as an administrator temporary file. When selecting a package group, You must select KDE and Squid. To publish a website in a LAN, You must select http. If you do not know how to choose, you can select all of them, but the impact is not great.
  
During the installation process, note that the server requires entering the IP address of the NIC during the installation process. Select the IP address carefully. The IP address entered by the author's ADSL external Nic is 10.89.127.6, And the subnet mask is 255.255.255.0, the gateway is 10.89.127.254. This Nic is used for external access and must be enabled when the server is started. Its name is eth0.
  
LAN topology
  
The NIC used by the Internal Gateway generally uses three types of addresses. We can set its address to 192.168.0.10, set the subnet mask to 255.255.255.0, and enable it when the server is started, the name is defined as eth1. The DNS service address of the two networks uses the same address. For example, the address is set to 202.102.227.68. Note that the names eth0 and eth1 cannot be mixed. If the names are different after startup, You can reset them in the Server Configuration (service Configuration) network settings on the Server desktop.
The following topology can be used for the hardware line. Both the server and client are connected to the same vswitch. After the server is installed, the main task is to configure the Squid proxy server software. Squid is very powerful, but you need to modify some content before it can be used normally. Open the/etc/squid. conf file in the advanced editor. There are two sentences in line 1450:
  
Http_access allow localhost
  
Http_access deny all
  
The first sentence indicates that you can enable the local Internet access through http. The second sentence is to prohibit other users from accessing the Internet through the local machine. You need to modify the second sentence and change it
  
Http_access allow all
  
Configuration complete. The Squid proxy is disabled by default when the server is started. You need to change it. In the Server desktop icon Server Configuration/start at boot (start selection), put the asterisks on the front of Squid and Ipchains. In this way, when the server is started, you can start Squid and Ipchains at the same time, or you can run the command setup to find the server configuration item for the above configuration.
  
At this point, the server has been able to provide WWW Proxy services, but there are still many things to be configured. For example, the chat function requires special address spoofing. Add the following content to the end of the/etc/rc. local file and restart the server.
  
Echo 1>/proc/sys/net/ipv4/ip_forward
  
/Sbin/ipchains-P forward DENY
  
/Sbin/ipchains-F
  
/Sbin/ipchains-A forward-s 192.168.0.0/24-j MASQ-I eth0
  
These four statements are used to set Address Spoofing and implement Address Spoofing For the range from 192.168.0.0 to 192.168.0.254. Eth0 is the name of the external network adapter. With this setting, all clients have only one external address, which can act as a firewall.
  
It is easier to publish a website in the LAN. You can use FTP to place the prepared webpage under \ var \ www \ http. However, we still need to add an asterisk before http and wu-ftp in the Server desktop icon Server Configuration/start at boot (startup selection.
  
The setting of the client is very simple. its IP address must be between 192.168.0.0 and 192.168.0.254, and cannot be set to the same as the internal address of the server. We set the gateway of the client to the IP address of the internal Nic of the server, and the port to 3128. This is the default value in the Squid proxy. You can reset it on the server. The DNS of the client can be directly set to a uniform address, for example, 202.102.227.68. Because the client uses address spoofing to access the Internet, you can directly use the ping command to ping external addresses.
  
  
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.