2007-12-12 | linux下的DNS转发
朗读全文好久没配过DNS了,今天又费了点劲搞定了,记下来。
1.在/etc/named.conf 的options字段增加
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
forwarders {192.168.0.1;192.168.1.22;};
};
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
forwarders {192.168.0.1;192.168.1.22;};
};
2.写配置脚本
#!/bin/bash
#打开转发
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv4/ip_forward
#加载模块
/sbin/modprobe iptable_filter
/sbin/modprobe ip_tables
#/sbin/modprobe iptables_nat
/sbin/modprobe ip_tables
#/sbin/modprobe iptables_nat
#刷新规则
/sbin/iptables -t nat -F
/sbin/iptables -t nat -F
#新规则
/sbin/iptables -t nat -A POSTROUTING -s 192.168.29.0/255.255.255.0 -j MASQUERADE
评论