Gentoo网络配置

 

1. 配置ip

/etc/conf.d/net
DHCP 动态获取

1 config_eth0= ( "dhcp" )

固定IP

1 config_eth0= ( "192.168.0.2 netmask 255.255.255.0 brd 192.168.0.255" )
2 或者
3 config_eth0= ( "192.168.0.2/24 brd 192.168.0.255" )
4 routes_eth0= ( "default via 192.168.0.1" )

2. DNS设置

/etc/resolv.conf

1 nameserver 202.96.209.5 202.96.209.133

3. 重启网卡（dhcpcd eth0）

1 /etc /init.d /net.eth0 start | stop | restart

4. 配置防火墙 iptables

# stop iptables services
/etc/init.d/iptables stop

# disable all chains
iptables -F
iptables -t nat -F
iptables -t mangle -F

# allow ssh
iptables -A INPUT -i eth0 -p tcp –dport 22 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp –dport 80 -j ACCEPT

# allow old connection and deny new connection
iptables -A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i eth0 -m state –state NEW,INVALID -j DROP

# allow all localhost
iptables -A INPUT -i lo -j ACCEPT

# define default policy
iptables -P FORWARD DROP
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT

# save
/etc/init.d/iptables save
/etc/init.d/iptables restart

#加入自动启动任务，使iptables自动启动
rc-update add iptables default

如何删除一条规则？比如删除80端口，让外面无法访问。
iptables -D INPUT -i eth0 -p tcp –dport 80 -j ACCEPT

如何再添加？
iptables -I INPUT -i eth0 -p tcp –dport 80 -j ACCEPT

最后别忘记用
/etc/init.d/iptables save
/etc/init.d/iptables restart
这两个命令保存并重启

http://blog.prosight.me/index.php/2009/07/211