需启用ip转发
?vi /etc/sysctl.conf
net.ipv4.ip_forward = 1
如果主机未启用防火墙,下面一条iptables语句就可设置nat内网共享上网:
Code:
iptables?-t?nat?-A?POSTROUTING?-s?192.168.122.0/24?-o?eth0?-j?MASQUERADE
-s?表示源网络,即内网地址;-o?为连接因特网的接口
如果主机上启用了防火墙,需加上下面两句:
Code:
iptables?-A?FORWARD?-s?192.168.122.0/24?-o?eth0?-j?ACCEPT
iptables?-A?FORWARD?-d?192.168.122.0/24?-m?state?--state?ESTABLISHED,RELATED?-i?eth0?-j?ACCEPT
分别表示:来自内网、出口为eth0的包接受转发;来自eth0、目标地址为内网,且连接状态为建立、相关的包接受转发.
使用:
Code:
service?iptables?restart
重启iptables服务,将内网计算机网关设置为CentOS的Ip地址即可
原文:http://haisha.iteye.com/blog/2238018