|
发表于 2004-3-11 10:59:11
|
显示全部楼层
QUOTE
config配置
#
# Configuration for floppyfw
#
# Fill in the blanks.
#
# For configuring of modules to use, # this includes the network interfaces: /modules.lst
# For configuring firewall rules and incoming traffic: /firewall.ini
# For configuring extra network interfaces you may use netwirk.ini
#
# Outside network:
#
#
# DHCP is the hook for the DHCP-client for the outside interface. # If used, you may have hangups of connections when the client has
# to get a new IP-address.
#
# EXTERNAL is a hook for booting a external startup script from a package.
# the external script has to be in /etc/ext-up.init
#
# For fixed IP setup, set the address and stuff a few sections below.
#下面三种方式选择一种没有'#'的是有效的。pppoe 方式有效。
#
#专线如光缆、网线上网
#OUTSIDE_IP=
#由isp提供的DHCP方式上网我想比较少吧
#OUTSIDE_IP=DHCP
#使用pppoe上网如ADSL
OUTSIDE_IP=EXTERNAL
# # The external script can need you to add your username and password, as
# the PPPoE package does. This is where you can add that.
#如果有pppoe则填上用户名与密码。
USER_IDENT=
USER_PASSWORD=
#
# eth0 default device.
#
OUTSIDE_DEV=eth0
#
# Not nescessary to set these if you are using DHCP
#如果专线则填上提供给你的ip与掩码
OUTSIDE_NETMASK=
OUTSIDE_NETWORK=
#不知道可以不写
OUTSIDE_BROADCAST=
# MAC address for outside nic
# Some ISPs uses bootp style dhcp tables and some just remembers the last
# used MAC address. this allows you to swap nics
# OUTSIDE_MAC=00:00:e8:48:6c:cb
# # Your inside network, this has 10.42.42.* set as default, this is # addresses assigned for internal networks according to RFC 1918.
#
# eth1 is the default device for the internal network.
#
INSIDE_IP=192.168.0.1
INSIDE_DEV=eth1
INSIDE_NETWORK=192.168.0.0
INSIDE_NETMASK=255.255.255.0
INSIDE_BROADCAST=192.168.0.255
#
# Misc
# These are not nescessary to set if you are using DHCP.
# (The DOMAIN field might be useful to change)
#
#专线 提供给你的网关
DEFAULT_GATEWAY=
#dns的ip地址
NAME_SERVER_IP1=
NAME_SERVER_IP2=
HOSTNAME=floppyfw
DOMAIN=floppyfwsecured.com
#
# Use a DHCP server on the inside network. (This will turn on the DNSMASQ)
#打开DHCP服务,想打开的话则n改为y
DHCP_DAEMON=n
DHCP_RANGE_START=192.168.0.100
DHCP_RANGE_END=192.168.0.200
#
# Use a caching DNS server on the floppy. (This will automatically be true if
# the DHCP daemon is used.)
#打开DNS缓存 n不打开,y打开。如果打开的话则客户端的dns可以为192.168.0.1
DNSMASQ=y
floppyfw-2.9.6-pppoe.img 的config
#
# Configuration for floppyfw
# $Id: config,v 1.1.1.1 2003/10/18 14:22:56 thomasez Exp $
#
# Fill in the blanks.
#
# For configuring of modules to use,
# this includes the network interfaces: /modules.lst
# For configuring firewall rules and incoming traffic: /firewall.ini
# For configuring extra network interfaces you may use netwirk.ini
# Serial console is set in syslinux.cfg (or isolinux.cfg for CD's)
# The default internal network is 10.42.42.* with 10.42.42.1
# As the floppyfw internal address (and default gateway for all
# internal machines). To change this go down to the INSIDE section.
#=============================================================================
#
# Basic configuration:
#
# Select the type of your OUTSIDE connection:
# CONNECT_TYPE=PPP # if you use a modem
CONNECT_TYPE=PPPoE # if you use some type of DSL that uses PPPoE
# (Most of them do)
# CONNECT_TYPE=DHCP # For getting the IP address by DHCP, often used
# on cable modems.
# CONNECT_TYPE=STATIC # For the good old LAN/WAN connections with
# static IP addresses on the outside.
# (setup of the interface is done further down
# in this file)
# CONNECT_TYPE=EXTERNAL # is a hook for booting a external startup
# script from a package.
# the external script has to be in /etc/ext-up.init
#
# Some connection methods wants a userid and password, PPP and PPPoE
# is the typical but also the EXTERNAL option may want it.
#
USER_IDENT=xxxxxxxx
USER_PASSWORD=xxxxxxxx
#
# Use a DHCP server on the inside network. (This will turn on DNSMASQ aswell)
# (Dnsmasq is a dns cache.)
#
DHCP_DAEMON=y
#
# Floppyfw now has a login prompt.
# Default, for now, is a login prompt and no password..
# You have to "login" as root.
#
# Password can be created in many ways. You have two (three) options,
# DES_PASSWORD will accept a crypted string
# PASSWORD will accept a string (the specific root password).
# This will give you "ffw" as login password.
# DES_PASSWORD=nCLm5JgCK0G5U
PASSWORD=
#
# Done! Your floppyfw should already work by now.
# Save this file and give it a first shot !
# Beneath are options for setting up more advanced stuff
# (including static network settings and ppp)
#
#=============================================================================
#
#
# Physical device layout:
#
# In the files /etc/outside.info and /etc/inside.info you will see
# OUTSIDDE_DEVICE and INSIDE_DEVICE, those are the logical devices used by
# firewall.init and friends..
#
# If you have only one network card you can set INSIDE_DEV to eth0:0
# and it will use ip aliasing to make it all work.
#
OUTSIDE_DEV=eth1
INSIDE_DEV=eth0
#-----------------------------------------------------------------------------
#
# INSIDE settings:
#
#
# Your inside network, this has 10.42.42.* set as default, this is
# addresses assigned for internal networks according to RFC 1918.
#
# Network and broadcast address will be automatically configured.
#
INSIDE_IP=10.1.1.2
INSIDE_NETMASK=255.0.0.0
#
# If you use the internal DHCP server and change the IP address and range
# above you should also set the dhcp address range.
#
DHCP_RANGE_START=10.1.1.1
DHCP_RANGE_END=10.1.1.254
#-----------------------------------------------------------------------------
#
# OUTSIDE settings if you are using the STATIC connection option:
#
# Network and broadcast address will be automatically configured.
#
OUTSIDE_IP=
OUTSIDE_NETMASK=
#
# Misc
# These are not nescessary to set if you are using DHCP.
# (The DOMAIN field might be useful to change)
#
DEFAULT_GATEWAY=
# Name servers can be a list, separated by a space. like "1.1.1.1 1.1.1.2"
NAME_SERVER_IP="202.99.xxx.xxx" "202.99.xxx.xxx"
# MAC address for outside nic
# Some ISPs uses bootp style dhcp tables and some just remembers the last
# used MAC address. this allows you to swap nics
# OUTSIDE_MAC=00:00:e8:48:6c:cb
#-----------------------------------------------------------------------------
#
# DMZ settings.
#
# This is just to set up the network, you have to edit firewall.ini to
# be able to do ahything useful with this.
#
USE_DMZ=n
DMZ_DEV=eth2
DMZ_IP=10.1.1.5
DMZ_NETMASK=255.255.255.0
#
# This switch (is not working yet) will turn on or off NAT to the outside
# network.
#
DMZ_USE_NAT=y
#-----------------------------------------------------------------------------
# PPP settings:
#
# Change the following only if you are using PPP or PPPoE!
#
# Phone number:
TELEPHONE=
# Serial Port COM1 is /dev/tts/0, COM2 is /dev/tts/1 etc.
SERIAL_PORT=/dev/tts/1
PORT_SPEED=57600
PPP_CONNECT_TIMEOUT=60
PPP_CONNECT_POLL=3
#
# General configuration options
#
USEPEERDNS=yes # set to 'yes' or 'no'
#Change the DEMAND variable to either:
# 'no' for "always on" connection
# N where N is the number of idle seconds before we disconnect
#DEMAND=600
DEMAND=no
# A debug option for debugging PPPoE, it will log to the specified file.
# This must NOT be used during normal use, it'll fill up the ramdisk..
# PPPOE_DEBUG=/tmp/pppoe.log
#-----------------------------------------------------------------------------
#
# Defaults and switches:
#
HOSTNAME=floppyfw
DOMAIN=floppyfwsecured.com
#
# Use a caching DNS server on the floppy. (This will automatically be true if
# the DHCP daemon is used.)
#
DNSMASQ=n
#
# And for the logging the scripts use:
# Default works for most purposes.
#
DEBUG_LOG="/dev/vc/3"
#
# Turning on syslogd and klogd.
# This is a nice thing but will eat CPU which is why it is turned
# off by default.
# The firewall.ini file is where you can turn on logging of rejected packages.
#
USE_SYSLOG=n
# Uncomment to log to /dev/vc/4 instead of /var/log/messages
# which aren't exactly a good idea on a ramdisk.
SYSLOG_TTY="-O $DEBUG_LOG"
# Or the another virtual console than the other messages:
# SYSLOG_TTY="-O /dev/vc/4"
# Uncomment to log to network. host:port
# SYSLOG_NET="-R 10.42.42.42:514"
# Uncomment to not print a mark
# SYSLOG_MARK="-m 0"
[ "$SYSLOG_TTY" -a "$SYSLOG_NET" ] && SYSLOG_BOTH="-L"
SYSLOG_FLAGS="$SYSLOG_MARK $SYSLOG_TTY $SYSLOG_NET $SYSLOG_BOTH"
#
# At the bottom (almost) because this is a feature that should not be
# widely used but it will be useful for some people, escpecially
# people using some irc servers demanding a result.
#
# This is a fake ident daemon, you can set the userid it shall answer
# and floppyfw will automagically start the fake identd with this user
# as the response.
#
# This will have security implications since you are running a listening
# daemon (server) on the outside network interface. do this ONLY
# if you really need it.
#
#FAKEIDENT=
# If you want to use a second device (floppy disk, or whatever),
# enter a device name like "/dev/fd1"
# Otherwise enter "n"
#SECOND_DEVICE="/dev/floppy/1"
SECOND_DEVICE=n
****************************
请再看看,哪有什么错误!!!!!!!!!! |
|