Setting up a simple Linux LAN server

There are already a lot of homes with more than two desktops, and the old machines that have been retired are tasteless and apologetic. In fact, you can use it as a LAN server, call friends after dinner, call the neighbors, pull a few network cables, move on a laptop to play against CS and the Age of Empires, or use a proxy server to share the Internet. Come with me and build a simple Linux LAN server.

The requirements of the Linux system for the server are quite low. The author uses the Celeron 466CPU and 128MB memory microcomputer as the server. The system can serve 50 single machines at a very fast speed. If you use the PIII1G professional server, you can theoretically meet the needs of 250 users at the same time.

First, download the latest 8.0 version of Redhat Linux from www.redhat.com or related websites in China. This system has an X-windows application similar to the Windows operation interface. The operation is relatively simple. Secondly, we need to equip the server with two network cards, one for the external line and one for the internal network. Modem access configuration is different from ADSL. This document uses ADSL access as an example. Other access methods can be referenced.

Software installation is relatively simple, but pay attention to the following points when partitioning: VAR partition is bigger, because all Internet users' files, and http publishing sites are in this partition. It is best to set a Temp partition to be used as an administrator temporary file. When selecting a file package group, be sure to select two groups of KDE and Squid. To publish a website on a local area network, choose http. If you don't know how to choose, then all the choices will work, and the impact will not be great anyway.

Note during the installation process: The server asks for the IP address of the network card during the installation process. This place should be carefully selected. The address of the ADSL external network card input by the author is 10.89.127.6, and the subnet mask is 255.255. 255.0, the gateway is 10.89.127.254. This NIC is used for external access and is required to be enabled at server startup with the name defined as eth0.

LAN topology

interior gateway card is generally used to use three types of addresses, we can set its address 192.168.0.10, while the subnet mask is set to 255.255.255.0, also required to be enabled at server startup, with the name defined as eth1. The DNS service addresses of the two networks use the same address, for example, the author sets 202.102.227.68. Note that the two names eth0 and eth1 cannot be mixed. If they are found to be different after startup, they can be reset in the Server Configuration network settings on the server desktop.
The hardware circuit can adopt the following topology diagram, and the server and client are connected to the same switch. After the server is installed, the main job is to configure the Squid proxy server software. Squid is very powerful, but you need to modify some of the content to work properly. Open the /etc/squid/squid.conf file with the advanced editor, around line 1450, with the following two sentences:

http_access allow localhost

http_access deny all

The first sentence is to explain that you can let the local Internet access through http. The second sentence is to prohibit other users from accessing the Internet through this machine. You need to modify the second sentence and change it to

http_access allow all

Configuration is complete. The Squid agent is turned off by default when the server is started. It needs to be changed. In the server desktop icon Server Configuration /start at boot, mark the front of Squid and Ipchains with an asterisk, so that Squid and Ipchains can be started at the same time when the server starts, or you can run the command separately. Find the server configuration item for the above configuration.

At this point, the server has been able to provide WWW proxy services, but there is still a lot of things to configure. For example, the chat function, you must set the address deception in order to proceed. Add the following to the end of the /etc/rc.local file and restart the server.

echo 1 >/proc/sys/net/ipv4/ip_forward

/sbin/ipchains -P forward DENY

/sbin/ipchains -F

/sbin/ipchains -A forward -s 192.168.0.0/24 -j MASQ -i eth0

These four sentences are statements for setting address spoofing. The 192.168.0.0 to 192.168.0.254 address range is implemented. Address fraud. Eth0 is the name of the external network card. With this setup, all clients have only one address externally and can act as a firewall.

It is easier to publish a website in the LAN. We can use FTP to place the already prepared web page under \\var\\www\\http, and it will be fine. However, we still need to put an asterisk in front of http and wu-ftp in the server desktop icon Server Configuration /start at boot.

The client's settings are very simple. Its IP address must be set between 192.168.0.0 and 192.168.0.254, and it cannot be set to be the same as the server's internal address. We set the client's gateway to the IP address of the server's internal NIC, and the port is set to 3128. This is the default value in the Squid agent and can be reset by the user on the server. The client's DNS can be set directly to a uniform address, such as 202.102.227.68. Because the client uses the address spoofing method to access the Internet, you can use the ping command to ping the external address.