[root@foxice network-scripts]# more ifcfg-eth0
# Realtek Semiconductor Co., Ltd. RTL-8139/8139C/8139C+
DEVICE=eth0
BOOTPROTO=none
BROADCAST=192.168.1.255
HWADDR=00:1D:0F:0D:B5:4D
IPADDR=192.168.1.23
NETMASK=255.255.255.0
NETWORK=192.168.1.0
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
IPV6INIT=no
PEERDNS=yes
GATEWAY=192.168.1.254
[root@foxice network-scripts]# more ifcfg-eth1
# Marvell Technology Group Ltd. 88E8053 PCI-E Gigabit Ethernet Controller
DEVICE=eth1
BOOTPROTO=none
BROADCAST=192.168.1.255
HWADDR=00:E0:A0:1D:92:55
IPADDR=192.168.1.23
NETMASK=255.255.255.0
NETWORK=192.168.1.0
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
IPV6INIT=no
PEERDNS=yes
[root@foxice rc.d]# more rc.local
#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.
touch /var/lock/subsys/local
#ip forward
/sbin/sysctl -w net.ipv4.conf.all.forwarding=1
#enable proxy-arp
/sbin/sysctl -w net.ipv4.conf.eth0.proxy_arp=1
/sbin/sysctl -w net.ipv4.conf.eth1.proxy_arp=1
#define route
/sbin/ip route del 192.168.1.0/24 dev eth0
/sbin/ip route add 192.168.1.254 dev eth0
/sbin/ip route add 192.168.1.0/24 dev eth1
#rules
iptables -I FORWARD -p tcp --dport 53 -j ACCEPT
iptables -I FORWARD -p udp --dport 53 -j ACCEPT
iptables -I FORWARD -p tcp --dport 80 -j ACCEPT
iptables -I FORWARD -p tcp --dport 25 -j ACCEPT
iptables -I FORWARD -p tcp --dport 110 -j ACCEPT