路由器是在朋友的幫助下做的.. 我看了一下.是這樣的:
CentOS-3.4 三快網(wǎng)卡。WAN1-eth0 WAN2-eth1 LAN-eth2

1、init_route腳本:
#! /bin/bash
ip route replace default nexthop via XXX.XXX.XXX.XXX dev eth0 \
nexthop via XXX.XXX.XXX.XXX dev eth1
##其中的XXX為兩條網(wǎng)線的網(wǎng)關(guān)##
2、iproute_flush腳本
#! /bin/bash
while true
do
ip route flush cache
sleep 60
done
####60為每個(gè)連接請(qǐng)求選擇網(wǎng)關(guān)的間隔時(shí)間####

3、防火墻腳本firewall:
#! /bin/bash
/sbin/modprobe ip_conntrack_ftp
/sbin/modprobe ip_nat_ftp
/sbin/iptables -F -t filter
/sbin/iptables -F -t nat
/sbin/iptables -P INPUT DROP
/sbin/iptables -P OUTPUT ACCEPT
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables -t nat -P PREROUTING ACCEPT
/sbin/iptables -t nat -P POSTROUTING ACCEPT
/sbin/iptables -t nat -P OUTPUT ACCEPT

# ALLOW ALL in PRIVATE NET
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A INPUT -i eth2 -j ACCEPT
# SYN-Flooding Protection
/sbin/iptables -N syn-flood
/sbin/iptables -A INPUT -p tcp --syn -j syn-flood
/sbin/iptables -A syn-flood -m limit --limit 10/s --limit-burst 500 -j RETURN
/sbin/iptables -A syn-flood -j DROP
## Make sure that new TCP connections are SYN packets
/sbin/iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
# ICMP
/sbin/iptables -A INPUT -p icmp -j ACCEPT
# DENY OTHERS
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j MASQUERADE