路由器是在朋友的帮助下做的.. 我看了一下.是这样的:
CentOS-3.4 三快网卡。WAN1-eth0 WAN2-eth1 LAN-eth2

1、init_route脚本:
#! /bin/bash
ip route replace default nexthop via XXX.XXX.XXX.XXX dev eth0 \
nexthop via XXX.XXX.XXX.XXX dev eth1
##其中的XXX为两条网线的网关##
2、iproute_flush脚本
#! /bin/bash
while true
do
ip route flush cache
sleep 60
done
####60为每个连接请求选择网关的间隔时间####

3、防火墙脚本firewall:
#! /bin/bash
/sbin/modprobe ip_conntrack_ftp
/sbin/modprobe ip_nat_ftp
/sbin/iptables -F -t filter
/sbin/iptables -F -t nat
/sbin/iptables -P INPUT DROP
/sbin/iptables -P OUTPUT ACCEPT
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables -t nat -P PREROUTING ACCEPT
/sbin/iptables -t nat -P POSTROUTING ACCEPT
/sbin/iptables -t nat -P OUTPUT ACCEPT

# ALLOW ALL in PRIVATE NET
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A INPUT -i eth2 -j ACCEPT
# SYN-Flooding Protection
/sbin/iptables -N syn-flood
/sbin/iptables -A INPUT -p tcp --syn -j syn-flood
/sbin/iptables -A syn-flood -m limit --limit 10/s --limit-burst 500 -j RETURN
/sbin/iptables -A syn-flood -j DROP
## Make sure that new TCP connections are SYN packets
/sbin/iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
# ICMP
/sbin/iptables -A INPUT -p icmp -j ACCEPT
# DENY OTHERS
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j MASQUERADE