A modern computer provides the user with many features, without a good half of which he could easily do without. To this day, there is a debate on the net about whether it needs 3D graphics and high-quality sound. However, there is one function, the need for which is not disputed by anyone - this is access to the network.
Free OS connoisseurs argue that Linux is built for the web, like a bird for flight. True, they immediately make an allowance for the fact that only the elite will see the true power of this system, since setting up network interfaces is a difficult task and requires serious knowledge.
It is difficult to argue with this statement, since its comprehensive nature is obvious. Indeed, without having special skills, even stools cannot be put together. Nevertheless, here we are dealing with some exaggeration. Linux is a simple system. The Windows user has to keep much more information in memory in order to ensure comfortable work with it.
So that the last statement does not look unfounded, consider the procedure for setting up a network on a Linux system. Moreover, as is customary in the free software world, there is not one way, but several options. And the user himself will choose the one that he likes best.
ifconfig command
As a rule, network adapter drivers are connected during system installation. To verify this, just type ifconfig -a in the console. By the way, this name is not at all a mangled name for the ipconfig command familiar to Windows users. It's just short for Interface Configuration.
In response, the user will receive information about the characteristics of the Ethernet connection and the parameters of the so-called ring interface. The first is designated as eth0 (if there are several network adapters, then each will have its own eth[sequence number] section), and the second - as lo.
The same command can be used to activate the interface. Most often it looks like this:
ifconfig [interface name] netmask [netmask] broadcast [broadcast address] up.
However, in practice, all parameters may not be specified. For example, if the netmask and broadcast address are not set explicitly, then the system will use the default values (network address with machine part 255 and mask 255.255.255.0).
The pointopoint option must be used to activate PLIP, SLIP and PPP. In this case, the interfaces will be named like this:
Plip[number starting from zero] - for PLIP;
– slip[serial number starting from zero] - for SLIP;
– ppp[sequence number starting from zero] - for PPP.
For example, to configure a PLIP interface that connects two computers at addresses [address1] and [address2], type in the console:
ifconfig plip0 [address1] pointopoint [address2].
Disabling an interface is done with the ifconfig [interface designation] down command. Thus, using just one command, you can control a network device. And of course, there is no point in keeping all its options in memory - if you forgot something, then man ifconfig will always come to the rescue.
route command
The route command is responsible for routing. That is, it tells the system to which network computer packets should be sent in order to reach their destination.
This command displays the routing table. In addition, each entry consists of several fields:
– Destination - IP address of the destination of the route;
– Gateway - IP address or name of the gateway (if it is not present, then the symbol “*” is used);
– Genmask - route network mask;
– Flags - route type or state indicator (can take the following values: U - active, H - host, C - gateway, D - dynamic, M - modified);
– MSS - maximum amount of data transmitted at one time;
– Metric - number of hops to the gateway;
– Ref - number of requests to the route at a certain point in time;
Window - the maximum amount of data for the receiving side;
– Use - number of packets transmitted along the route;
– Iface - interface type.
To add an address to the routing table, use the route command with the add option. It should be noted that if the corresponding interface has already been configured using ifconfig, then the system itself can obtain information about it. In this case, there is no point in using specifiers - it is enough to specify the address of the destination. All other data will be redundant, and therefore optional.
Obviously, at least one entry must be made in the routing table in order to work on the network. The default destination is indicated by the default label.
Use the route del -net command to delete a route.
Other commands
If the interface settings are stored in the system, then the ifup and ifdown commands can be used to quickly activate and deactivate, as follows:
– ifup [interface designation] - to enable.
– ifdown [interface designation] - to disable.
The netstat command is used to display a list of network connections, routing tables, interface statistics, and so on. Among other things, it allows you to display the status of the connection, which is useful when analyzing the system for its security.
For example, LISTEN means that the service is waiting for a connection to another machine, and ESTABLISHED means that it has already been established. If there are no running programs for which this state is normal, then this may be unsafe and indicate an attack on the host.
Configuration files
The above commands are enough to configure the network. However, these utilities have one significant drawback: the result of their work will be valid for only one session. After the reboot, everything will have to start over. For this reason, it is much more convenient to edit the configuration files once.
Despite the fact that their device is independent of the distribution, they can be located in different places. For example, in Debian, /etc/init.d/network is responsible for setting up interfaces and routing, and in Slackware (MOPS, Zenwalk) - /etc/rc.d/rc.inet1. There is only one universal piece of advice that can be given in this regard: when starting to work with a particular product, be sure to read the technical documentation.
As an example, consider the ASPLinux distribution. The /etc/sysconfig/network-scripts/ directory is used to store network interface settings. Each of them is defined by the ifcfg-[interface designator] file.
This file consists of lines of the form: [parameter]=[value]. The parameters can be the following:
– NAME - arbitrary connection name;
– DEVICE - interface designation;
– IPADDR - interface IP address;
– NETMASK - network mask;
– GATEWAY - gateway IP address;
– ONBOOT - a pointer to the need to activate during boot;
– USERCTL - indicates that an ordinary user can activate the interface;
– MTU - MTU value (maximum packet size transmitted through the interface);
– PEERDNS—indicates the need to use DNS servers obtained upon interface activation;
– DNS1, DNS2 - IP addresses of primary and secondary DNS servers;
– BOOTPROTO - interface configuration mode indicator (none - using user parameters, boottp or dhcp - using appropriate protocols).
The /etc/host.conf and /etc/resolv.conf files are responsible for configuring DNS. The first of them is a plain text file, which specifies the rules for the operation of the node name and address search subsystem. Its structure is typical for all objects of this type - each line contains a parameter and its values (there may be several of them).
The order parameter specifies the method for finding the node's IP address. It can take the following values: bind (use DNS server), hosts (use local address database), nis (use NIS server). They must be in the order in which the search will be performed.
The trim parameter is used to describe exceptions. The corresponding line specifies the domain that will be automatically removed from the name.
The reorder parameter can take on/off values. It is responsible for enabling the mode of operation in which local addresses take precedence over all found ones. Spoofalert turns on the mode of writing the results of checking for false names to the system log. And multi allows you to customize the method of processing the local database of nodes. Of course, it is not necessary to specify all parameters. In practice, there are often /etc/host.conf files that consist of two lines.
The /etc/resolv.conf file describes some of the options that are used by the name lookup subsystem. It may consist of the following lines:
– nameserver - addresses of DNS servers;
– domain - local domain name to search for addresses in the local network;
– search - list of domains to search for addresses.
Obviously, the domain and search parameters cannot be relevant at the same time. If the system detects this contradiction, it will consider only the last record.
Or can Linux not use a nameserver at all? Theoretically - yes, although in practice the method described below is used only in very small networks, where other methods are not justified.
The way is to use the /etc/hosts file. It is a list of hostnames and their IP addresses, and more than one name can be specified for one address.
Graphical customization tools
Although setting up a network by directly editing configuration files is not a very difficult task, almost all modern distributions offer the user graphical tools designed to solve it. Even Zenwalk, which is not usually considered friendly in the Windows sense of the word, allows you to configure network interfaces without using the command line.
And today we have the right to say that in addition to elementary settings, the user can perform quite complex operations. In particular, a few years ago, the topic of setting up a VPN connection in Linux occupied a prominent place on the technical support forums, and all the proposed solutions to this problem could not be called simple. But times are changing.
For example, users of the Linux XP Desktop distribution set up a VPN connection using a convenient GUI tool that is even simpler than the similar tool in Windows. Approximately the same is offered to the consumer by ASPLinux, Mandriva and SuSE Linux.
All in all, Linux is truly built for the web. And this can be appreciated not only by experienced users, but also by beginners.
A modern computer provides the user with many features, without a good half of which he could easily do without. To this day, there is a debate on the net about whether it needs 3D graphics and high-quality sound. However, there is one function, the need for which is not disputed by anyone - this is access to the network.
Free OS connoisseurs argue that Linux is built for the web, like a bird for flight. True, they immediately make an allowance for the fact that only the elite will see the true power of this system, since setting up network interfaces is a difficult task and requires serious knowledge.
It is difficult to argue with this statement, since its comprehensive nature is obvious. Indeed, without having special skills, even stools cannot be put together. Nevertheless, here we are dealing with some exaggeration. Linux is a simple system. The Windows user has to keep much more information in memory in order to ensure comfortable work with it.
So that the last statement does not look unfounded, consider the procedure for setting up a network on a Linux system. Moreover, as is customary in the free software world, there is not one way, but several options. And the user himself will choose the one that he likes best.
ifconfig command
As a rule, network adapter drivers are connected during system installation. To verify this, just type ifconfig -a in the console. By the way, this name is not at all a mangled name for the ipconfig command familiar to Windows users. It's just short for Interface Configuration.
In response, the user will receive information about the characteristics of the Ethernet connection and the parameters of the so-called ring interface. The first is designated as eth0 (if there are several network adapters, then each will have its own eth[sequence number] section), and the second as lo.
The same command can be used to activate the interface. Most often it looks like this:
ifconfig [interface name] netmask [netmask] broadcast [broadcast address] up.
However, in practice, all parameters may not be specified. For example, if the netmask and broadcast address are not set explicitly, then the system will use the default values (network address with machine part 255 and mask 255.255.255.0).
The pointopoint option must be used to activate PLIP, SLIP and PPP. In this case, the interfaces will be named like this:
– plip[sequence number starting from zero] — for PLIP;
– slip[sequence number starting from zero] — for SLIP;
– ppp[sequence number starting from zero] — for PPP.
For example, to configure a PLIP interface that connects two computers at addresses [address1] and [address2], type in the console:
ifconfig plip0 [address1] pointopoint [address2].
Disabling an interface is done with the ifconfig [interface designation] down command. Thus, using just one command, you can control a network device. And of course, there is no point in keeping all its options in memory - if you forgot something, then man ifconfig will always come to the rescue.
route command
The route command is responsible for routing. That is, it tells the system to which network computer packets should be sent in order to reach their destination.
This command displays the routing table. In addition, each entry consists of several fields:
– Destination—IP address of the route's destination;
– Gateway — IP address or name of the gateway (if it is not present, then the symbol “*” is used);
– Genmask — route network mask;
– Flags — route type or state indicator (can take the following values: U—active, H—host, C—gateway, D—dynamic, M—modified);
– MSS is the maximum amount of data transmitted at one time;
– Metric—number of hops to the gateway;
– Ref—number of requests to the route at a certain point in time;
Window - the maximum amount of data for the receiving side;
– Use—number of packets transmitted along the route;
– Iface—interface type.
To add an address to the routing table, use the route command with the add option. It should be noted that if the corresponding interface has already been configured using ifconfig, then the system itself can obtain information about it. In this case, there is no point in using specifiers - it is enough to specify the address of the destination. All other data will be redundant, and therefore optional.
Obviously, at least one entry must be made in the routing table in order to work on the network. The default destination is indicated by the default label.
Use the route del -net command to delete a route.
Other commands
If the interface settings are stored in the system, then the ifup and ifdown commands can be used to quickly activate and deactivate, as follows:
– ifup [interface designation] — to enable.
– ifdown [interface designation] — to disable.
The netstat command is used to display a list of network connections, routing tables, interface statistics, and so on. Among other things, it allows you to display the status of the connection, which is useful when analyzing the system for its security.
For example, LISTEN means that the service is waiting for a connection to another machine, and ESTABLISHED means that it has already been established. If there are no running programs for which this state is normal, then this may be unsafe and indicate an attack on the host.
Configuration files
The above commands are enough to configure the network. However, these utilities have one significant drawback: the result of their work will be valid for only one session. After the reboot, everything will have to start over. For this reason, it is much more convenient to edit the configuration files once.
Despite the fact that their device is independent of the distribution, they can be located in different places. For example, in Debian, the /etc/init.d/network file is responsible for setting up interfaces and routing, and in Slackware (MOPS, Zenwalk) it is /etc/rc.d/rc.inet1. There is only one universal piece of advice that can be given in this regard: when starting to work with a particular product, be sure to read the technical documentation.
As an example, consider the ASPLinux distribution. The /etc/sysconfig/network-scripts/ directory is used to store network interface settings. Each of them is defined by the ifcfg-[interface designator] file.
This file consists of lines of the form: [parameter]=[value]. The parameters can be the following:
– NAME—arbitrary connection name;
– DEVICE—interface designation;
– IPADDR — interface IP address;
– NETMASK—network mask;
– GATEWAY — gateway IP address;
– ONBOOT — pointer to the need to activate during boot;
– USERCTL—indicates that an ordinary user can activate the interface;
– MTU — MTU value (maximum packet size transmitted through the interface);
– PEERDNS—indicates the need to use the DNS servers obtained when the interface was activated;
– DNS1, DNS2 — IP addresses of primary and secondary DNS servers;
– BOOTPROTO — interface configuration mode indicator (none — using user parameters, boottp or dhcp — using appropriate protocols).
The /etc/host.conf and /etc/resolv.conf files are responsible for configuring DNS. The first of them is a plain text file, which specifies the rules for the operation of the node name and address search subsystem. Its structure is typical for all objects of this type - each line contains a parameter and its values (there may be several of them).
The order parameter specifies the method for finding the node's IP address. It can take the following values: bind (use DNS server), hosts (use local address database), nis (use NIS server). They must be in the order in which the search will be performed.
The trim parameter is used to describe exceptions. The corresponding line specifies the domain that will be automatically removed from the name.
The reorder parameter can take on/off values. It is responsible for enabling the mode of operation in which local addresses take precedence over all found ones. Spoofalert turns on the mode of writing the results of checking for false names to the system log. And multi allows you to customize the method of processing the local database of nodes. Of course, it is not necessary to specify all parameters. In practice, there are often /etc/host.conf files that consist of two lines.
The /etc/resolv.conf file describes some of the options that are used by the name lookup subsystem. It may consist of the following lines:
– nameserver—addresses of DNS servers;
– domain — name of the local domain to search for addresses in the local network;
– search — list of domains to search for addresses.
Obviously, the domain and search parameters cannot be relevant at the same time. If the system detects this contradiction, it will consider only the last record.
Or can Linux not use a nameserver at all? Theoretically, yes, although in practice the method described below is used only in very small networks, where other methods are not justified.
The way is to use the /etc/hosts file. It is a list of hostnames and their IP addresses, and more than one name can be specified for one address.
Graphical customization tools
Although setting up a network by directly editing configuration files is not a very difficult task, almost all modern distributions offer the user graphical tools designed to solve it. Even Zenwalk, which is not usually considered friendly in the Windows sense of the word, allows you to configure network interfaces without using the command line.
And today we have the right to say that in addition to elementary settings, the user can perform quite complex operations. In particular, a few years ago, the topic of setting up a VPN connection in Linux occupied a prominent place on the technical support forums, and all the proposed solutions to this problem could not be called simple. But times are changing.
For example, users of the Linux XP Desktop distribution set up a VPN connection using a convenient GUI tool that is even simpler than the similar tool in Windows. Approximately the same is offered to the consumer by ASPLinux, Mandriva and SuSE Linux.
All in all, Linux is truly built for the web. And this can be appreciated not only by experienced users, but also by beginners.
Linux was originally designed for networking, so networking is one of the strengths of Linux.
Linux supports popular network protocols such as TCP/IP and SMB (NetBIOS) and has advanced tools for monitoring and filtering network traffic. Linux provides services such as FTP, web server, Windows file and print server. Linux even provides the ability to centrally manage services, Virtual Private Networking (VPN), and remote procedure calls.
Linux can work with any network hardware for which it has a driver. Linux drivers are either built into the kernel or compiled as loadable modules. Many common NICs are supported by the Linux kernel by default. When choosing network equipment, you should use devices listed in the "Hardware Compatibility List". Use the latest Linux distributions.
As a rule, if you are using compatible network equipment, your card will be automatically recognized during system installation. You can check the network hardware detected by the system using the ifconfig command. By default, ifconfig shows you active network devices. To see all network devices, add the -a switch:
Leave your comment!
This is the default welcome page used to test the correct operation of the Apache2 server after installation on Ubuntu systems. It is based on the equivalent page on Debian, from which the Ubuntu Apache packaging is derived. If you can read this page, it means that the Apache HTTP server installed at this site is working properly. You should replace this file(located at /var/www/html/index.html) before continuing to operate your HTTP server.
If you are a normal user of this web site and don't know what this page is about, this probably means that the site is currently unavailable due to maintenance. If the problem persists, please contact the site's administrator.
Configuration Overview
Ubuntu"s Apache2 default configuration is different from the upstream default configuration, and split into several files optimized for interaction with Ubuntu tools. The configuration system is fully documented in /usr/share/doc/apache2/README.Debian.gz. Refer to this for the full documentation. Documentation for the web server itself can be found by accessing the manual if the apache2-doc package was installed on this server.
The configuration layout for an Apache2 web server installation on Ubuntu systems is as follows:
/etc/apache2/ |-- apache2.conf | `-- ports.conf |-- mods-enabled | |-- *.load | `-- *.conf |-- conf-enabled | `-- *.conf |-- sites-enabled | `-- *.conf
- apache2.conf is the main configuration file. It puts the pieces together by including all remaining configuration files when starting up the web server.
- ports.conf is always included from the main configuration file. It is used to determine the listening ports for incoming connections, and this file can be customized anytime.
- Configuration files in the mods-enabled/ , conf-enabled/ and sites-enabled/ directories contain particular configuration snippets which manage modules, global configuration fragments, or virtual host configurations, respectively.
- They are activated by symlinking available configuration files from their respective *-available/ counterparts. These should be managed by using our helpers a2enmod, a2dismod, a2ensite, a2dissite, and a2enconf, a2disconf . See their respective man pages for detailed information.
- The binary is called apache2. Due to the use of environment variables, in the default configuration, apache2 needs to be started/stopped with /etc/init.d/apache2 or apache2ctl . Calling /usr/bin/apache2 directly will not work with the default configuration.
Document Roots
By default, Ubuntu does not allow access through the web browser to any file apart of those located in /var/www , public_html directories (when enabled) and /usr/share (for web applications). If your site is using a web document root located elsewhere (such as in /srv) you may need to whitelist your document root directory in /etc/apache2/apache2.conf .
The default Ubuntu document root is /var/www/html . You can make your own virtual hosts under /var/www. This is different to previous releases which provides better security out of the box.
Reporting Problems
Please use the ubuntu-bug tool to report bugs in the Apache2 package with Ubuntu. However, check before reporting a new bug.
Please report bugs specific to modules (such as PHP and others) to their respective packages, not to the web server itself.
linux
# ethtool eth0 # Show ethernet status# ethtool -s eth0 speed 100 duplex full # Force mode setting 100Mbit full duplex # ethtool -s eth0 autoneg off # Disable autodetect# ethtool -p eth1 # Flash network card indicator - if supported# ip link show # List of network interfaces in Linux (similar to ifconfig) # ip link set eth0 up # Enable network interface (or disable). Analog " ifconfig eth0 up" # ip addr show # List of all IP addresses in Linux (similar to ifconfig) # ip number show # Same as arp -a
Other operating systems
# ifconfig fxp0 # Check field " media"in# arp -a # Show routing table of network, router (or host) (all OS)# ping cb.vu # Ping host # traceroute cb.vu # Print the route path to the destination# ifconfig fxp0 media 100baseTX mediaopt full-duplex # 100Mbit full duplex(FreeBSD)# netstat -s # System-wide statistics for all network protocols Additional network debugging tools that are not always installed by default, but are not hard to find: # arping 192.168.16.254 # Ping the level ethernet # tcptraceroute -f 5 cb.vu # Uses tcp instead of icmp to trace the route through the firewallNetwork routing
Printing the routing table
# route -n # Linux or use " ip route" # netstat -rn # Linux, BSD and UNIX # route print # WindowsAdding and removing a route
FreeBSD
# route add 212.117.0.0/16 192.168.1.1 # route delete 212.117.0.0/16 # route add default 192.168.1.1 Add permanent network route to /etc/rc.confstatic_routes="myroute" route_myroute="-net 212.117.0.0/16 192.168.1.1"
linux
# route add -net 192.168.20.0 netmask 255.255.255.0 gw 192.168.16.254 # ip route add 192.168.20.0/24 via 192.168.16.254 # As above with ip route# route add -net 192.168.20.0 netmask 255.255.255.0 dev eth0 # route add default gw 192.168.51.254 # ip route add default via 192.168.51.254 dev eth0 # As above with ip route# route delete -net 192.168.20.0 netmask 255.255.255.0Solaris
# route add -net 192.168.20.0 -netmask 255.255.255.0 192.168.16.254 # route add default 192.168.51.254 1 # 1 = jump to the next gateway# route change default 192.168.50.254 1 Permanent entries are set to /etc/defaultrouter.Windows
# Route add 192.168.50.0 mask 255.255.255.0 192.168.51.253 # Route add 0.0.0.0 mask 0.0.0.0 192.168.51.254 Use " add-p to make the route permanent.Setting up additional IP addresses
linux
# ifconfig eth0 192.168.50.254 netmask 255.255.255.0 # First IP address # ifconfig eth0:0 192.168.51.254 netmask 255.255.255.0 # Second IP address # ip addr add 192.168.50.254/24 dev eth0 # Equivalent commands for ip# ip addr add 192.168.51.254/24 dev eth0 label eth0:1FreeBSD
# ifconfig fxp0 inet 192.168.50.254/24 # Primary IP address of the network interface# ifconfig fxp0 alias 192.168.51.254 netmask 255.255.255.0 # Add a second IP address as an alias# ifconfig fxp0 -alias 192.168.51.254 # Remove alias for second IP address Permanent entries in /etc/rc.confifconfig_fxp0="inet 192.168.50.254 netmask 255.255.255.0" ifconfig_fxp0_alias0="192.168.51.254 netmask 255.255.255.0"
Solaris
Checking settings with ifconfig -a# ifconfig hme0 plumb # Install network card# ifconfig hme0 192.168.50.254 netmask 255.255.255.0 up # First IP address # ifconfig hme0:1 192.168.51.254 netmask 255.255.255.0 up # Second IP addressMAC address change
First you must deactivate the network interface.. and don't tell anyone what you want to change the MAC for...) # ifconfig eth0 down # ifconfig eth0 hw ether 00:01:02:03:04:05 # Linux # ifconfig fxp0 link 00 :01:02:03:04:05 # FreeBSD # ifconfig hme0 ether 00:01:02:03:04:05 # Solaris # sudo ifconfig en0 ether 00:01:02:03:04:05 # Mac OS X Tiger # sudo ifconfig en0 lladdr 00:01:02:03:04:05 # Mac OS X Leopard Under Windows, there are many tools to change the MAC address, such as etherchange or google for "Mac Makeup", "smac".Network ports
List of open ports: # netstat -an | grep LISTEN # lsof -i # List all Linux internet connections#socklist # List of open Linux ports#sockstat-4 # List of applications listening on open ports# netstat -anp --udp --tcp | grep LISTEN # Linux # netstat -tup # List of active connections incoming/outgoing Linux# netstat -tupl # List of Linux listening ports# netstat -ano # WindowsFirewalls
linux
# iptables -L -n -v # Status Open iptables firewall # iptables -P INPUT ACCEPT # Set the default policy of the INPUT chain to "open all"# iptables -P FORWARD ACCEPT # same as the line above, only for the FORWARD chain# iptables -P OUTPUT ACCEPT # similar for the OUTPUT chain# iptables -Z # Reset counters in all chains# iptables -F # Reset all chains# iptables -X # Delete all chainsFreeBSD
# ipfw show # Status # ipfw list 65535 # Epyfnm firewall type, closed or open# sysctl net.inet.ip.fw.enable=0 # Disable regular firewall IPFW # sysctl net.inet.ip.fw.enable=1 # Enable regular firewall IPFWRoute forwarding
linux
Check and, if necessary, enable route forwarding # cat /proc/sys/net/ipv4/ip_forward # Check if forwarding is enabled or not, 0=off, 1=on # echo 1 > /proc/sys/net/ipv4/ip_forward or add to /etc/sysctl.conf:FreeBSD
Check forwarding status and enable if necessary: # sysctl net.inet.ip.forwarding # Check whether forwarding is enabled or not, 0=off, 1=on# sysctl net.inet.ip.forwarding=1 # sysctl net.inet.ip.fastforwarding=1 # For dedicated route or firewall Entry in /etc/rc.conf:gateway_enable="YES" # Set to YES if this host is a gateway
Solaris
# ndd -set /dev/ip ip_forwarding 1 # Enable route forwarding 0=off, 1=onNetwork Address Translation NAT
linux
# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE # Turn on NAT # iptables -t nat -A PREROUTING -p tcp -d 78.31.70.238 --dport 20022 -j DNAT \ --to 192.168.16.44:22 # Forward port 20022 to the internal IP port ssh # iptables -t nat -A PREROUTING -p tcp -d 78.31.70.238 --dport 993:995 -j DNAT \ --to 192.168.16.254:993-995 # Forward ports out of range 993-995 # ip route flush cache # iptables -L -t nat # Check table status NATFreeBSD
# natd -s -m -u -dynamic -f /etc/natd.conf -n fxp0 Or add to /etc/rc.conf: firewall_enable="YES" # YES - Enable firewall firewall_type="open" # Firewall type (see /etc/rc.firewall) natd_enable="YES" # Enable natd (if firewall_enable == YES) natd_interface="tun0" # The network interface or IP address to use natd natd_flags="-s -m -u -dynamic -f /etc/natd.conf" For port forwarding: # cat /etc/natd.conf same_ports yes use_sockets yes unregistered_only # redirect_port tcp insideIP:2300-2399 3300-3399 # Port range redirect_port udp 192.168.51.103:7777 7777DNS
On Unix, DNS records are valid for all interfaces and are stored in /etc/resolv.conf. The zone to which the host belongs is also stored in this file. Minimum configuration:nameserver 78.31.70.238 search sleepyowl.net intern.lab domain sleepyowl.netCheck domain name: # hostname -d # Analogue dnsdomainname
Windows
On Windows, DNS is configured per interface. To view the current configuration and flush the DNS cache, use: # ipconfig /? # Help on using the command# ipconfig /all # View all information including DNSClearing the DNS cache
You can clear the DNS cache, but remember, some applications use their own, personal cache (for example, Firefox), and resetting them will not work. # /etc/init.d/nscd restart # Restart nscd(name caching daemon) Linux/BSD/Solaris# lookupd -flushcache # OS X Tiger # dscacheutil -flushcache # OS X Leopard and newer# ipconfig /flushdns # WindowsForwarding DNS queries
Dig, a utility for checking DNS settings. For example, we use a public DNS server to check 213.133.105.2 ns.second-ns.de. Pay attention to which server the client will receive the answer from (simplified answer). # dig sleepyowl.net sleepyowl.net. 600 IN A 78.31.70.238;; SERVER: 192.168.51.254#53(192.168.51.254) Router 192.168.51.254 , sent as an answer, record type BUT. A record of a certain type for the query and the DNS server can be specified with the @ symbol: # dig MX google.com # dig @127.0.0.1 NS sun.com # Check local dns server# dig @204.97.212.10 NS MX heise.de # Request to external dns server# dig AXFR @ns1.xname.org cb.vu # Get the entire zone (zone forwarding) from the dns server Another useful utility host: # host -t MX cb.vu # Get record type MX ( Mail Exchange) # host -t NS -T sun.com # Get NS record over TCP connection# host -a sleepyowl.net # Get allBack requests
You can find out the name by IP address using utilities such as dig, host or nslookup: # dig -x 78.31.70.238 # host 78.31.70.238 # nslookup 78.31.70.238file /etc/hosts
Individual hosts can be configured in a file /etc/hosts, instead of running named, to resolve a name to an address. The format is: 78.31.70.238 sleepyowl.net sleepyowl Priority between file hosts and DNS request, can be configured in /etc/nsswitch.conf And /etc/host.conf. A similar file is also present in Windows, and is usually located at c:\windows\system32\drivers\etcDynamic Network Addressing Protocol - DHCP
h4>Linux Some distributions ( SuSE) used as a client dhcpd. Default Interface eth0. # dhcpcd -n eth0 # Refresh (does not always work)# dhcpcd -k eth0 # Release and turn off Lease(the lease period is the time for which an IP address can be issued to a specific network host) and all information is stored in: /var/lib/dhcpcd/dhcpcd-eth0.infoFreeBSD
FreeBSD (and Debian) uses dhclient. To configure the desired network interface (for example, bge0): # dhclient bge0 The lease period and all information is stored in: /var/db/dhclient.leases.bge0 Use /etc/dhclient.conf to add options or change existing ones: # cat /etc/dhclient.conf interface "rl0" ( prepend domain-name-servers 127.0.0.1; default domain-name "sleepyowl.net"; supersede domain-name "sleepyowl.net"; )Windows
dhcp lease can be updated with ipconfig: # ipconfig /renew # Update all adapters# ipconfig /renewLAN # Update network adapter named "LAN"# ipconfig /release WLAN # Release network adapter named "WLAN" It's a good idea to give network adapters more descriptive names.Traffic analysis
Traffic analysis with tcpdump
# tcpdump -nl -i bge0 not port ssh and src \(192.168.16.121 or 192.168.16.54\) # tcpdump -n -i eth1 net 192.168.16.121 # Sampling incoming / outgoing by one IP address# tcpdump -n -i eth1 net 192.168.16.0/24 # Select incoming / outgoing by network address# tcpdump -l > dump && tail -f dump # Output via buffer# tcpdump -i rl0 -w traffic.rl0 # Write packet headers to a binary file# tcpdump -i rl0 -s 0 -w traffic.rl0 # Write complete packages to binary# tcpdump -r traffic.rl0 # Read from file (also for ethereal) for further analysis# tcpdump port 80 # Classic commands# tcpdump host google.com # tcpdump -i eth0 -X port \(110 or 143\) # Check security pop or imap # tcpdump -n -i eth0 icmp # Sample icmp (ping) packages# tcpdump -i eth0 -s 0 -A port 80 | grep GET # -s 0 for complete packages, -A for ASCII Some important options:- -A- Print text from batches (no headers)
- -X- Print packages to hex and ASCII
- -l- Enable output buffering
- -D- Show all active network interfaces