Think Community Networks - Neil's Tips & Tricks

Open Network Control System

Building A Node

Node - Rocking Horse Road

Shopping

Wireless Networking Open Source Products Services Skype Products

List All Products
Product Search Advanced Search
Show Cart
Your Cart is currently empty.

Home

Projects

Neil's Tips & Tricks

Having built a node using Debian, Neil has a bunch of tips and tricks for customising the node.

This is the start of Don's (my) working notes on what he did... at present this page is mainly a reference to myself.

Naming Interfaces.

Network interfaces are named in /etc/iftab

You need to know the mac address of the card you're naming.

Neils Sys Admin Notes

Neil has a whole host of sysadmin notes here...

/etc/networking/interfaces

This file is used to set up the networking in debian 3.1.

Below is a sample file off TCN0002

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface auto lo iface lo inet loopback
# the backup configuration in case interface renaming doesn't work

auto eth0
iface eth0 inet dhcp

# the interface to the PRIVATE network auto home
# for when installed at the support site: iface home inet dhcp
# for when installed at the owner's site:

#iface home inet static
# address 192.168.1.254
# netmask 255.255.255.0
# broadcast 192.168.1.255
# up /etc/init.d/iptables start

# the interface to the COMMUNITY network
auto cmnty
iface cmnty inet static
address 10.252.16.29
netmask 255.255.255.224
broadcast 10.255.255.255
up /etc/init.d/iptables start
up route add -net 10.0.0.0 netmask 255.0.0.0 gw 10.252.16.1

Options File

Check if the options file has the following content in it...

root@tcn0002:/etc/network# cat options
ip_forward=yes
spoofprotect=yes
syncookies=no
root@tcn0002:/etc/network#

/var/lib/iptables configuration

This configuration assumes the machine is a wireless server so it's masquaraiding the wifi card.

^{root@tcn0002:/var/lib/iptables# ls
active inactive
root@tcn0002:/var/lib/iptables# cat active
# Generated by iptables-save v1.2.11 on Fri Jun 23 23:17:26 2006
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
-A POSTROUTING -o cmnty -j MASQUERADE
COMMIT
# Completed on Fri Jun 23 23:17:26 2006
# Generated by iptables-save v1.2.11 on Fri Jun 23 23:17:26 2006
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:all-nets - [0:0]
:priv-net - [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -j all-nets
-A INPUT -i home -j priv-net
-A INPUT -j LOG
-A INPUT -j DROP
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -o cmnty -j ACCEPT
-A FORWARD -j DROP
-A all-nets -p tcp -m multiport --dports 22,80 -j ACCEPT
-A priv-net -p tcp -m multiport --dports 25,53,1723 -j ACCEPT
-A priv-net -p udp -m multiport --dports 53,67 -j ACCEPT
-A priv-net -p gre -j ACCEPT
COMMIT
# Completed on Fri Jun 23 23:17:26 2006
root@tcn0002:/var/lib/iptables#}

Inactive

I don't recall why we have an inactive script but we do...

^{root@tcn0002:/var/lib/iptables# cat inactive
# Generated by iptables-save v1.2.11 on Thu Jun 22 19:13:32 2006
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
# Completed on Thu Jun 22 19:13:32 2006
# Generated by iptables-save v1.2.11 on Thu Jun 22 19:13:32 2006
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
# Completed on Thu Jun 22 19:13:32 2006
root@tcn0002:/var/lib/iptables#}

Mambo is Free Software released under the GNU/GPL License.