Linux Network Administrators Guide

[Pages:505]Linux Network Administrators Guide

Linux Network Administrators Guide

Table of Contents

1. Purpose and Audience for This Book............................................................................................................1

2. Sources of Information...................................................................................................................................2 2.1. Documentation Available via FTP....................................................................................................3 2.2. Documentation Available via WWW...............................................................................................3 2.3. Documentation Available Commercially.........................................................................................3 2.4. Linux Journal and Linux Magazine..................................................................................................4 2.5. Linux Usenet Newsgroups................................................................................................................4 2.6. Linux Mailing Lists..........................................................................................................................5 2.7. Online Linux Support.......................................................................................................................6 2.8. Linux User Groups............................................................................................................................6 2.9. Obtaining Linux................................................................................................................................7

3. File System Standards....................................................................................................................................9

4. Standard Linux Base....................................................................................................................................10

5. About This Book...........................................................................................................................................11

6. The Official Printed Version........................................................................................................................13

7. Overview........................................................................................................................................................15

8. Conventions Used in This Book...................................................................................................................17

9. Submitting Changes......................................................................................................................................18

10. Acknowledgments.......................................................................................................................................19 10.1. The Hall of Fame..........................................................................................................................19

Chapter 1. Introduction to Networking..........................................................................................................21

1.1. History.........................................................................................................................................................22

1.2. TCP/IP Networks.......................................................................................................................................23 1.2.1. Introduction to TCP/IP Networks................................................................................................23 1.2.2. Ethernets......................................................................................................................................24 1.2.3. Other Types of Hardware.............................................................................................................25 1.2.4. The Internet Protocol...................................................................................................................27 1.2.5. IP Over Serial Lines.....................................................................................................................28 1.2.6. The Transmission Control Protocol.............................................................................................28 1.2.7. The User Datagram Protocol.......................................................................................................29 1.2.8. More on Ports...............................................................................................................................29 1.2.9. The Socket Library......................................................................................................................30

1.3. UUCP Networks.........................................................................................................................................31

1.4. Linux Networking......................................................................................................................................32

i

Linux Network Administrators Guide

Table of Contents

1.4.1. Different Streaks of Development...............................................................................................32 1.4.2. Where to Get the Code.................................................................................................................33

1.5. Maintaining Your System.........................................................................................................................34 1.5.1. System Security...........................................................................................................................34

Chapter 2. Issues of TCP/IP Networking.......................................................................................................36

2.1. Networking Interfaces...............................................................................................................................37

2.2. IP Addresses...............................................................................................................................................38

2.3. Address Resolution....................................................................................................................................40

2.4. IP Routing...................................................................................................................................................41 2.4.1. IP Networks.................................................................................................................................41 2.4.2. Subnetworks.................................................................................................................................41 2.4.3. Gateways......................................................................................................................................42 2.4.4. The Routing Table.......................................................................................................................43 2.4.5. Metric Values...............................................................................................................................45

2.5. The Internet Control Message Protocol...................................................................................................46

2.6. Resolving Host Names...............................................................................................................................47

Chapter 3. Configuringthe NetworkingHardware........................................................................................48

3.1. Kernel Configuration.................................................................................................................................51 3.1.1. Kernel Options in Linux 2.0 and Higher.....................................................................................51 3.1.2. Kernel Networking Options in Linux 2.0.0 and Higher..............................................................53

3.2. A Tour of Linux Network Devices............................................................................................................57

3.3. Ethernet Installation..................................................................................................................................59 3.3.1. Ethernet Autoprobing...................................................................................................................59

3.4. The PLIP Driver........................................................................................................................................62

3.5. The PPP and SLIP Drivers.......................................................................................................................64

3.6. Other Network Types................................................................................................................................65

Chapter 4. Configuring the Serial Hardware.................................................................................................66

4.1. Communications Software for Modem Links.........................................................................................67

4.2. Introduction to Serial Devices...................................................................................................................68

ii

Linux Network Administrators Guide

Table of Contents

4.3. Accessing Serial Devices............................................................................................................................69 4.3.1. The Serial Device Special Files...................................................................................................70

4.4. Serial Hardware.........................................................................................................................................72

4.5. Using the Configuration Utilities..............................................................................................................73 4.5.1. The setserial Command................................................................................................................73 4.5.2. The stty Command.......................................................................................................................75

4.6. Serial Devices and the login: Prompt.......................................................................................................78 4.6.1. Configuring the mgetty Daemon.................................................................................................78

Chapter 5. Configuring TCP/IP Networking.................................................................................................81

5.1. Mounting the /proc Filesystem.................................................................................................................82

5.2. Installing the Binaries................................................................................................................................83

5.3. Setting the Hostname.................................................................................................................................84

5.4. Assigning IP Addresses..............................................................................................................................85

5.5. Creating Subnets........................................................................................................................................86

5.6. Writing hosts and networks Files.............................................................................................................87

5.7. Interface Configuration for IP..................................................................................................................89 5.7.1. The Loopback Interface...............................................................................................................89 5.7.2. Ethernet Interfaces.......................................................................................................................91 5.7.3. Routing Through a Gateway........................................................................................................92 5.7.4. Configuring a Gateway................................................................................................................93 5.7.5. The PLIP Interface.......................................................................................................................93 5.7.6. The SLIP and PPP Interfaces.......................................................................................................94 5.7.7. The Dummy Interface..................................................................................................................94 5.7.8. IP Alias........................................................................................................................................95

5.8. All About ifconfig.......................................................................................................................................96

5.9. The netstat Command...............................................................................................................................99 5.9.1. Displaying the Routing Table......................................................................................................99 5.9.2. Displaying Interface Statistics...................................................................................................100 5.9.3. Displaying Connections.............................................................................................................101

5.10. Checking the ARP Tables.....................................................................................................................102

Chapter 6. Name Service and Resolver Configuration...............................................................................104

6.1. The Resolver Library..............................................................................................................................105

iii

Linux Network Administrators Guide

Table of Contents

6.1.1. The host.conf File......................................................................................................................105 6.1.1.1. Resolver environment variables.................................................................................106

6.1.2. The nsswitch.conf File...............................................................................................................107 6.1.3. Configuring Name Server Lookups Using resolv.conf..............................................................109 6.1.4. Resolver Robustness..................................................................................................................111

6.2. How DNS Works......................................................................................................................................112 6.2.1. Name Lookups with DNS..........................................................................................................113 6.2.2. Types of Name Servers..............................................................................................................114 6.2.3. The DNS Database.....................................................................................................................115 6.2.4. Reverse Lookups........................................................................................................................116

6.3. Running named........................................................................................................................................118 6.3.1. The named.boot File..................................................................................................................118 6.3.2. The BIND 8 host.conf File.........................................................................................................120 6.3.3. The DNS Database Files............................................................................................................121 6.3.4. Caching-only named Configuration..........................................................................................125 6.3.5. Writing the Master Files............................................................................................................126 6.3.6. Verifying the Name Server Setup..............................................................................................128 6.3.7. Other Useful Tools.....................................................................................................................130

Chapter 7. Serial Line IP................................................................................................................................132

7.1. General Requirements.............................................................................................................................133

7.2. SLIP Operation........................................................................................................................................134

7.3. Dealing with Private IP Networks..........................................................................................................137

7.4. Using dip...................................................................................................................................................138 7.4.1. A Sample Script.........................................................................................................................138 7.4.2. A dip Reference.........................................................................................................................140 7.4.2.1. The modem commands..............................................................................................140 7.4.2.2. The echo command....................................................................................................141 7.4.2.3. The get command.......................................................................................................141 7.4.2.4. The print command....................................................................................................141 7.4.2.5. Variable names..........................................................................................................141 7.4.2.6. The if and goto commands.........................................................................................142 7.4.2.7. send, wait, and sleep..................................................................................................142 7.4.2.8. mode and default........................................................................................................142

7.5. Running in Server Mode.........................................................................................................................144

Chapter 8. The Point-to-Point Protocol......................................................................................................146

8.1. PPP on Linux............................................................................................................................................147

8.2. Running pppd...........................................................................................................................................148

iv

Linux Network Administrators Guide

Table of Contents

8.3. Using Options Files..................................................................................................................................149

8.4. Using chat to Automate Dialing..............................................................................................................150

8.5. IP Configuration Options........................................................................................................................152 8.5.1. Choosing IP Addresses..............................................................................................................152 8.5.2. Routing Through a PPP Link.....................................................................................................153

8.6. Link Control Options..............................................................................................................................155

8.7. General Security Considerations............................................................................................................157

8.8. Authentication with PPP.........................................................................................................................158 8.8.1. PAP Versus CHAP....................................................................................................................158 8.8.2. The CHAP Secrets File..............................................................................................................159 8.8.3. The PAP Secrets File.................................................................................................................160

8.9. Debugging Your PPP Setup....................................................................................................................162

8.10. More Advanced PPP Configurations...................................................................................................163 8.10.1. PPP Server...............................................................................................................................163 8.10.2. Demand Dialing.......................................................................................................................164 8.10.3. Persistent Dialing.....................................................................................................................165

Chapter 9. TCP/IP Firewall...........................................................................................................................167

9.1. Methods of Attack....................................................................................................................................168

9.2. What Is a Firewall?..................................................................................................................................170

9.3. What Is IP Filtering?...............................................................................................................................171

9.4. Setting Up Linux for Firewalling............................................................................................................172 9.4.1. Kernel Configured with IP Firewall..........................................................................................172 9.4.2. The ipfwadm Utility...................................................................................................................173 9.4.3. The ipchains Utility...................................................................................................................173 9.4.4. The iptables Utility....................................................................................................................173

9.5. Three Ways We Can Do Filtering..........................................................................................................174

9.6. Original IP Firewall (2.0 Kernels)..........................................................................................................175 9.6.1. Using ipfwadm...........................................................................................................................175 9.6.1.1. A na?ve example........................................................................................................175 9.6.1.2. An important refinement............................................................................................177 9.6.1.3. Listing our rules.........................................................................................................177 9.6.2. A More Complex Example........................................................................................................178 9.6.3. Summary of ipfwadm Arguments..............................................................................................179 9.6.3.1. Categories..................................................................................................................179

v

Linux Network Administrators Guide

Table of Contents

9.6.3.2. Commands.................................................................................................................179 9.6.3.3. Parameters..................................................................................................................180 9.6.3.4. Optional arguments....................................................................................................181 9.6.3.5. ICMP datagram types................................................................................................182

9.7. IP Firewall Chains (2.2 Kernels)............................................................................................................183 9.7.1. Using ipchains............................................................................................................................183 9.7.2. ipchains Command Syntax........................................................................................................183 9.7.2.1. Commands.................................................................................................................184 9.7.2.2. Rule specification parameters....................................................................................185 9.7.2.3. Options.......................................................................................................................186 9.7.3. Our Na?ve Example Revisited...................................................................................................187 9.7.4. Listing Our Rules with ipchains................................................................................................188 9.7.5. Making Good Use of Chains......................................................................................................188 9.7.5.1. User-defined chains..................................................................................................189 9.7.5.2. The ipchains support scripts......................................................................................192

9.8. Netfilter and IP Tables (2.4 Kernels).....................................................................................................194 9.8.1. Backward Compatability with ipfwadmand ipchains................................................................196 9.8.2. Using iptables............................................................................................................................196 9.8.2.1. Commands.................................................................................................................196 9.8.2.2. Rule specification parameters....................................................................................198 9.8.2.3. Options.......................................................................................................................199 9.8.2.4. Extensions..................................................................................................................199 9.8.3. Our Na?ve Example Revisited, Yet Again.................................................................................201

9.9. TOS Bit Manipulation.............................................................................................................................202 9.9.1. Setting the TOS Bits Using ipfwadm or ipchains......................................................................202 9.9.2. Setting the TOS Bits Using iptables..........................................................................................203

9.10. Testing a Firewall Configuration.........................................................................................................205

9.11. A Sample Firewall Configuration.........................................................................................................207

Chapter 10. IP Accounting.............................................................................................................................214

10.1. Configuring the Kernel for IP Accounting..........................................................................................215

10.2. Configuring IP Accounting...................................................................................................................216 10.2.1. Accounting by Address............................................................................................................216 10.2.2. Accounting by Service Port.....................................................................................................218 10.2.3. Accounting of ICMP Datagrams.............................................................................................220 10.2.4. Accounting by Protocol...........................................................................................................221

10.3. Using IP Accounting Results.................................................................................................................222 10.3.1. Listing Accounting Data with ipfwadm...................................................................................222 10.3.2. Listing Accounting Data with ipchains....................................................................................223 10.3.3. Listing Accounting Data with iptables....................................................................................223

vi

Linux Network Administrators Guide

Table of Contents

10.4. Resetting the Counters..........................................................................................................................224 10.5. Flushing the Ruleset...............................................................................................................................225 10.6. Passive Collection of Accounting Data.................................................................................................226 Chapter 11. IP Masquerade and Network Address Translation................................................................227 11.1. Side Effects and Fringe Benefits...........................................................................................................229 11.2. Configuring the Kernel for IP Masquerade........................................................................................230 11.3. Configuring IP Masquerade.................................................................................................................232

11.3.1. Setting Timing Parameters for IP Masquerade........................................................................233 11.4. Handling Name Server Lookups..........................................................................................................235 11.5. More About Network Address Translation.........................................................................................236 Chapter 12. ImportantNetwork Features.....................................................................................................237 12.1. The inetd Super Server..........................................................................................................................238 12.2. The tcpd Access Control Facility..........................................................................................................241 12.3. The Services and Protocols Files..........................................................................................................243 12.4. Remote Procedure Call..........................................................................................................................245 12.5. Configuring Remote Loginand Execution...........................................................................................247

12.5.1. Disabling the r; Commands.....................................................................................................247 12.5.2. Installing and Configuring ssh.................................................................................................247

12.5.2.1. The ssh daemon.......................................................................................................248 12.5.2.2. The ssh client...........................................................................................................249 12.5.2.3. Using ssh..................................................................................................................251 Chapter 13. The Network Information System............................................................................................254 13.1. Getting Acquainted with NIS................................................................................................................256 13.2. NIS Versus NIS+....................................................................................................................................259 13.3. The Client Side of NIS...........................................................................................................................260 13.4. Running an NIS Server.........................................................................................................................261 13.5. NIS Server Security...............................................................................................................................262

vii

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download

To fulfill the demand for quickly locating and searching documents.

It is intelligent file search solution for home and business.

Literature Lottery

Related download
Related searches

©2024 5y1.org, Inc. All rights reserved.