2. Extracted it to my users home folder
3. issue the command " sudo python setup.py install" - assuming that all dependencies has been installed.
4. Copy the pemu folder at /usr/local/
5. Then set the preferences.
Latest has been installed.
Wednesday, November 26, 2008
Installing GNS3 Latest on Mandriva 2008.1
1. Get the code from http://code.gns3.net/hgwebdir.cgi/gns3-devel/summary
2. Extracted it to my users home folder
3. issue the command " sudo python setup.py install" - assuming that all dependencies has been installed.
4. Copy the pemu folder at /usr/local/
5. Then set the preferences.
Latest has been installed.
2. Extracted it to my users home folder
3. issue the command " sudo python setup.py install" - assuming that all dependencies has been installed.
4. Copy the pemu folder at /usr/local/
5. Then set the preferences.
Latest has been installed.
Monday, November 10, 2008
DHCPD - sample conf file
/etc/dhcpd.conf for DHCP Server - Centos 4.5
#
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp*/dhcpd.conf.sample
#
ddns-update-style interim;
ignore client-updates;
default-lease-time 600;
max-lease-time 7200;
subnet 192.168.253.0 netmask 255.255.255.0 {
option routers 192.168.253.254;
option subnet-mask 255.255.255.0;
option domain-name-servers 203.115.130.40 , 203.115.130.42 , 192.168.254.10;
range 192.168.253.3 192.168.253.100;
# Windows xp Machine 1
host jagapewks002 {
hardware ethernet 00:0c:29:3c:b7:4c;
fixed-address 192.168.254.101;
}
}
# xp pc2
host xppx2 {
hardware ethernet 00:0b:29:3a:a4:7c;
fixed-address 192.168.254.102;
}
#Mandriva Desktop
host mandriva-desktop {
hardware ethernet 00:15:6a:cF:5E:21;
fixed-address 192.168.253.1;
}
IPTABLES - sample
I used this in my test internet gateway.
#!/bin/bash
ipt="iptables"
mod="/sbin/modprobe"
INTERNET="ppp0"
LAN="eth0"
public_ip=`ifconfig | grep ppp0 -A 1 | grep inet | gawk '{print $2}' | cut -d: -f2`
#load kernel modules
$mod ip_tables
$mod iptable_filter
$mod iptable_nat
$mod ip_conntrack
$mod iptable_mangle
$mod ipt_MASQUERADE
$mod ip_nat_ftp
$mod ip_nat_irc
$mod ip_conntrack_ftp
$mod ip_conntrack_irc
#Flush all active rules and delete all custom chains
$ipt -F
$ipt -t nat -F
$ipt -t mangle -F
$ipt -X
$ipt -t nat -X
$ipt -t mangle -X
#Set default policies
$ipt -P INPUT ACCEPT
$ipt -A INPUT -p tcp -m tcp -i ppp0 --dport 0:1023 -j DROP
$ipt -A INPUT -p udp -m udp -i ppp0 --dport 0:1023 -j DROP
$ipt -A INPUT -p udp -m udp -i ppp0 --dport 0:1023 -j LOG
$ipt -A INPUT -p tcp -m tcp -i ppp0 --tcp-flags SYN,RST,ACK SYN -j DROP
$ipt -A INPUT -p icmp -m icmp -i ppp0 --icmp-type 8 -j DROP
#$ipt -A INPUT -s 192.168.253.1 -j ACCEPT
$ipt -A INPUT -i $INTERNET -p tcp --dport 8910 -j ACCEPT
$ipt -A INPUT -i $INTERNET -p tcp --dport 8999 -j ACCEPT
#
$ipt -A INPUT -i $INTERNET -s checkip.dyndns.com -j ACCEPT
$ipt -A INPUT -i $INTERNET -s 124.107.2.226 -j ACCEPT
$ipt -A INPUT -i $INTERNET -s 125.212.34.154 -j ACCEPT
#LAN
$ipt -A INPUT -i $LAN -s 192.168.253.0/24 -j ACCEPT
#
#DNS of ISP
$ipt -A INPUT -i $INTERNET -s 203.115.130.40 -p udp -m udp --dport 53 -j ACCEPT
$ipt -A INPUT -i $INTERNET -s 203.115.130.42 -p udp -m udp --dport 53 -j ACCEPT
#
$ipt -A INPUT -i $INTERNET -s 203.115.130.40 -p tcp -m tcp --dport 53 -j ACCEPT
$ipt -A INPUT -i $INTERNET -s 203.115.130.42 -p tcp -m tcp --dport 53 -j ACCEPT
#
#$ipt -A FORWARD -i $WAN_IFACE -o $DMZ_IFACE -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
#
$ipt -A FORWARD -i $INTERNET -o $LAN -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
$ipt -P FORWARD ACCEPT
$ipt -P OUTPUT ACCEPT
$ipt -t nat -P OUTPUT ACCEPT
$ipt -A INPUT -p udp -m udp --dport 123 -j ACCEPT
$ipt -A INPUT -p udp -m udp --dport 53 -j ACCEPT
$ipt -A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
$ipt -A OUTPUT -p tcp -m tcp --dport 1024:63335 -j ACCEPT
#$ipt -A INPUT -p tcp --dport 8910 -j ACCEPT
#
#
#$ipt -A INPUT -p tcp -m tcp -i ppp0 --dport 0:1023 -j DROP
#$ipt -A INPUT -p udp -m udp -i ppp0 --dport 0:1023 -j DROP
#$ipt -A INPUT -p udp -m udp -i ppp0 --dport 0:1023 -j LOG
#
#$ipt -A INPUT -p tcp -m tcp -i ppp0 --tcp-flags SYN,RST,ACK SYN -j DROP
#$ipt -A INPUT -p icmp -m icmp -i ppp0 --icmp-type 8 -j DROP
#$ipt -A INPUT -m state -s 192.168.254.1 --state INVALID -j ACCEPT
#
#Acting as Internet gateway
$ipt -t nat -P PREROUTING ACCEPT
$ipt -t nat -P POSTROUTING ACCEPT
$ipt -t mangle -P PREROUTING ACCEPT
$ipt -t mangle -P POSTROUTING ACCEPT
$ipt -t nat -A POSTROUTING -o $INTERNET -j MASQUERADE
#
$ipt -A PREROUTING -t nat -i $INTERNET -d $public_ip -m tcp -p tcp --dport 80 -j DNAT --to-destination 192.168.253.1:80
$ipt -A FORWARD -p tcp -i $INTERNET -d 192.168.253.1 --dport 80 -j ACCEPT
#
$ipt -A INPUT -i lo -j ACCEPT
$ipt -A OUTPUT -o lo -j ACCEPT
#
#$ipt -A FORWARD -j LOG
#$ipt -A INPUT -j LOG
$ipt -A INPUT -m limit --limit 3/second --limit-burst 5 -i ! lo -j LOG --log-prefix "DROP "
Subscribe to:
Posts (Atom)