Networking Applications Setup |
ASSIGN IP SET DEFAULT GATEWAY AND CHANGE ROUTE DEVICE
[root@nc ~]# /sbin/ifconfig eth0
192.168.1.4 netmask 255.255.255.0 broadcast 192.168.1.255
[root@nc ~]#
/sbin/route add default gw 192.168.1.1
[root@nc ~]# /sbin/ifconfig eth0:1 192.168.1.5 up
[root@nc ~]# ip route add 10.100.114.118/32 via 192.168.16.145 dev eth0
LISTING NETWORK IP ADDRESS
[noc@nc ~]$
/sbin/ifconfig -a | grep "inet add" | cut -f2 -d\:
| cut -f1 -d" "
noc@sol-11:~$ curl -s checkip.dyndns.org
|cut -d":" -f2|cut -d"<" -f1|cut -d" " -f2
180.141.66.191
noc@sol-11:~$ wget -qO - checkip.dyndns.org|cut -d":"
-f2|cut -d"<" -f1|cut -d" " -f2
180.141.66.191
The way to get Current Public IP Address
via Konsole, for easy purpose alias can be created as
following
noc@sol-11:$ alias getip='wget -qO
- checkip.dyndns.org|cut -d":" -f2|cut -d"<" -f1|cut
-d" " -f2'
noc@sol-11:$ getip
180.141.66.191
LISTING NETWORK IP AND NETMASK
[noc@nc ~]$ /sbin/ifconfig
| cut -d " " -f1,12,16 | grep -A 1 eth | tr -d - | tr -s
"\n" |sed -e :a -e N -e 's/\n/ /'
ARP-SCAN TO SEARCH DEVICES ON LAN
[root@cos ~]# arp-scan --interface=eth0 --localnet
Interface: eth0, datalink type: EN10MB (Ethernet)
Starting arp-scan 1.7 with 256 hosts (http://www.nta-monitor.com/tools/arp-scan/)
192.168.1.1 00:1e:40:9f:7c:4b Shanghai DareGlobal Technologies Co.,Ltd.
192.168.1.3 00:14:c2:e2:fb:af Hewlett Packard
192.168.1.4 00:06:f4:09:8a:ff Prime Electronics & Satellitics Inc.
192.168.1.11 00:03:ba:08:30:58 Sun Microsystems Inc.
192.168.1.20 00:03:ba:08:30:58 Sun Microsystems Inc.
7 packets received by filter, 0 packets dropped by kernel
Ending arp-scan 1.7: 256 hosts scanned in 1.385 seconds (184.84 hosts/sec). 5 responded
IPTABLES ROUTING = chmod 755 /etc/sysconfig/myfirewall
!note:
dont forget to set "net.ipv4.ip_forward
= 1" = /etc/sysctl.conf
and run sysctl -p
[root@ipx ~]# cat /etc/sysconfig/myfirewall
#!/bin/sh
IPT=/sbin/iptables
$IPT -F
#Masquerade = eth1 is the internet origin, eth0 LAN ip
$IPT -t nat -A POSTROUTING -o eth1 -j MASQUERADE
#allowed input
$IPT -A INPUT -p tcp --dport 80 -j ACCEPT
$IPT -A INPUT -p tcp --dport 443 -j ACCEPT
$IPT -A INPUT -p tcp --dport 22 -j ACCEPT
$IPT -A INPUT -p udp --dport 1723 -j
ACCEPT
#OpenPort 53 forward to LAN ip
$IPT -t nat -I PREROUTING -p tcp -d
208.111.47.155 --dport 53 -j DNAT --to 192.168.1.100
#OpenPort 1230 redirect to port 3300 in the same system
$IPT -t nat -A PREROUTING -i eth0 -p udp
--dport 1230 -j REDIRECT --to-port 3300
#Open port 1723 public and forward to LAN on port 137
$IPT -t nat -I PREROUTING -p udp -d 202.120.100.142 --dport
1723 -j DNAT --to 192.168.68.68:137
# chkconfig iptables off , add
/etc/sysconfig/myfirewall to /etc/rc.local
OpenVPN Routed Config /dev/tun0
#server.conf port 137 proto udp dev tun ca /etc/openvpn/easy-rsa/keys/ca.crt cert /etc/openvpn/easy-rsa/keys/server.crt key /etc/openvpn/easy-rsa/keys/server.key server 172.16.10.0 255.255.255.0 push "dhcp-option DNS 8.8.8.8" push "redirect-gateway def1" ifconfig-pool-persist ipp.txt keepalive 10 120 comp-lzo persist-key persist-tun verb 3 status /var/log/openvpn-status.log log /var/log/openvpn.log log-append /var/log/openvpn.log dh /etc/openvpn/easy-rsa/keys/dh1024.pem |
#client
config-server240.ovpn client dev tun proto udp remote 210.231.210.240 137 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert client1.crt key client1.key ns-cert-type server comp-lzo verb 3 tun-mtu 1500 tun-mtu-extra 32 mssfix 1300 |
OpenVPN
Bridge EtherNet /dev/tap0
[root@vpns ~]# yum install openvpn bridge-utils --enablerepo=epel
[root@vpns ~]# cat
/etc/openvpn/server.conf
port
137
proto udp
dev tap0
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key
dh /etc/openvpn/easy-rsa/keys/dh1024.pem
server-bridge 192.168.68.67 255.255.255.240 192.168.68.70
192.168.68.78
push "route 192.168.68.67 255.255.255.240"
push "redirect-gateway"
push "dhcp-option DNS 8.8.8.8"
duplicate-cn
keepalive 10 120
comp-lzo
persist-key
persist-tun
status /var/log/openvpn-status.log
log /var/log/openvpn.log
log-append /var/log/openvpn.log
verb 3
mssfix 1400
67 is machine IP , 70-78 is IP ranges
client can be used , install bind9 is required
[root@vpns ~]# cp -R
/usr/share/openvpn/easy-rsa/2.0 /etc/openvpn/easy-rsa
[root@vpns ~]# cd
/etc/openvpn/easy-rsa
; mkdir keys ; nano -w +64 vars
[root@vpns ~]# source
./vars
[root@vpns ~]# ./clean-all
[root@vpns ~]#
./build-ca
[root@vpns ~]# ./build-key-server
server
[root@vpns ~]#
./build-dh
[root@vpns ~]# ./build-key-pass
client001
[root@vpns ~]# cp
/usr/share/doc/openvpn-*/sample-scripts/bridge-st*
/etc/openvpn/
[root@vpns ~]# chmod
755 /etc/openvpn/bridge-st*
Client Should have " ca.crt ,
client001.crt, client001.key
Create Second/third Client with
# cd easy-rsa
# . ./vars
# ./build-key-pass
Client2
[root@vpns ~]# cat
/etc/openvpn/bridge-start
#!/bin/sh
br="br0"
tap="tap0"
eth="eth0"
eth_ip="192.168.68.68"
eth_netmask="255.255.255.240"
eth_broadcast="192.168.68.79"
for t in $tap; do
openvpn --mktun --dev $t
done
brctl addbr $br
brctl addif $br $eth
for t in $tap; do
brctl addif $br $t
done
for t in $tap; do
ifconfig $t 0.0.0.0 promisc up
done
ifconfig $eth 0.0.0.0 promisc up
ifconfig $br $eth_ip netmask $eth_netmask broadcast
$eth_broadcast
[root@vpns ~]# cat
/etc/openvpn/bridge-stop
#!/bin/sh
br="br0"
tap="tap0"
ifconfig $br down
brctl delbr $br
for t in $tap; do
openvpn --rmtun --dev $t
done
[root@vpns ~]# /etc/rc.d/init.d/openvpn
start
NAGIOS SERVER ( Enable Repoforge )
[root@zvps-lan70 ~]# yum install httpd php nagios
nagios-plugins nagios-devel
[root@zvps-lan70 ~]# htpasswd -c /etc/nagios/htpasswd.users
nagiosadmin
New password:
Re-type new password:
Adding password for user nagiosadmin
[root@zvps-lan70 ~]# /etc/init.d/nagios
start
nagios is stopped
Starting
nagios:
[ OK ]
[root@zvps-lan70 ~]# nano -w
/etc/nagios/objects/server202.190.100.10
add last line
/etc/nagios/nagios.cfg
cfg_file=/etc/nagios/objects/server202.190.100.10
[root@s410p-clix ~]# mtr --report --report-cycles 10 digi.com.my > CRF-DIGI.txt
<?php
$site = '192.168.100.30'; $port = '22'; $check =
fsockopen("$site", "$port", $errno, $errstr, 6); if
(!$check)
{ echo '<font
color="#FFF0000">Backup Server is currently
down!</font>'; } else
{ echo '<font
color="#009900">#Backup Server = (OK). </font>';
}
$site = 'crms.clixpay.net'; $port = '80'; $check =
fsockopen("$site", "$port", $errno, $errstr, 6); if
(!$check)
{ echo '<font
color="#FFF0000">CRMS Server is currently
down!</font>'; } else
{ echo '<font
color="#009900">#CRMS Server = (OK). </font>'; }
$str = exec("ping -c 1 192.168.122.243");
if ($result == 0){
echo '<font color="#009900">#VPN SStar Server
= (OK). </font>';
}else{
echo '<font color="#FFF0000">VPN SStar Server
is currently down!</font>';
}
?>