Scribd Logo
Upload

Welcome to Scribd!

  • Network Config

    Uploaded by

    mahisella
    59 views12 pages
    networking

    Original Title

    network config

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    networking

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    59 views12 pages

    Network Config

    Uploaded by

    mahisella
    networking

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 12

    Ex No : 7 SETTING UP THE COMPLETE NETWORK INTERFACE

    Aim : To setup the complete network interface using ifconfig command like setting gateway, DNS, IP tables,firewall. Procedure : Step 1 Setting up a static IP: IFCONFIG is a tool provided by Fedora system to configure network interface (like setting up a static IP) OPTION -a -s -v Interface PURPOSE Display all interfaces which are available, even if down. Display a short list. Be more verbose for error conditions. The name of the device interface, usually a driver name, followed by a unit number. For eg. eth0 up causes the interface to be deactivated. For eg. ifconfig eth0 up ifconfig eth0 down interface address The ip address is assisned to the interface. For eg. ifconfig eth0 192.168.0.10 Assign an IP address to the interface currently being configured. The address configured is static. Usage: Identify the name of the network interfaces configured with the help of the a option of ifconfig : $ ifconfig a

    interface[up/do wn]

    To assign an IP address to a particular interface, say eth0 : $ ifconfig eth0 192.168.0.10 To activate the interface, after the IP address has been assigned : $ ifconfig eth0 up To deactivate the interface : $ ifconfig eth0 down ifconfig with options a, -s :

    Step 2 Set up a default gateway, using route: Once a static IP address has been assigned to the interface under consideration, ROUTE system call is used to set up static routes to specific hosts or networks via the interface. OPTION -v -n -e Del Add target Gw PURPOSE Select verbose operation. Show numerical address instead of trying to determine. Displays routing table in netstat format. Delete a route. Add a new route. The destination network/host. Route packets via a GATEWAY (static route to the gateway must be set beforehand) When adding a network route, a network is to be used.

    netmask

    Usage: To add default gateway to the network interface currently configured, use the add option of route : $ route add default 192.168.0.0 NOTE: The gateway is identified as default and must fall under the network of the interface configured, in order to be routed correctly. To specify the network address to route to a gateway (a more general usage) $ route add net 292.168.0.0 netmask 255.255.0.0 route with options v, -n, -e, -net (adding a network), -host (adding a host) :

    Step 3 Setting up a name server (DNS): When configuring the resolver library to use the bind name service for lookups, the name servers to be used are to be specified. The details of such name servers are stored in a file resolv.conf in the etc directory. The most important option is the name server, which gives the IP address of the server to be used. For eg. # /etc/resolv.conf #domain domain mydomian.com #nameserver nameserver 192.168.0.210 This setting can be verified by using the PING tool. $ ping facebook.com If the output command is: unknown host facebook.com, then the DNS server is either down or not configured properly.

    Manual And Dynamic Settings :

    Step 4 Setting up network firewall using iptables: Once nameservers have been successfully configured, Firewall/NAT packages are installed using IPTABLES. Iptables is an administration tool for packet filtering and NAT. Several tables may be defined. Each table consists of a number of built-in chains and user-defined chains. A firewall rule specifies a criterion for a packet and a target. If packet is matched, the corresponding next rule is specified by value of the target, which can be the name of the user-defined chains or one of the special values: ACCEPT, DROP, QUEUE or RETURN.

    ACCEPT: Let packet through. DROP: Drop packet. QUEUE: Pass packet to userspace. RETURN: Stop traversing the chain and return the next rule in calling (previous) chain.

    Chains can be added to the following 4 tables:

    OPTION Filter Default table 3 chains: o o o

    PURPOSE

    INPUT: for packets designed local sockets OUTPUT: for locally generated sockets FORWARD: for packets being routed through the box

    nat

    Constructed, when a packet that creates a new connection is encountered.

    3 built-in chains: o PRE-ROUTING: altering packets as soon as they come in OUTPUT: altering locally generated packets before routing POST-ROUTING: altering packets as they are about to go out

    Manage Raw

    Used for specialized packet alteration. Configuring exceptions from connection tracking.

    Usage: To add a rule to the input chain to drop all the packets incoming through port 80: $ iptables A INPUT p tcp dport 80 j DROP The above rule once added drops all packets coming into the system through port 80, using tcp. To add a rule to the output chain: $ iptables A output p tcp --dport 80

    This rule drops all packets sent by the host through port 80, using tcp.

    To delete a rule from the input chain,provide the chain name and no. of rules to delete: $ iptables D input 2

    The list of services, protocols used and port numbers can be found in the file etc/services.

    Adding a rule to the INPUT chain

    CONCLUSION : Thus the complete network interface using ifconfig commands like

    setting gateway, DNS, IP tables,firewall have been performed successfully.

    You might also like