Created
March 3, 2016 12:46
-
-
Save Aschen/a6e853c0702e8db1a3af to your computer and use it in GitHub Desktop.
Config réseau
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1) Configure interfaces | |
| auto eth0 | |
| iface eth0 inet static | |
| address 192.168.10.1 | |
| netmask 255.255.255.0 | |
| gateway 192.168.10.254 | |
| up route add -net 192.168.20.0 netmask 255.255.255.0 gw 192.168.10.254 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Routing | |
| Edit | |
| 1) Enable ip forwarding | |
| echo net.ipv4.ip_forward=1 >> /etc/sysctl.conf | |
| Edit | |
| 2)Configures interfaces | |
| auto eth0 | |
| iface eth0 inet dhcp | |
| auto eth1 | |
| iface eth1 inet static | |
| address 192.168.10.254 | |
| netmask 255.255.255.0 | |
| auto eth2 | |
| iface eth2 inet static | |
| address 192.168.20.254 | |
| netmask 255.255.255.0 | |
| Edit | |
| 3) Configure iptables | |
| iptables -A FORWARD -i eth2 -o eth0 -j ACCEPT | |
| iptables -A FORWARD -i eth0 -o eth2 -m state --state ESTABLISHED,RELATED -j ACCEPT | |
| iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT | |
| iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT | |
| iptables -t nat POSTROUTING -o eth0 -j MASQUERADE | |
| Edit | |
| 4) Add startup script | |
| #!/bin/sh | |
| ### BEGIN INIT INFO | |
| # Provides: iptables | |
| # Required-Start: | |
| # Required-Stop: | |
| # Default-Start: 2 3 4 5 | |
| # Default-Stop: 0 1 6 | |
| # X-Interactive: true | |
| # Short-Description: iptables rules | |
| ### END INIT INFO | |
| # Vider les tables actuelles | |
| iptables -t filter -F | |
| # Vider les règles personnelles | |
| iptables -t filter -X | |
| # Interdire toute connexion entrante et sortante | |
| iptables -t filter -P INPUT DROP | |
| iptables -t filter -P FORWARD DROP | |
| iptables -t filter -P OUTPUT DROP | |
| # Forwarding rules | |
| iptables -A FORWARD -i eth2 -o eth0 -j ACCEPT | |
| iptables -A FORWARD -i eth0 -o eth2 -m state --state ESTABLISHED,RELATED -j ACCEPT | |
| iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT | |
| iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT | |
| iptables -t nat POSTROUTING -o eth0 -j MASQUERADE | |
| Puis on l'ajoute au démarrage | |
| > mv firewall /etc/init.d/firewall | |
| > chmod +x /etc/init.d/firewall | |
| > update-rc.d firewall defaults |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1) Configure interfaces | |
| auto eth0 | |
| iface eth0 inet static | |
| address 192.168.20.1 | |
| netmask 255.255.255.0 | |
| gateway 192.168.20.254 | |
| up route add -net 192.168.10.0 netmask 255.255.255.0 gw 192.168.20.254 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Neo (Router)¶ | |
| User: aschen | |
| Password: whiterabit | |
| Root Password: whiterabit | |
| Hostname: neo | |
| Domain: .matrix | |
| Edit | |
| Network | |
| 192.168.10.0/24 -> IP: 192.168.10.254 (LAN) | |
| 192.168.20.0/24 -> IP: 192.138.20.254 (DMZ) | |
| Edit | |
| Morpheus (DNS) | |
| Hostname: morpheus | |
| Domain: .matrix | |
| User: aschen | |
| Password: whiterabit | |
| Root Password: whiterabit | |
| Edit | |
| Network | |
| 192.168.10.0/24 -> IP: 192.168.10.1 (LAN) | |
| Edit | |
| Trinity (Mail) | |
| Hostname: trinity | |
| Domain: .matrix | |
| User: aschen | |
| Password: whiterabit | |
| Root Password: whiterabit | |
| Edit | |
| Network | |
| 192.168.20.0/24 -> IP: 192.168.20.1 (DMZ) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment