220 linux networking cookbook

640 1.4K 0
220 linux networking cookbook

Đang tải... (xem toàn văn)

Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống

Thông tin tài liệu

Linux Networking Cookbook Carla Schroder Beijing • Cambridge • Farnham • Kưln • Paris • Sebastopol • Taipei • Tokyo ™ Linux Networking Cookbook™ by Carla Schroder Copyright © 2008 O’Reilly Media, Inc All rights reserved Printed in the United States of America Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472 O’Reilly books may be purchased for educational, business, or sales promotional use Online editions are also available for most titles (safari.oreilly.com) For more information, contact our corporate/institutional sales department: (800) 998-9938 or corporate@oreilly.com Editor: Mike Loukides Production Editor: Sumita Mukherji Copyeditor: Derek Di Matteo Proofreader: Sumita Mukherji Indexer: John Bickelhaupt Cover Designer: Karen Montgomery Interior Designer: David Futato Illustrator: Jessamyn Read Printing History: November 2007: First Edition Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of O’Reilly Media, Inc The Cookbook series designations, Linux Networking Cookbook, the image of a female blacksmith, and related trade dress are trademarks of O’Reilly Media, Inc Java™ is a trademark of Sun Microsystems, Inc .NET is a registered trademark of Microsoft Corporation Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks Where those designations appear in this book, and O’Reilly Media, Inc was aware of a trademark claim, the designations have been printed in caps or initial caps While every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein This book uses RepKover™, a durable and flexible lay-flat binding ISBN-10: 0-596-10248-8 ISBN-13: 978-0-596-10248-7 [M] To Terry Hanson—thank you! You make it all worthwhile Table of Contents Preface xv Introduction to Linux Networking 1.0 Introduction Building a Linux Gateway on a Single-Board Computer 12 2.0 2.1 2.2 2.3 2.4 2.5 2.6 2.7 2.8 2.9 2.10 2.11 2.12 2.13 Introduction Getting Acquainted with the Soekris 4521 Configuring Multiple Minicom Profiles Installing Pyramid Linux on a Compact Flash Card Network Installation of Pyramid on Debian Network Installation of Pyramid on Fedora Booting Pyramid Linux Finding and Editing Pyramid Files Hardening Pyramid Getting and Installing the Latest Pyramid Build Adding Additional Software to Pyramid Linux Adding New Hardware Drivers Customizing the Pyramid Kernel Updating the Soekris comBIOS 12 14 17 17 19 21 24 26 27 28 28 32 33 34 Building a Linux Firewall 36 3.0 3.1 3.2 3.3 3.4 Introduction Assembling a Linux Firewall Box Configuring Network Interface Cards on Debian Configuring Network Interface Cards on Fedora Identifying Which NIC Is Which 36 44 45 48 50 v 3.5 Building an Internet-Connection Sharing Firewall on a Dynamic WAN IP Address 3.6 Building an Internet-Connection Sharing Firewall on a Static WAN IP Address 3.7 Displaying the Status of Your Firewall 3.8 Turning an iptables Firewall Off 3.9 Starting iptables at Boot, and Manually Bringing Your Firewall Up and Down 3.10 Testing Your Firewall 3.11 Configuring the Firewall for Remote SSH Administration 3.12 Allowing Remote SSH Through a NAT Firewall 3.13 Getting Multiple SSH Host Keys Past NAT 3.14 Running Public Services on Private IP Addresses 3.15 Setting Up a Single-Host Firewall 3.16 Setting Up a Server Firewall 3.17 Configuring iptables Logging 3.18 Writing Egress Rules 51 56 57 58 59 62 65 66 68 69 71 76 79 80 Building a Linux Wireless Access Point 82 4.0 4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 4.10 4.11 4.12 4.13 4.14 4.15 4.16 4.17 4.18 vi | Introduction Building a Linux Wireless Access Point Bridging Wireless to Wired Setting Up Name Services Setting Static IP Addresses from the DHCP Server Configuring Linux and Windows Static DHCP Clients Adding Mail Servers to dnsmasq Making WPA2-Personal Almost As Good As WPA-Enterprise Enterprise Authentication with a RADIUS Server Configuring Your Wireless Access Point to Use FreeRADIUS Authenticating Clients to FreeRADIUS Connecting to the Internet and Firewalling Using Routing Instead of Bridging Probing Your Wireless Interface Card Changing the Pyramid Router’s Hostname Turning Off Antenna Diversity Managing dnsmasq’s DNS Cache Managing Windows’ DNS Caches Updating the Time at Boot Table of Contents 82 86 87 90 93 94 96 97 100 104 106 107 108 113 114 115 117 120 121 Building a VoIP Server with Asterisk 123 5.0 5.1 5.2 5.3 5.4 5.5 5.6 5.7 5.8 5.9 5.10 5.11 5.12 5.13 5.14 5.15 5.16 5.17 5.18 5.19 5.20 5.21 5.22 5.23 5.24 Introduction Installing Asterisk from Source Code Installing Asterisk on Debian Starting and Stopping Asterisk Testing the Asterisk Server Adding Phone Extensions to Asterisk and Making Calls Setting Up Softphones Getting Real VoIP with Free World Dialup Connecting Your Asterisk PBX to Analog Phone Lines Creating a Digital Receptionist Recording Custom Prompts Maintaining a Message of the Day Transferring Calls Routing Calls to Groups of Phones Parking Calls Customizing Hold Music Playing MP3 Sound Files on Asterisk Delivering Voicemail Broadcasts Conferencing with Asterisk Monitoring Conferences Getting SIP Traffic Through iptables NAT Firewalls Getting IAX Traffic Through iptables NAT Firewalls Using AsteriskNOW, “Asterisk in 30 Minutes” Installing and Removing Packages on AsteriskNOW Connecting Road Warriors and Remote Users 123 127 131 132 135 136 143 146 148 151 153 156 158 158 159 161 161 162 163 165 166 168 168 170 171 Routing with Linux 173 6.0 6.1 6.2 6.3 6.4 6.5 6.6 6.7 6.8 6.9 Introduction Calculating Subnets with ipcalc Setting a Default Gateway Setting Up a Simple Local Router Configuring Simplest Internet Connection Sharing Configuring Static Routing Across Subnets Making Static Routes Persistent Using RIP Dynamic Routing on Debian Using RIP Dynamic Routing on Fedora Using Quagga’s Command Line 173 176 178 180 183 185 186 187 191 192 Table of Contents | vii 6.10 6.11 6.12 6.13 6.14 6.15 6.16 Logging In to Quagga Daemons Remotely Running Quagga Daemons from the Command Line Monitoring RIPD Blackholing Routes with Zebra Using OSPF for Simple Dynamic Routing Adding a Bit of Security to RIP and OSPF Monitoring OSPFD 194 195 197 198 199 201 202 Secure Remote Administration with SSH 204 7.0 7.1 7.2 7.3 7.4 7.5 7.6 7.7 7.8 7.9 7.10 7.11 7.12 7.13 7.14 7.15 7.16 7.17 Introduction Starting and Stopping OpenSSH Creating Strong Passphrases Setting Up Host Keys for Simplest Authentication Generating and Copying SSH Keys Using Public-Key Authentication to Protect System Passwords Managing Multiple Identity Keys Hardening OpenSSH Changing a Passphrase Retrieving a Key Fingerprint Checking Configuration Syntax Using OpenSSH Client Configuration Files for Easier Logins Tunneling X Windows Securely over SSH Executing Commands Without Opening a Remote Shell Using Comments to Label Keys Using DenyHosts to Foil SSH Attacks Creating a DenyHosts Startup File Mounting Entire Remote Filesystems with sshfs 204 207 208 209 211 213 214 215 216 217 218 218 220 221 222 223 225 226 Using Cross-Platform Remote Graphical Desktops 228 8.0 8.1 8.2 8.3 8.4 8.5 8.6 8.7 viii | Introduction Connecting Linux to Windows via rdesktop Generating and Managing FreeNX SSH Keys Using FreeNX to Run Linux from Windows Using FreeNX to Run Linux from Solaris, Mac OS X, or Linux Managing FreeNX Users Watching Nxclient Users from the FreeNX Server Starting and Stopping the FreeNX Server Table of Contents 228 230 233 233 238 239 240 241 8.8 8.9 8.10 8.11 8.12 8.13 8.14 8.15 8.16 8.17 8.18 8.19 8.20 8.21 8.22 Configuring a Custom Desktop Creating Additional Nxclient Sessions Enabling File and Printer Sharing, and Multimedia in Nxclient Preventing Password-Saving in Nxclient Troubleshooting FreeNX Using VNC to Control Windows from Linux Using VNC to Control Windows and Linux at the Same Time Using VNC for Remote Linux-to-Linux Administration Displaying the Same Windows Desktop to Multiple Remote Users Changing the Linux VNC Server Password Customizing the Remote VNC Desktop Setting the Remote VNC Desktop Size Connecting VNC to an Existing X Session Securely Tunneling x11vnc over SSH Tunneling TightVNC Between Linux and Windows 242 244 246 246 247 248 250 252 254 256 257 258 259 261 262 Building Secure Cross-Platform Virtual Private Networks with OpenVPN 265 9.0 9.1 9.2 9.3 9.4 9.5 9.6 9.7 9.8 9.9 9.10 9.11 Introduction Setting Up a Safe OpenVPN Test Lab Starting and Testing OpenVPN Testing Encryption with Static Keys Connecting a Remote Linux Client Using Static Keys Creating Your Own PKI for OpenVPN Configuring the OpenVPN Server for Multiple Clients Configuring OpenVPN to Start at Boot Revoking Certificates Setting Up the OpenVPN Server in Bridge Mode Running OpenVPN As a Nonprivileged User Connecting Windows Clients 265 267 270 272 274 276 279 281 282 284 285 286 10 Building a Linux PPTP VPN Server 287 10.0 10.1 10.2 10.3 10.4 10.5 Introduction Installing Poptop on Debian Linux Patching the Debian Kernel for MPPE Support Installing Poptop on Fedora Linux Patching the Fedora Kernel for MPPE Support Setting Up a Standalone PPTP VPN Server 287 290 291 293 294 295 Table of Contents | ix .. .Linux Networking Cookbook Carla Schroder Beijing • Cambridge • Farnham • Köln • Paris • Sebastopol • Taipei • Tokyo ™ Linux Networking Cookbook by Carla Schroder... from Linux Using VNC to Control Windows and Linux at the Same Time Using VNC for Remote Linux- to -Linux Administration Displaying the Same Windows Desktop to Multiple Remote Users Changing the Linux. .. to speed on the basics xv If you don’t already have basic Linux experience, I recommend getting the Linux Cookbook (O’Reilly) The Linux Cookbook (which I authored) was designed as a companion book

Ngày đăng: 06/03/2019, 17:04

Từ khóa liên quan

Mục lục

  • Linux Networking Cookbook

    • Table of Contents

    • Preface

      • Audience

      • Contents of This Book

      • What Is Included

      • Which Linux Distributions Are Used in the Book

      • Downloads and Feedback

      • Conventions

      • Using Code Examples

      • Comments and Questions

      • Safari® Books Online

      • Acknowledgments

      • Introduction to Linux Networking

        • 1.0 Introduction

          • Connecting to the Internet

          • Overview of Internet Service Options

          • Cable, DSL, and Dial-Up

            • Cable

            • DSL

            • Dial-up

            • Cable, DSL, and dial-up gotchas

            • Regulated Broadband Services

            • Private Networks

            • Latency, Bandwidth, and Throughput

Tài liệu cùng người dùng

  • Đang cập nhật ...

Tài liệu liên quan