|
| Home|Cudeso|Linux|*NIX / BSD|Misc| |
Last modified 17-Dec-2006 From 38.107.191.92 To linux.cudeso.be   |
Tweaky NetworkThis page is a summary of hints and tricks that I have used to configure my GNU/Linux-machines. Some of these may be useful, some may not, some could screw up your machine!Networking1. Preventing /etc/resolv.conf from being overwritten2. Replacing Pump with DHCPCD3. What 'thing' is running on that tcp/udp-port4. Prevent spoofing5. Prevent Samba from dying unexpected6. Using Samba as a timeserver7. SFTP to a non-default port8. Change default port for VNC9. Could not get a new stream socket10. Let Samba play the role of different fileservers11. Set network alias on boot12. Telnet to a webserver1. Preventing /etc/resolv.conf from being overwrittenWhen you are connecting to a network that's using a DHCP-server, it's possible that the settings you have placed in/etc/resolv.conf are overwritten everytime you receive
a DHCP-lease. You can prevent this by adding the following line to
/etc/sysconfig/network-scripts/ifcfg-eth0
PEERDNS=no
If you are using OpenBSD, things are different. You will need to adjust dhclient.conf. This is an example of how my
dhclient-file looks like :
initial-interval 1;
send host-name "myhost";
supersede domain-name "cudeso.be";
supersede domain-name-servers 192.168.1.1;
request subnet-mask,
broadcast-address,
routers,
host-name;
2. Replacing Pump with DHCPCDOften Pump doesn't work correctly. It is either not getting a lease or it just hangs. I choose to use DHCPCD instead.To install DHCPCD you need to download it first from ftp://rpmfind.net/linux/redhat/7.1/en/os/i386/RedHat/RPMS/dhcpcd-1.3.18pl8-10.i386.rpm Installation is easy and goes like this :
rpm -Uvh dhcpcd-1.3.18p18-10.i386.rpm After you have installed modify the script /etc/sysconfig/network-scripts/ifup
# DHCP clients need DNS to be available, and we don't know
# what DNS server they're using until they are done.
FWHACK=
if [ -n "$FWACTIVE" -a "$FIREWALL_MODS" != "no" ]; then
ipchains -I input -s 0/0 53 -p udp -j ACCEPT
FWHACK=1
fi
if [ -x /sbin/dhcpcd ] && /sbin/dhcpcd ${DHCPCDARGS} ${DEVICE} ; then
echo $"dhcpcd done."
# else try PUMP if dhcpcd doesn't work
elif [ -x /sbin/pump ] && /sbin/pump ${PUMPARGS} -i ${DEVICE} ; then
echo $" done."
elif [ -x /sbin/dhcpcd ] && /sbin/dhcpcd ${DHCPCDARGS} ${DEVICE} ; then
echo $" done."
else
echo $" failed."
[ -n "$FWHACK" ] && ipchains -D input -s 0/0 53 -p udp -j ACCEPT
exit 1
fi
ifconfig ethx down and kill the remaing pump-daemon.
Restart your network /etc/init.d/network restart and you should get your new
lease from the DHCPCD.
3. What 'thing' is running on that tcp/udp-portYou can find out what process is using a certain TCP or UDP port withlsof. This can only be done by the root-user.
lsof -i tcp:80
lsof -i udp:139 4. Prevent spoofingA limited way to prevent spoofing is editing the file/etc/host.conf and adding this rule :
nospoof on
5. Prevent Samba from dying unexpectedSometimes Samba dies immediately after you've started the smb daemon.When you try to look for a host with nmblookup you receive the error message Get_Hostbyname: Unknown host.You can solve this problem by adding the your right hostname to the file /etc/hosts as in the next example :
/etc/hosts
# Do not remove the following line, or various programs # that require network functionality will fail. 127.0.0.1 mysambahost.mydomain.com mysambahost 192.168.1.1 myspecialhost.mydomain.com myspecialhost 6. Using Samba as a timeserverA somewhat 'hidden' feature of Samba is that you can use Samba as a local timeserver for your Windows-clients. Just edit the file/etc/samba/smb.conf and add the line
timeserver = yes
This will make your nmbd work as a timeserver for the Windows client. All you need to do is
issue the following command on the command-prompt of a Windows-host :
net time \\<server-name> /SET /YES
7. SFTP to a non-default portWith SFTP you can transfer files over a secure shell. To contact a host running the ssh-daemon on a non-default (22) port, you need to use this syntax :
sftp -oPort=1234 user@myhost.com
8. Changing default port for VNCBy default, VNC listens to port 590x (where x is the VNC-session you've started). You can change the default 'base'-port for VNC by editing the file /usr/bin/vncserver. Look for the line
$vncPort = 5900 + $displayNumber;
As you might have guessed, just change 5900 into whatever port that's available.
9. Could not get a new stream socketSometimes when you would like to connect to the internet, you could receive the message could not get a new stream socket. I've got not a direct solution but a work-around is doing a nslookup and connecting to the site (either ftp/http) by ip and not on hostname. I figure this has something to do with IPv6 that was compiled into my kernel (and my internal use of IPv6 addresses) and some applications just couldn't cope with it.10. Let Samba play the role of different fileserversSamba can pretend to be more than one computer in your network. Open up thesmb.conf file
and change these lines
netbios name = <hostname>
netbios alias = <dummy1> <dummy2> 11. Set network alias on bootIf you're using network-aliases then you've certainly come across the problem that after a reboot they just seemed 'gone'. You need to set the alias each time on startup. If you want to automate this procedure, open/etc/rc.local in your favorite editor and add :
ifconfig eth0:0 10.5.0.20
When you are using Gentoo there's no such thing as rc.local. Instead you'll either have to put it in
/etc/conf.d/start.local or add this line to /etc/conf.d/net
alias_eth0="192.168.2.151 192.168.2.155"
12. Telnet to a webservertelnet www.server.com 80
GET / HTTP/1.1 |
Copyleft 2002-2007 - cudeso.be webmaster@cudeso.be | top  |
| Fortune : Q: What's a light-year? A: One-third less calories than a regular year. | |