Home|Cudeso|Linux|*NIX / BSD|Misc|
 

Tweaky Network

This page is a summary of hints and tricks that I have used to configure my GNU/Linux-machines. Some of these may be useful, some may not, some could screw up your machine!

Networking

1. Preventing /etc/resolv.conf from being overwritten

2. Replacing Pump with DHCPCD

3. What 'thing' is running on that tcp/udp-port

4. Prevent spoofing

5. Prevent Samba from dying unexpected

6. Using Samba as a timeserver

7. SFTP to a non-default port

8. Change default port for VNC

9. Could not get a new stream socket

10. Let Samba play the role of different fileservers

11. Set network alias on boot

12. Telnet to a webserver

1. Preventing /etc/resolv.conf from being overwritten

When you are connecting to a network that's using a DHCP-server, it's possible that the settings you have placed in /etc/resolv.conf are overwritten everytime you receive a DHCP-lease. You can prevent this by adding the following line to /etc/sysconfig/network-scripts/ifcfg-eth0
PEERDNS=no
If you are using OpenBSD, things are different. You will need to adjust dhclient.conf. This is an example of how my dhclient-file looks like :
initial-interval 1;
send host-name "myhost";
supersede domain-name "cudeso.be";
supersede domain-name-servers 192.168.1.1;
request subnet-mask,
        broadcast-address,
        routers,
        host-name;

2. Replacing Pump with DHCPCD

Often Pump doesn't work correctly. It is either not getting a lease or it just hangs. I choose to use DHCPCD instead.
To install DHCPCD you need to download it first from ftp://rpmfind.net/linux/redhat/7.1/en/os/i386/RedHat/RPMS/dhcpcd-1.3.18pl8-10.i386.rpm

Installation is easy and goes like this :
rpm -Uvh dhcpcd-1.3.18p18-10.i386.rpm

After you have installed modify the script /etc/sysconfig/network-scripts/ifup
 # DHCP clients need DNS to be available, and we don't know
 # what DNS server they're using until they are done.

 FWHACK=
   if [ -n "$FWACTIVE" -a "$FIREWALL_MODS" != "no" ]; then
    ipchains -I input -s 0/0 53 -p udp -j ACCEPT
   FWHACK=1
   fi

  if [ -x /sbin/dhcpcd ] && /sbin/dhcpcd ${DHCPCDARGS} ${DEVICE} ; then
   echo $"dhcpcd done."
  # else try PUMP if dhcpcd doesn't work

  elif [ -x /sbin/pump ] && /sbin/pump ${PUMPARGS} -i ${DEVICE} ; then
   echo $" done."

  elif [ -x /sbin/dhcpcd ] && /sbin/dhcpcd ${DHCPCDARGS} ${DEVICE} ; then
   echo $" done."

  else
   echo $" failed."
   [ -n "$FWHACK" ] && ipchains -D input -s 0/0 53 -p udp -j ACCEPT
   exit 1
  fi
Next shutdown the interface with ifconfig ethx down and kill the remaing pump-daemon. Restart your network /etc/init.d/network restart and you should get your new lease from the DHCPCD.

3. What 'thing' is running on that tcp/udp-port

You can find out what process is using a certain TCP or UDP port with lsof. This can only be done by the root-user.
lsof -i tcp:80
lsof -i udp:139

4. Prevent spoofing

A limited way to prevent spoofing is editing the file /etc/host.conf and adding this rule :
nospoof on

5. Prevent Samba from dying unexpected

Sometimes Samba dies immediately after you've started the smb daemon.
When you try to look for a host with nmblookup you receive the error message Get_Hostbyname: Unknown host.

You can solve this problem by adding the your right hostname to the file /etc/hosts as in the next example :
/etc/hosts
  # Do not remove the following line, or various programs
  # that require network functionality will fail.
  127.0.0.1    mysambahost.mydomain.com    mysambahost
  192.168.1.1    myspecialhost.mydomain.com    myspecialhost

6. Using Samba as a timeserver

A somewhat 'hidden' feature of Samba is that you can use Samba as a local timeserver for your Windows-clients. Just edit the file /etc/samba/smb.conf and add the line
timeserver = yes
This will make your nmbd work as a timeserver for the Windows client. All you need to do is issue the following command on the command-prompt of a Windows-host :
net time \\<server-name> /SET /YES

7. SFTP to a non-default port

With SFTP you can transfer files over a secure shell. To contact a host running the ssh-daemon on a non-default (22) port, you need to use this syntax :
sftp -oPort=1234 user@myhost.com

8. Changing default port for VNC

By default, VNC listens to port 590x (where x is the VNC-session you've started). You can change the default 'base'-port for VNC by editing the file /usr/bin/vncserver. Look for the line
$vncPort = 5900 + $displayNumber;
As you might have guessed, just change 5900 into whatever port that's available.

9. Could not get a new stream socket

Sometimes when you would like to connect to the internet, you could receive the message could not get a new stream socket. I've got not a direct solution but a work-around is doing a nslookup and connecting to the site (either ftp/http) by ip and not on hostname. I figure this has something to do with IPv6 that was compiled into my kernel (and my internal use of IPv6 addresses) and some applications just couldn't cope with it.

10. Let Samba play the role of different fileservers

Samba can pretend to be more than one computer in your network. Open up the smb.conf file and change these lines
netbios name = <hostname>
netbios alias = <dummy1> <dummy2>

11. Set network alias on boot

If you're using network-aliases then you've certainly come across the problem that after a reboot they just seemed 'gone'. You need to set the alias each time on startup. If you want to automate this procedure, open /etc/rc.local in your favorite editor and add :
ifconfig eth0:0 10.5.0.20
When you are using Gentoo there's no such thing as rc.local. Instead you'll either have to put it in /etc/conf.d/start.local or add this line to /etc/conf.d/net
alias_eth0="192.168.2.151 192.168.2.155"

12. Telnet to a webserver

telnet www.server.com 80
GET / HTTP/1.1
Copyleft 2002-2007 - cudeso.bewebmaster@cudeso.betop