System Setup: Networks

Configuration
Hardware
Linux
Disks
X Windows
Printer
Modem
Sound
Network
Scanner
CD-RW
Windows
Other

Network
Server Setup
- Masquerading
- Samba
Clients

Network

1999-12-18: SUSE6.3

After a lot of looking, got Linksys network-in-a-box: 2 10/100 cards and a 4 port hub. Installed the cards in the two machines.

Server Setup

On wilma:

/etc/modules.conf

alias eth0 tulip
alias eth1             off
# options tulip          options=0

/etc/rc.config

# start loopback networking? ("yes" or "no")
START_LOOPBACK="yes"
# networking
# number of network cards: "_0" for one, "_0 _1 _2 _3" for four cards
NETCONFIG="_0"
# IP Adresses
IPADDR_0="192.168.1.1"
IPADDR_1=""
IPADDR_2=""
IPADDR_3=""
# network device names (e.g. "eth0")
NETDEV_0="eth0"
NETDEV_1=""
NETDEV_2=""
NETDEV_3=""
# parameteres for ifconfig, if you put "bootp" into it, bootp will
# be used to configure it
# sample entry for ethernet:
# IFCONFIG_0="192.168.81.38 broadcast 192.168.81.63 netmask 255.255.255.224"
IFCONFIG_0="192.168.1.1 broadcast 192.168.0.255 netmask 255.255.255.0"
IFCONFIG_1=""
IFCONFIG_2=""
IFCONFIG_3=""

# setup dummy network device for IPADDR_0? this is useful for non permanent
# network connections (e.g. SLIP, PPP). Some software needs a connection
# to FQHOSTNAME (e.g. plp). (yes, no)
SETUPDUMMYDEV="no"
# Do you want the "dynamic IP patch" to be enabled at bootup? (yes/no)
IP_DYNIP=no
# Enable syn flood protection (see /usr/src/linux/Documentation/Configure.help)
# (yes/no)
IP_TCP_SYNCOOKIES=yes
# 2 you can configure at runtime, if the host may forward
# IP packages or not.  Is this host a router? (yes/no)
IP_FORWARD=yes
# SuSEconfig can do some checks and modifications for /etc/hosts.
# If this is not wanted, set the following variable to 'no' (yes, no).
CHECK_ETC_HOSTS=no

/etc/exports

# See exports(5) for a description.
# This file contains a list of all directories exported to other computers.
# It is used by rpc.nfsd and rpc.mountd.

/usr/local	fred(rw,root_squash)
/home		fred(rw,root_squash)
/etc            fred(ro,root_squash)
/opt            fred(ro,root_squash)
/mnt/redhat_local fred(rw,root_squash)
/cdrom		fred(ro,root_squash)

/etc/hosts.conf

#
# /etc/host.conf
#
# Automatically generated by SuSEconfig on Sat Jul  3 23:08:47 /etc/localtime 1999.
#
# PLEASE DO NOT EDIT THIS FILE!
#
# Change variables (NAMESERVER + YP_SERVER) in /etc/rc.config instead.
#
#
order hosts bind
multi on

/etc/hosts

#
# hosts         This file describes a number of hostname-to-address
#               mappings for the TCP/IP subsystem.  It is mostly
#               used at boot time, when no name servers are running.
#               On small systems, this file can be used instead of a
#               "named" name server.
# Syntax:
#
# IP-Address  Full-Qualified-Hostname  Short-Hostname
#
127.0.0.1	localhost    	localhost.localdomain
192.168.1.1    	wilma.localdomain	wilma
192.168.1.3     fred.localdomain  	fred
192.168.1.4     dino.localdomain  	dino
192.168.1.5     pebbles.localdomain  	pebbles

/etc/hosts.deny


ALL:ALL

/etc/hosts.allow





portmap: 	192.168.1.

swat:           127.0.0.1  192.168.0.


ALL:		LOCAL 192.168.1.
rpc.kmountd : 	192.168.1.3 192.168.1.4
lpd: 		192.168.1.3 192.168.1.4
in.ftpd: 	192.168.1.3 192.168.1.4
in.telnetd: 	192.168.1.3 192.168.1.4

/etc/inetd.conf

ftp	stream	tcp	nowait	root	/usr/sbin/tcpd	in.ftpd


telnet	stream  tcp     nowait  root    /usr/sbin/tcpd	in.telnetd
swat	stream	tcp	nowait.400	root	/usr/sbin/tcpd  /usr/sbin/swat

/etc/networks

#
# networks	This file describes a number of netname-to-address
#		mappings for the TCP/IP subsystem.  It is mostly
#		used at boot time, when no name servers are running.
#

loopback	127.0.0.1
localnet	192.168.1.0

# End.

/etc/resolv.conf (for seanet)

search seanet.com
nameserver 209.244.0.3
nameserver 209.244.0.4

Resulting ifconfig

eth0      Link encap:Ethernet  HWaddr 00:A0:CC:E6:25:2E  
          inet addr:192.168.1.1  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:75904 errors:0 dropped:0 overruns:0 frame:0
          TX packets:32702 errors:0 dropped:0 overruns:0 carrier:0
          collisions:21424 txqueuelen:100 
          Interrupt:9 Base address:0xf800 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:3924  Metric:1
          RX packets:952 errors:0 dropped:0 overruns:0 frame:0
          TX packets:952 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0

Masquerading

Edit /etc/rc.config:

# Firewall settings - See /usr/doc/packages/firewall
# for a detailed description

FW_START="yes"
FW_LOCALNETS="192.168.0.0/24"
FW_FTPSERVER=""
FW_WWWSERVER=""
FW_SSLSERVER=""
FW_SSLPORT="443"
FW_MAILSERVER=""
FW_DNSSERVER=""
FW_NNTPSERVER=""
FW_NEWSFEED=""
FW_WORLD_DEV="ppp0"
FW_INT_DEV="eth0"
FW_LOG_ACCEPT="no"
FW_LOG_DENY="yes"
FW_ROUTER=""
FW_FRIENDS="no"
FW_INOUT="no"
FW_SSH="no"
FW_TRANSPROXY_OUT=""
FW_TRANSPROXY_IN=""
FW_REDIRECT=""
FW_TCP_LOCKED_PORTS="1:1023"
FW_UDP_LOCKED_PORTS="1:1023"


# Masquerading settings - See /usr/doc/packages/firewall
# for a detailed description

MSQ_START="yes"
MSQ_NETWORKS="192.168.0.0/24"
MSQ_DEV="ppp0"
MSQ_MODULES="ip_masq_cuseeme ip_masq_ftp ip_masq_irc ip_masq_quake
            ip_masq_raudio ip_masq_vdolive"

Samba

First, read the info at /usr/doc/packages/samba.

Then check /etc/services:

swat		901/tcp			# XXX Samba Web Adminisration Tool

And /etc/inetd.conf:

# These are to start Samba, an smb server that can export filesystems to
# Pathworks, Lanmanager for DOS, Windows for Workgroups, Windows95, Lanmanager
# for Windows, Lanmanager for OS/2, Windows NT, etc.  Lanmanager for dos is
# available via ftp from ftp.microsoft.com in bussys/MSclient/dos/. Please read
# the licensing stuff before downloading. Use the TCP/IP option in the client.
# Add your server to the \etc\lmhosts (or equivalent) file on the client.
#
# IMPORTANT: In S.u.S.E. Linux 5.0 samba is started by the init skript
#            /sbin/init.d/smb. Th following entries should stay disabled
#
# netbios-ssn	stream	tcp	nowait	root	/usr/sbin/smbd  smbd -l /var/log/samba -s /etc/smb.conf
# netbios-ns	dgram	udp	wait	root	/usr/sbin/nmbd  nmbd
#
# swat is the Samba Web Administration Tool
swat	stream	tcp	nowait.400	root	/usr/sbin/tcpd  /usr/sbin/swat

/etc/hosts.conf

192.168.1.4     dino.localdomain  	dino
192.168.1.5     pebbles.localdomain  	pebbles

/etc/lmhosts

192.168.1.1   wilma
192.168.1.4   dino
192.168.1.5   pebbles

/etc/smb.conf
Originally configured by swat, but now by hand.

# Samba config file created using SWAT
# from wilma.george.org (192.168.1.1)
# Date: 2000/03/30 17:37:23

# Global parameters
[global]
	workgroup = WINBLOWS
	interfaces = 192.168.1.1/24 127.0.0.1/24
	hosts allow = 192.168.1.
	bind interfaces only = Yes
	browseable = yes
	security = SHARE
	null passwords = yes
	keepalive = 30
	socket options = TCP_NODELAY
	os level = 2
	domain master = yes
	wins support = Yes
	guest account = smbuser
	printing = bsd
    printcap name = /etc/printcap
	load printers = yes
    print command = lpr -r -P%p %s
    lpq command = lpq -P%p
    lprm command = lprm -P%p %j
[tmp]
	comment = temporary files
	path = /tmp
	read only = yes

[homes]
	comment = homes section
	hide dot files = Yes
	browseable = No
	read only = No
	writable = Yes
	create mask = 0750

[cdrom]
	comment = Linux CD-ROM
	path = /cdrom
	locking = No
    read only = yes
    available = yes
    share modes = no
    browseable = yes
    public = yes

[printers]
	comment = All Printers
    browseable = no
    printable = yes
    public = yes
    read only = yes
	path = /usr/spool/public
	create mask = 0700
	print ok = Yes
	browseable = No

[public]
	comment = Public
	path = /opt/smbpublic
	read only = No
	create mask = 0664
	directory mask = 0775
	guest ok = yes

[data]
	comment = Data
	path = /opt/samba/data
	read only = No
	guest ok = Yes
	create mask = 0660
	directory mask = 0770

This is a mixture of ideas from the HOWTO, the packages/samba, and how-to's on the web. It works, but probably isn't secure enough.

The original printer path was tmp, but one note said it needed to be sticky-bitted (thoug it didn't say for what), and the example was /usr/spool/public. So I made /usr/share/public, set to

  drwsrwsrwx   2 lp       lp           1024 Sep  4 21:07 public

Clients

To handle masquerading for Linux, and Masquerading plus Samba for Windows boxes.

Fred: 450 MHz desktop (Linux)

Copy wilma's /etc/resolv.conf. Then make wilma the default gateway:

  route add default gw 192.168.1.1

Dino: 166MHz laptop (Windows)

Installed LinkSys 10/100 PMCIA card. Then go to Device manager and delete all Network things and Other/Network things; go to Network and delete all things.

Then the configure was:

IP Address

IP Address: 192.168.1.4
Subnet mask: 255.255.255.0

Identification

Name: dino
Domain: seanet.com
Group: WINBLOWS

Gateway: 192.168.1.1

DNS

Enable DNS
Host: dino
DNS Server: 192.168.1.1 and the seanet.com nameservers from wilma's /etc/resolv.conf.

WINS: leave disabled

Pebbles: 133MHz desktop (Windows)

Had it set up as dino at 192.168.1.4, then it was broken for a while. Now back in business after given that address to the laptop. So it it is now pebbles at 192.168.1.5.

IP Address

IP Address: 192.168.1.5
Subnet mask: 255.255.255.0

Identification

Name: PEBBLES
Domain: seanet.com
Group: WINBLOWS

Gateway: 192.168.1.1

DNS

Enable DNS
Host: pebbles
DNS Server: 192.168.1.1 and the seanet.com nameservers from wilma's /etc/resolv.conf.

WINS: leave disabled

Set printer to Apple Laser Printer, and its "port" to

  \\WILMA\Postscript

It appears we can:

/etc/rc.d/smb restart
testparms -L localhost pebbles
testprns
smbstatus
smbclient -L localhost
smbclient -L pebbles
On client: Copy data to/from \\wilma\public and \\wilma\data
On client: print

Creator: Harry George
Updated/Created: 2001-01-07