Linux Network Appliance Project

install ubuntu LAMP server

sudo passwd
# > dialog
su >

vi /etc/apt/sources.list
# comment out cd rom
# uncomment other repositories
#save

apt-get update
apt-get install openssh-server
apt-get upgrade
reboot

login via ssh from workstation


vi /etc/apt/sources.list
# add:
deb http://download.webmin.com/download/repository sarge contrib
apt-get update
apt-get upgrade
/etc/init.d/mysql reset-password
apt-get install bridge-utils uml-utilities

apt-get install libmd5-perl libnet-ssleay-perl libauthen-pam-perl libio-pty-perl shorewall dnsmasq openssl
apt-get install webmin
apt-get update

see: http://www.shorewall.net/three-interface.htm
webmin: https://router:10000/


man brctl
ifconfig -a
ip addr show eth0
tcpdump -nei eth0 arp # stops this
arp -na #shows arp cache


(NEW) add a wi-fi group (at least 2 nics)
for wi-fi and dialup clients to connect to our network (without seeing local users)
see (iwconfig)
###################
# set hostname (see subdomains.txt)
# register hostname
#
#
#
###################

virtual interfaces:
iface eth0:0 inet dhcp

commands can be inserted into scripts:
/etc/network/if-up.d and /etc/network/if-down.d
resolvconf package includes scripts
Write a shell script or network config to:

###################
#re-name all interfaces use businfo
example: ethwan1 businfo 0000:02:04.0

#create the bridges (below)
#zero interfaces if required
#add interfaces to bridges
#span bridges
#add dhcp to private LAN
#
###################


Get the mac addresses (from config table?)
assign ethxx to each mac address

#create the bridges:
brctl addbr br0 # for WAN
brctl addbr br1 # for public LAN
brctl addbr br2 # for private LAN
brctl addbr br3 # for proxy users

# this group only if bridging/bonding dual WAN
brctl addbr br2
ifconfig eth0 0.0.0.0
ifconfig eth1 0.0.0.0

# zero out all interfaces:
ifconfig eth0 0.0.0.0
ifconfig eth1 0.0.0.0
ifconfig eth2 0.0.0.0
ifconfig eth3 0.0.0.0
ifconfig eth4 0.0.0.0
ifconfig eth5 0.0.0.0
ifconfig eth6 0.0.0.0
ifconfig eth7 0.0.0.0
ifconfig eth8 0.0.0.0
ifconfig eth9 0.0.0.0
ifconfig eth10 0.0.0.0
ifconfig eth11 0.0.0.0
ifconfig eth12 0.0.0.0
ifconfig eth13 0.0.0.0
ifconfig eth14 0.0.0.0
ifconfig eth15 0.0.0.0
ifconfig eth16 0.0.0.0
ifconfig eth17 0.0.0.0

#add interfaces to WAN bridge:
brctl addif br0 eth0
brctl addif br0 eth1
brctl addif br0 eth2
brctl addif br0 eth3


#add interfaces to public bridge:
brctl addif br1 eth4
brctl addif br1 eth5
brctl addif br1 eth6
brctl addif br1 eth7
brctl addif br1 eth8
brctl addif br1 eth9
brctl addif br1 eth10
brctl addif br1 eth11


#add interfaces to private bridge:
brctl addif br2 eth12
brctl addif br2 eth13
brctl addif br2 eth14
brctl addif br2 eth15
brctl addif br2 eth16
brctl addif br2 eth17
brctl addif br2 eth18
brctl addif br2 eth19
brctl addif br2 eth20
brctl addif br2 eth21
brctl addif br2 eth22
brctl addif br2 eth23


#turn on spanning tree (for multiple bridges)
brctl stp br0 on
brctl stp br1 on


>>> include the shell script in startup


vi /etc/network/interfaces

example:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback


# The primary network interface > corrected 4/1/09 ross
auto eth0
iface eth0 inet static
address 216.107.119.2XX
netmask 255.255.255.240
network 216.107.119.2XX
broadcast 216.107.119.2XX
gateway 216.107.119.2XX
dns-nameservers 4.2.2.3
dns-search static.networktel.net

auto eth1
iface eth1 inet static
address 192.168.1.1
netmask 255.255.255.0
broadcast 192.168.1.255
network 192.168.1.0

auto bond0
iface bond0 inet static
address 192.168.0.120
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.1
hwaddress ether 00:03:B3:48:50:2C
post-up ifenslave bond0 eth0 eth1

/etc/init.d/networking restart

#################################
# TODO TODO TODO TODO TODO TODO #
# TODO TODO TODO TODO TODO TODO #
#################################
write config interfaces and mapping
properly define interfaces by name and mac addresses
using get-mac-address.sh or iftab or udev or ifrename or ethtool
order them so that their position on the back of the unit is logical


old iftab:

/etc/iftab
# This file assigns persistent names to network interfaces.
# See "man iftab" for syntax.

eth0 mac 00:c0:95:e2:6d:e0 arp 1
eth1 mac 00:c0:95:e2:6d:e1 arp 1
eth2 mac 00:c0:95:e2:6d:e2 arp 1
eth3 mac 00:c0:95:e2:6d:e3 arp 1
eth4 mac 00:c0:95:e2:a2:54 arp 1
eth5 mac 00:c0:95:e2:a2:55 arp 1
eth6 mac 00:c0:95:e2:a2:56 arp 1
eth7 mac 00:c0:95:e2:a2:57 arp 1
eth8 mac 00:c0:95:e4:81:28 arp 1
eth9 mac 00:c0:95:e4:81:29 arp 1
eth10 mac 00:c0:95:e4:81:2a arp 1
eth11 mac 00:c0:95:e4:81:2b arp 1
eth12 mac 00:c0:95:e2:8f:cc arp 1
eth13 mac 00:c0:95:e2:8f:cd arp 1
eth14 mac 00:c0:95:e2:8f:ce arp 1
eth15 mac 00:c0:95:e2:8f:cf arp 1
eth16 mac 00:c0:95:e6:59:94 arp 1
eth17 mac 00:c0:95:e6:59:95 arp 1
eth18 mac 00:c0:95:e6:59:96 arp 1
eth19 mac 00:c0:95:e6:59:97 arp 1
eth20 mac 00:c0:95:e2:68:10 arp 1
eth21 mac 00:c0:95:e2:68:11 arp 1
eth22 mac 00:c0:95:e2:68:12 arp 1
eth23 mac 00:c0:95:e2:68:13 arp 1


new iftab:

# This file assigns persistent names to network interfaces.
# See iftab(5) for syntax.
# I used actual pci bus location instead of mac
# so that if nic is replaced it should continue to work.

ethwan1 businfo 0000:02:04.0
ethwan2 businfo 0000:02:05.0
ethwan3 businfo 0000:02:06.0
ethwan4 businfo 0000:02:07.0

ethpub1 businfo 0000:03:04.0
ethpub2 businfo 0000:03:05.0
ethpub3 businfo 0000:03:06.0
ethpub4 businfo 0000:03:07.0

ethpub5 businfo 0000:04:04.0
ethpub6 businfo 0000:04:05.0
ethpub7 businfo 0000:04:06.0
ethpub8 businfo 0000:04:07.0

ethpriv1 businfo 0000:05:04.0
ethpriv2 businfo 0000:05:05.0
ethpriv3 businfo 0000:05:06.0
ethpriv4 businfo 0000:05:07.0

ethpriv5 businfo 0000:06:04.0
ethpriv6 businfo 0000:06:05.0
ethpriv7 businfo 0000:06:06.0
ethpriv8 businfo 0000:06:07.0



#################################
# TODO TODO TODO TODO TODO TODO #
# TODO TODO TODO TODO TODO TODO #
#################################

##################################
##################################
##################################
##################################

##################################
# NOTES:NOTES:NOTES:NOTES:NOTES: #
# NOTES:NOTES:NOTES:NOTES:NOTES: #
##################################

Usable IP addresses:
216.107.119.XXX ~ 216.107.119.XXX

Gateway: 216.107.119.XXX
Subnet Mask: 255.255.255.240
DNS: 216.83.237.238 216.83.236.227


pci slot 4
eth0 00-c0-95-e2-6d-fc
eth1 00:c0:95:e2:6d:fd
eth2 00:c0:95:e2:6d:fe
eth3 00:c0:95:e2:6d:ff

pci slot ?
eth4 00:c0:95:e2:a2:54
eth5 00:c0:95:e2:a2:55
eth6 00:c0:95:e2:a2:56
eth7 00:c0:95:e2:a2:57

pci slot 3
eth8 00:c0:95:e2:8f:cc
eth9 00:c0:95:e2:8f:cd
eth10 00:c0:95:e2:8f:ce
eth11 00:c0:95:e2:8f:cf

pci slot ?
eth12 00:c0:95:e2:6d:e0
eth13 00:c0:95:e2:6d:e1
eth14 00:c0:95:e2:6d:e2
eth15 00:c0:95:e2:6d:e3


##################################
# NOTES:NOTES:NOTES:NOTES:NOTES: #
# NOTES:NOTES:NOTES:NOTES:NOTES: #
##################################

##################################
##################################
##################################
##################################

#################################
# SNIPPETSNIPPETSNIPPETSNIPPETS #
# SNIPPETSNIPPETSNIPPETSNIPPETS #
#################################


auto br0
iface br0 inet dhcp
bridge_ports eth0
 
auto eth0
iface eth0 inet manual

###################################

auto lo eth0
allow-hotplug eth1

iface lo inet loopback

mapping eth0
script /usr/local/sbin/map-scheme
map HOME eth0-home
map WORK eth0-work

iface eth0-home inet static
address 192.168.1.1
netmask 255.255.255.0
up flush-mail

iface eth0-work inet dhcp

iface eth1 inet dhcp

####################################

#!/bin/sh
# The following script example, if dropped in /etc/network/if-pre-up.d/
# and under /etc/network/if-down.d/, will manage to configure a bridge
# if defined in the /etc/network/interfaces file as either:
#
# Note: The bridge-utils package already provide a similar (more
# powerful) script this is just provided here for convenience and to
# show how the /etc/network/if-*.d/ methods can be defined.
#
# [ a bridge with an associated IP address ]
# iface br0 inet static
# bridge-ifaces eth0 eth1
# address 192.168.1.1
# netmask 255.255.255.0
# [ a bridge which acts as an anonymous bridge ]
# iface br0 inet manual
# bridge-ifaces eth0 eth1
# up ifconfig $IFACE up
#
# For more information read:
# http://bridge.sourceforge.net/howto.html

brctl=`which brctl`

# Notice that the bridge-utils package must be installed and
# we need to have the BRIDGE_IFACES in order to work
[ "$IF_BRIDGE_IFACES" = "" ] && exit 0
if [ -z "$brctl" ] ; then
# ? Somebody is trying to use us without having bridge-utils?
echo "Cannot find the 'brctl' program to setup the bridge"
echo "Hint: Have you installed the bridge-utils package?"
exit 1
fi

# Check all interfaces before proceeding
for i in $IF_BRIDGE_IFACES; do
ip link show $i >/dev/null 2>&1
if [ $? -ne 0 ] ; then
echo "Interface $i is not available, aborting"
exit 1
fi
done

if [ "$MODE" = "start" ] ; then
# We are being called by ifup:
# Bring up all the bridge interfaces
for i in $IF_BRIDGE_IFACES; do
ifconfig $i 0.0.0.0 up
done
# And now add the bridge itself and the interfaces which are part
# of the bridge
brctl addbr $IFACE
for i in $IF_BRIDGE_IFACES; do
brctl addif $IFACE $i
done
elif [ "$MODE" = "stop" ]; then
# We are being called by ifdown:
# Remove the bridge itself and the bridge association
for i in $IF_BRIDGE_IFACES; do
brctl delif $IFACE $i
done
brctl delbr $IFACE
# Bring down all the bridge interfaces
for i in $IF_BRIDGE_IFACES; do
ifconfig $i down
done
fi

exit 0
bridge interfaces.

#!/bin/sh
#
# Checks if the given interface matches the given ethernet MAC.
# If it does it exits with 0 (success) status;
# if it doesn't then it exists with 1 (error) status.

set -e

export LANG=C

if [ ! "$2" ] ; then
echo "Usage: $0 IFACE targetMAC"
exit 1
fi
iface="$1"
targetmac=`echo "$2" | sed -e 'y/ABCDEF/abcdef/'`
mac=$(/sbin/ifconfig "$iface" | sed -n -e '/^.*HWaddr \([:[:xdigit:]]*\).*/{s//\1/;y/ABCDEF/abcdef/;p;q;}')

if [ "$targetmac" = "$mac" ]; then exit 0; else exit 1; fi



#################################
# SNIPPETSNIPPETSNIPPETSNIPPETS #
# SNIPPETSNIPPETSNIPPETSNIPPETS #
#################################

##################################
##################################
##################################
##################################

##################################
# SUBNETSUBNETSUBNETSUBNETSUBNET #
# SUBNETSUBNETSUBNETSUBNETSUBNET #
#################################
Here are the IP addresses for the customer. Once the circuit is
installed, these will be available for use.

or linux router project

##################################
# SUBNETSUBNETSUBNETSUBNETSUBNET #
# SUBNETSUBNETSUBNETSUBNETSUBNET #
##################################

##################################
##################################
##################################
##################################
##################################
##################################
##################################

#################################
# INDEX INDEX INDEX INDEX INDEX #
# INDEX INDEX INDEX INDEX INDEX #
#################################


# brctl
# commands:
addbr add bridge
delbr delete bridge
addif add interface to bridge
delif delete interface from bridge
setageing