2019年2月15日 星期五
2019年2月13日 星期三
Linux中為網卡生成UUID
某個網卡的UUID改錯了或者刪除了,重新配置的時候需要UUID怎麼辦
在Linux或CentOS中,可以通過如下命令獲取網卡的uuid信息:
[root@ligle2 ~]# uuidgen eth1
07d07031-eb0f-4691-8606-befb46645433
獲取到eth1網卡的uuid,即可完成對ifcfg-eth1配置文件的修改,最後通過service network restart命令重啟網卡,OK。
nmcli dev status
systemctl restart network.service
vim /etc/sysconfig/network-scripts/ifcfg-ens21
ip a
在Linux或CentOS中,可以通過如下命令獲取網卡的uuid信息:
[root@ligle2 ~]# uuidgen eth1
07d07031-eb0f-4691-8606-befb46645433
獲取到eth1網卡的uuid,即可完成對ifcfg-eth1配置文件的修改,最後通過service network restart命令重啟網卡,OK。
nmcli dev status
systemctl restart network.service
vim /etc/sysconfig/network-scripts/ifcfg-ens21
ip a
uuidgen ens21
[root@w234 ~]# nmcli dev status
DEVICE TYPE STATE CONNECTION
ens18 ethernet <A4>w<B3>s<BD>u ens18
ens21 ethernet <A4>w<B3>s<BD>u ens21
ens19 ethernet <A4>w<B3>s<BD>u ens19
ens20 ethernet <A4>w<B3>s<BD>u ens20
ens22 ethernet <C2><F7><BD>u --
lo loopback <A4><A3><A8><FC><BA><U+07B2>z<AA><BA> --
[root@w234 ~]#
[root@w234 ~]# nmcli dev status
DEVICE TYPE STATE CONNECTION
ens18 ethernet <A4>w<B3>s<BD>u ens18
ens21 ethernet <A4>w<B3>s<BD>u ens21
ens19 ethernet <A4>w<B3>s<BD>u ens19
ens20 ethernet <A4>w<B3>s<BD>u ens20
ens22 ethernet <C2><F7><BD>u --
lo loopback <A4><A3><A8><FC><BA><U+07B2>z<AA><BA> --
[root@w234 ~]#
[CentOS] 在 CentOS 7 使用 firewalld 架設 NAT
NAT 伺服器
架設 NAT 需要有兩個網路孔,一個負責 WAN,一個負責 LAN,先修改網卡的 zone 分別為 External (WAN) 跟 Internal (LAN),我的 ens18 負責 WAN,ens19 負責 LAN。
nmcli c mod ens19 connection.zone internal
nmcli c mod ens22 connection.zone external
nmcli c mod ens18 connection.zone public
然後確認一下有沒有成功
firewall-cmd --get-active-zone
WAN 設定 IP masquerad,其實我不太懂這是什麼意思,似乎是 IP 偽裝。
firewall-cmd --zone=external --add-masquerade --permanent
firewall-cmd --zone=public --add-masquerade --permanent
firewall-cmd --zone=internal --add-masquerade --permanent
firewall-cmd --reload
檢查一下 ip fordwarding 是否啟用,如果啟用的話結果為 1
cat /proc/sys/net/ipv4/ip_forward
Port fordwarding
通過 WAN 的 port 22/tcp 轉發到 WAN 本身的 port 9487/tcp
firewall-cmd --zone=external --add-forward-port=port=22:proto=tcp:toport=9487
firewall-cmd --list-all --zone=external
firewall-cmd --zone=public --add-forward-port=port=22:proto=tcp:toport=9487
firewall-cmd --list-all --zone=public
通過 WAN 的 port 22/tcp 轉發到 192.168.0.31
firewall-cmd --zone=external --add-forward-port=port=22:proto=tcp:toport=22:toaddr=192.168.0.31
firewall-cmd --list-all --zone=external
firewall-cmd --zone=public --add-forward-port=port=22:proto=tcp:toport=22:toaddr=192.168.0.31
firewall-cmd --list-all --zone=public
允許封包轉送
firewall-cmd --direct --add-rule ipv4 nat POSTROUTING 0 -o ens22 -j MASQUERADE
firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i ens19 -o ens22 -j ACCEPT
firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i ens22 -o ens19 -m state --state RELATED,ESTABLISHED -j ACCEPT
firewall-cmd --reload
firewall-cmd --direct --add-rule ipv4 nat POSTROUTING 0 -o ens18 -j MASQUERADE
firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i ens19 -o ens18 -j ACCEPT
firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i ens18 -o ens19 -m state --state RELATED,ESTABLISHED -j ACCEPT
firewall-cmd --reload
重新讀取防火牆設定後,NAT 就完成了,之後可以在上面安裝 dhcp,這樣就不用手動設定 IP 了。
CentOS Linux 7 以 firewalld 指令設定防火牆規則教學
架設 NAT 需要有兩個網路孔,一個負責 WAN,一個負責 LAN,先修改網卡的 zone 分別為 External (WAN) 跟 Internal (LAN),我的 ens18 負責 WAN,ens19 負責 LAN。
nmcli c mod ens19 connection.zone internal
nmcli c mod ens18 connection.zone public
然後確認一下有沒有成功
firewall-cmd --get-active-zone
WAN 設定 IP masquerad,其實我不太懂這是什麼意思,似乎是 IP 偽裝。
firewall-cmd --zone=public --add-masquerade --permanent
firewall-cmd --zone=internal --add-masquerade --permanent
firewall-cmd --reload
檢查一下 ip fordwarding 是否啟用,如果啟用的話結果為 1
cat /proc/sys/net/ipv4/ip_forward
Port fordwarding
通過 WAN 的 port 22/tcp 轉發到 WAN 本身的 port 9487/tcp
firewall-cmd --zone=public --add-forward-port=port=22:proto=tcp:toport=9487
firewall-cmd --list-all --zone=public
通過 WAN 的 port 22/tcp 轉發到 192.168.0.31
firewall-cmd --zone=public --add-forward-port=port=22:proto=tcp:toport=22:toaddr=192.168.0.31
firewall-cmd --list-all --zone=public
允許封包轉送
firewall-cmd --direct --add-rule ipv4 nat POSTROUTING 0 -o ens18 -j MASQUERADE
firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i ens19 -o ens18 -j ACCEPT
firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i ens18 -o ens19 -m state --state RELATED,ESTABLISHED -j ACCEPT
firewall-cmd --reload
重新讀取防火牆設定後,NAT 就完成了,之後可以在上面安裝 dhcp,這樣就不用手動設定 IP 了。
2019年2月11日 星期一
winroll.conf
drbl-winroll-1.7.0-228-setup
c:/cygwin/drbl_winroll-config/winroll.cfg
##############################################################
# #
# This script is created by winroll-setup.bat #
# #
# License: GPL #
# NCHC Free Software Labs , NCHC ,Taiwan #
# #
##############################################################
drbl-winroll.VERSION = 1.7.0
cygwin.dll.VERSION = 2.1.0
wsname.VERSION = 2.88b
monitor.VERSION = Munin Node 1.6.1-beta
rc.VERSION = 228
# HN_WSNAME_DEF_PARAM : Define default wsname parameter, assigned by winroll-set.bat
HN_WSNAME_DEF_PARAM = /N:$MAC
NETWORK_MODE_DEF_PARAM = dhcp
IF_NEWSID_DEF_PARAM = 0
# SKIP_SERVICE_AS_TEMPLETE : Define which service to skip as templete mode
# options: "autohostname config_network autonewsid add2ad"
SKIP_SERVICE_AS_TEMPLETE="autonewsid add2ad"
###############################################################
# HN_WSNAME_PARAM : Define customized wsname parameter, assigned by user.
# The follow is several suggested format
# HN_WSNAME_PARAM = /N:PC-$ZFIP[3+]
# # $ZFIP is zero-filling IP , 10.0.2.15 -> 010.000.002.015
# # $ZFIP not native param via wsname, it's by drbl-winroll project
# Other format:
# HN_WSNAME_PARAM = /N:PC-$MAC
# HN_WSNAME_PARAM = /N:PC-$MAC[6+]
# HN_WSNAME_PARAM = /N:PC-$IP[3+]
# HN_WSNAME_PARAM = /RDF:C:\cygwin\drbl_winroll-config\hosts.conf /DFK:$MAC [by local file]
# HN_WSNAME_PARAM = /RDF:http://10.0.2.2/winroll.cfg/hosts.rem.conf /DFK:$MAC [by http file]
#
# WG_WSNAME_PARAM : Define customized workgroup parameter, assigned by user.
# The follow is several suggested format
# No action if empty parameter
# $NM: use IP/Netmask
# $DNS_SUFFIX: use DNS suffix
#
# Other example:
# WG_WSNAME_PARAM = GROUP-$NM
# WG_WSNAME_PARAM = WG-$DNS_SUFFIX
#
# CONFIG_NETWORK_MODE :
# CONFIG_NETWORK_MODE = dhcp [ use dhcp ]
# CONFIG_NETWORK_MODE = /RDF:C:\cygwin\drbl_winroll-config\client-mac-network.conf [ by local file ]
# CONFIG_NETWORK_MODE = /RDF:http://10.0.2.2/winroll.cfg/client-mac-network.rem.conf [ by http file ]
# CONFIG_NETWORK_MODE = none [ not take care network configuration ]
###############################################################
##HN_WSNAME_PARAM = /N:PC-$IP[3+]
HN_WSNAME_DEF_PARAM = /N:$MAC
WG_WSNAME_PARAM = m6-1809
##dhcp server down 後,dhcpd.conf 要保留,正常時電腦編號&網卡編號&ip addresss 會同步。
##dhcp server down 後,會有新的區域網路, WG_WSNAME_PARAM = NAT
IF_AUTOHOSTNAME_SERVICE = y
CONFIG_NETWORK_MODE = dhcp
c:/cygwin/drbl_winroll-config/winroll.cfg
##############################################################
# #
# This script is created by winroll-setup.bat #
# #
# License: GPL #
# NCHC Free Software Labs , NCHC ,Taiwan #
# #
##############################################################
drbl-winroll.VERSION = 1.7.0
cygwin.dll.VERSION = 2.1.0
wsname.VERSION = 2.88b
monitor.VERSION = Munin Node 1.6.1-beta
rc.VERSION = 228
# HN_WSNAME_DEF_PARAM : Define default wsname parameter, assigned by winroll-set.bat
HN_WSNAME_DEF_PARAM = /N:$MAC
NETWORK_MODE_DEF_PARAM = dhcp
IF_NEWSID_DEF_PARAM = 0
# SKIP_SERVICE_AS_TEMPLETE : Define which service to skip as templete mode
# options: "autohostname config_network autonewsid add2ad"
SKIP_SERVICE_AS_TEMPLETE="autonewsid add2ad"
###############################################################
# HN_WSNAME_PARAM : Define customized wsname parameter, assigned by user.
# The follow is several suggested format
# HN_WSNAME_PARAM = /N:PC-$ZFIP[3+]
# # $ZFIP is zero-filling IP , 10.0.2.15 -> 010.000.002.015
# # $ZFIP not native param via wsname, it's by drbl-winroll project
# Other format:
# HN_WSNAME_PARAM = /N:PC-$MAC
# HN_WSNAME_PARAM = /N:PC-$MAC[6+]
# HN_WSNAME_PARAM = /N:PC-$IP[3+]
# HN_WSNAME_PARAM = /RDF:C:\cygwin\drbl_winroll-config\hosts.conf /DFK:$MAC [by local file]
# HN_WSNAME_PARAM = /RDF:http://10.0.2.2/winroll.cfg/hosts.rem.conf /DFK:$MAC [by http file]
#
# WG_WSNAME_PARAM : Define customized workgroup parameter, assigned by user.
# The follow is several suggested format
# No action if empty parameter
# $NM: use IP/Netmask
# $DNS_SUFFIX: use DNS suffix
#
# Other example:
# WG_WSNAME_PARAM = GROUP-$NM
# WG_WSNAME_PARAM = WG-$DNS_SUFFIX
#
# CONFIG_NETWORK_MODE :
# CONFIG_NETWORK_MODE = dhcp [ use dhcp ]
# CONFIG_NETWORK_MODE = /RDF:C:\cygwin\drbl_winroll-config\client-mac-network.conf [ by local file ]
# CONFIG_NETWORK_MODE = /RDF:http://10.0.2.2/winroll.cfg/client-mac-network.rem.conf [ by http file ]
# CONFIG_NETWORK_MODE = none [ not take care network configuration ]
###############################################################
##HN_WSNAME_PARAM = /N:PC-$IP[3+]
HN_WSNAME_DEF_PARAM = /N:$MAC
WG_WSNAME_PARAM = m6-1809
##dhcp server down 後,dhcpd.conf 要保留,正常時電腦編號&網卡編號&ip addresss 會同步。
##dhcp server down 後,會有新的區域網路, WG_WSNAME_PARAM = NAT
IF_AUTOHOSTNAME_SERVICE = y
CONFIG_NETWORK_MODE = dhcp