Docstoc

Network Environment of Linux

Document Sample
Network Environment of Linux Powered By Docstoc
					 ifconfig –a
 List all IP addresses in your Linux

 To change your IP address, type the command ‘setup’

in the shell and then choose ‘Network configuration’ from the menu.  You can find the detail network configuration from the file:
 /etc/sysconfig/network-scripts/ifcfg-eth0

 To test the network connect of your ping, you can use

the command ‘ping’  ping 127.0.0.1
 A loop back test of your PC

 ping xxx.xxx.xxx.xxx
 xxx.xxx.xxx.xxx is the IP address of other PC in the same

domain
 ping www.yahoo.com
 To test the connection between your PC and the

Internet.

 ifdown eth0
 Shut Down the network adapter eth0

 ifup eth0
 Bring up the network adapter eth0

 You can try to use ‘ping’ to test the above two

commands

 First ensure the parent real interface exists, in general,

eth0 should exist.  ifconfig eth0:0 192.168.1.99 netmask 255.255.255.0 up
 eth0:0 is a child interface eth0

 You should also create a /etc/sysconfig/network-

scripts/ifcfg-eth0:0 file so that the aliases will all be managed automatically with the ifup and ifdown commands.

 route add default gw 192.168.1.1 eth0
 Assign the default gateway’s IP address to the interface

eth0
 You can also need to update the file

/etc/sysconfig/network.

 To simplify the work of IP assignment, Dynamic Host

Configuration Protocol Server can help.  You can find the dhcp RPM packages from the Fedora’s CD  To check the install of your dhcp, you can use:
 rpm -qa dhcp

 You can start the dhcp service by using ‘setup’, ‘System

services’, and then check ‘dhcpd’

 When DHCP starts, it reads the file /etc/dhcpd.conf to

configure your network.  DHCP RPM package doesn't automatically install a /etc/dhcpd.conf file.  You can find a sample copy of dhcpd.conf in the following directory:
 /usr/share/doc/dhcpd.conf.sample

ddns-update-style interim ignore client-updates

subnet 192.168.1.0 netmask 255.255.255.0 {
# The range of IP addresses the server will issue to DHCP enabled PC clients # booting up on the network range 192.168.1.201 192.168.1.220; # Set the amount of time in seconds that a client may keep the IP address default-lease-time 86400; max-lease-time 86400; # Set the default gateway to be used by the PC clients option routers 192.168.1.1;

# Don't forward DHCP requests from this NIC interface to any other NIC interfaces option ip-forwarding off; # Set the broadcast address and subnet mask to be used by the DHCP clients option broadcast-address 192.168.1.255; option subnet-mask 255.255.255.0; # Set the DNS server to be used by the DHCP clients option domain-name-servers 192.168.1.100; # Set the NTP server to be used by the DHCP clients option nntp-server 192.168.1.100;

# If you specify a WINS server for your Windows clients, # you need to include the following option in the dhcpd.conf file: option netbios-name-servers 192.168.1.100; # You can also assign specific IP addresses based on the clients' # ethernet MAC address as follows (Host's name is "laser-printer": host laser-printer { hardware ethernet 08:00:2b:4c:59:23; fixed-address 192.168.1.222; } }

 Ensure there is an existing dhcpd.leases file in the

directory /var/lib/dhcp  You can create this file by using:
 touch /var/lib/dhcp/dhcpd.leases

 Use the chkconfig command to start DHCP at boot:  chkconfig dhcpd on  Use the service command to start/stop/restart

DHCP:
 service dhcpd start  service dhcpd stop  service dhcpd restart

 You can find the detail network configuration from the

file:
 /etc/sysconfig/network-scripts/ifcfg-eth0

 Change the content so that the IP address will be

assigned by a dhcp server:

DEVICE=eth0 BOOTPROTO=dhcp ONBOOT=yes

 Apache basically is a http server.  The main function is to transfer HTML file.  Nowadays, many modules (plug-in) enhance the

functions of Apache.  Use the ‘chkconfig’ command to configure Apache to start at boot:
 chkconfig httpd on

 Use ‘service httpd’ to start,stop, and restart

Apache after booting:
 service httpd start  service httpd stop  service httpd restart

 DocumentRoot /var/www/html
 Default directory to place your HTML files.

 User apache, Group apache
 Default user and group for the httpd processes.

 Listen Port 80

 Default Home Page - index.html
 Log files Directory - /var/log/httpd  All these configurations are stored in:
 /etc/httpd/conf/httpd.conf

 Before going to change httpd.conf, remember to

make a backup:
 cp httpd.conf httpd.conf.bak

 Open httpd.conf and start to change setting.  KeepAlive On  To reduce the overhead on the connection.  TimeOut 60  Waiting too long is not necessary.  AddDefaultCharset Big5  Display Traditional Chinese.  You must restart your Apache after the

modification

 To control the files access inside a directory, we

need to use <Directory> tab inside httpd.conf.  For example, find the <Directory “/var/www/html”> which is the access control of default DocumentRoot:
<Directory "/var/www/html"> Options Indexes FollowSymLinks AllowOverride None Order allow,deny Allow from all </Directory>

 Options Indexes FollowSymLinks
 Indexes – Allow users read the directories index if home

page “index.html” cannot find.  FollowSymLink – Allow web admin to create a Symbolic Link which let users access other files outside /var/www/html.  These two Options SHOULD BE REMOVED for security concern.
 AllowOverride None
 Do not allow users to use a file .htaccess (explain later).

 Order allow,deny
 The sequence to read the access IP address or domain

name. In this case, read allow first and then deny. If ‘allow’ conflict with ‘deny’, ‘deny’ override ‘allow’ (reverse order).
 Allow from all
 Allow all IPs or domain to access this Directory.

 Some input methods for allow, deny:
 Deny from 192.168.1.100 192.168.1.101

 Deny from vtc.edu.hk 192.168.1.0/24

 In general, all HTML files must store under

/var/www/html.  We can create another web directory which is not under /var/www/html and use “Alias” to point to it.  Create a new directory “site1” under the directory “/var/www”.  Add this line to “httpd.conf”:
 Alias /site1 “/var/www/site1”

 And then use <Directory “/var/www/site1”> to

control the access.

 Each user in a Linux can create his/her own web site

under his/her home directory.  Default directory is public_html.  Other users can access the personal web site by using ~username.
 For user alan, the URL access his personal web is:
 http://www.xxx.com/~alan

 Backup httpd.conf and then open it.  Remove the line “UserDir disable” in httpd.conf.  Uncomment (remove the mark ‘#’) the line

“UserDir public_html”.  Login as the user which want to create his/her own web site.  Create a directory “public_html” under his/her home directory  Change the permission of the home directory and public_html directory
 chmod 755 /home/alan  chmod 755 public_html

 One IP can have more than one domain name or host

name.  One PC can have more than one IP address.  As a result, One Web Server can contains more than one web site.  For example, www.abc.com, www.bbb.com, are two web sites in a PC which store the contents in different directories.

 Create two directories, “site1”, “site2” under the

directory /var/www.  Backup httpd.conf and then open it.  Add following lines to your httpd.conf:
NameVirtualHost * <VirtualHost *> ServerName DocumentRoot </VirtualHost>

www.abc.com /var/www/site1

<VirtualHost *> ServerName DocumentRoot </VirtualHost>

www.bbb.com /var/www/site2

 Add two more ip addresses to your eth0  Backup httpd.conf and then open it.

 Add following lines to your httpd.conf:
<VirtualHost 192.168.1.xxx> DocumentRoot /var/www/site1 </VirtualHost> <VirtualHost 192.168.1.yyy> DocumentRoot /var/www/site2 </VirtualHost>

 We can apply a username and password to a web

directory.  Go to the directory /var/www  Use ‘htpasswd’ to create a user file.
 htpasswd -c password_file_name User_name

 e.g. htpasswd -c httpusers alan

 Backup httpd.conf and then open it.  File permission of password file should be 644.

 Add following statements to httpd.conf:
<Directory "/var/www/site1"> AuthName "Protected Directory" AuthType Basic AuthUserFile /var/www/httpusers require valid-user </Directory>

 Other input method for “require”:
 require user alan mary

 Only allow “alan” and “mary” to use this site.

 If Apache contains too many <Directory>, any

changes on the access will cause RESTART!  Open httpd.conf, we can find:
 AccessFileName .htaccess

 We can create a .htaccess file which contain files

access control attributes and place this file under a directory.  httpd.conf use following statement to restrict users access .htaccess through Internet:
<Files ~ "^\.ht"> Order allow,deny Deny from all </Files>

 For the previous web site, we can move the

authentication setting to a .htaccess .  <Directory> also need to change:
<Directory "/var/www/site1"> AllowOverride AuthConfig Order allow,deny Allow from all </Directory>

 AllowOverride AuthConfig

 Allow to use a .htaccess file to override the

authenication setting.

 Under the directory /var/www/site1, create a file with

name ‘.htaccess’ and the content is:
AuthName "Protected Directory" AuthType Basic AuthUserFile /var/www/httpusers require valid-user


				
DOCUMENT INFO
Shared By:
Stats:
views:164
posted:7/3/2009
language:English
pages:31
Description: Network Environment of Linux