Network Environment of Linux

 ifconfig –a  List all IP addresses in your Linux  To change your IP address, type the command ‘setup’ in the shell and then choose ‘Network configuration’ from the menu.  You can find the detail network configuration from the file:  /etc/sysconfig/network-scripts/ifcfg-eth0  To test the network connect of your ping, you can use the command ‘ping’  ping 127.0.0.1  A loop back test of your PC  ping xxx.xxx.xxx.xxx  xxx.xxx.xxx.xxx is the IP address of other PC in the same domain  ping www.yahoo.com  To test the connection between your PC and the Internet.  ifdown eth0  Shut Down the network adapter eth0  ifup eth0  Bring up the network adapter eth0  You can try to use ‘ping’ to test the above two commands  First ensure the parent real interface exists, in general, eth0 should exist.  ifconfig eth0:0 192.168.1.99 netmask 255.255.255.0 up  eth0:0 is a child interface eth0  You should also create a /etc/sysconfig/network- scripts/ifcfg-eth0:0 file so that the aliases will all be managed automatically with the ifup and ifdown commands.  route add default gw 192.168.1.1 eth0  Assign the default gateway’s IP address to the interface eth0  You can also need to update the file /etc/sysconfig/network.  To simplify the work of IP assignment, Dynamic Host Configuration Protocol Server can help.  You can find the dhcp RPM packages from the Fedora’s CD  To check the install of your dhcp, you can use:  rpm -qa dhcp  You can start the dhcp service by using ‘setup’, ‘System services’, and then check ‘dhcpd’  When DHCP starts, it reads the file /etc/dhcpd.conf to configure your network.  DHCP RPM package doesn't automatically install a /etc/dhcpd.conf file.  You can find a sample copy of dhcpd.conf in the following directory:  /usr/share/doc/dhcpd.conf.sample ddns-update-style interim ignore client-updates subnet 192.168.1.0 netmask 255.255.255.0 { # The range of IP addresses the server will issue to DHCP enabled PC clients # booting up on the network range 192.168.1.201 192.168.1.220; # Set the amount of time in seconds that a client may keep the IP address default-lease-time 86400; max-lease-time 86400; # Set the default gateway to be used by the PC clients option routers 192.168.1.1; # Don't forward DHCP requests from this NIC interface to any other NIC interfaces option ip-forwarding off; # Set the broadcast address and subnet mask to be used by the DHCP clients option broadcast-address 192.168.1.255; option subnet-mask 255.255.255.0; # Set the DNS server to be used by the DHCP clients option domain-name-servers 192.168.1.100; # Set the NTP server to be used by the DHCP clients option nntp-server 192.168.1.100; # If you specify a WINS server for your Windows clients, # you need to include the following option in the dhcpd.conf file: option netbios-name-servers 192.168.1.100; # You can also assign specific IP addresses based on the clients' # ethernet MAC address as follows (Host's name is "laser-printer": host laser-printer { hardware ethernet 08:00:2b:4c:59:23; fixed-address 192.168.1.222; } }  Ensure there is an existing dhcpd.leases file in the directory /var/lib/dhcp  You can create this file by using:  touch /var/lib/dhcp/dhcpd.leases  Use the chkconfig command to start DHCP at boot:  chkconfig dhcpd on  Use the service command to start/stop/restart DHCP:  service dhcpd start  service dhcpd stop  service dhcpd restart  You can find the detail network configuration from the file:  /etc/sysconfig/network-scripts/ifcfg-eth0  Change the content so that the IP address will be assigned by a dhcp server: DEVICE=eth0 BOOTPROTO=dhcp ONBOOT=yes  Apache basically is a http server.  The main function is to transfer HTML file.  Nowadays, many modules (plug-in) enhance the functions of Apache.  Use the ‘chkconfig’ command to configure Apache to start at boot:  chkconfig httpd on  Use ‘service httpd’ to start,stop, and restart Apache after booting:  service httpd start  service httpd stop  service httpd restart  DocumentRoot /var/www/html  Default directory to place your HTML files.  User apache, Group apache  Default user and group for the httpd processes.  Listen Port 80  Default Home Page - index.html  Log files Directory - /var/log/httpd  All these configurations are stored in:  /etc/httpd/conf/httpd.conf  Before going to change httpd.conf, remember to make a backup:  cp httpd.conf httpd.conf.bak  Open httpd.conf and start to change setting.  KeepAlive On  To reduce the overhead on the connection.  TimeOut 60  Waiting too long is not necessary.  AddDefaultCharset Big5  Display Traditional Chinese.  You must restart your Apache after the modification  To control the files access inside a directory, we need to use tab inside httpd.conf.  For example, find the which is the access control of default DocumentRoot: Options Indexes FollowSymLinks AllowOverride None Order allow,deny Allow from all  Options Indexes FollowSymLinks  Indexes – Allow users read the directories index if home page “index.html” cannot find.  FollowSymLink – Allow web admin to create a Symbolic Link which let users access other files outside /var/www/html.  These two Options SHOULD BE REMOVED for security concern.  AllowOverride None  Do not allow users to use a file .htaccess (explain later).  Order allow,deny  The sequence to read the access IP address or domain name. In this case, read allow first and then deny. If ‘allow’ conflict with ‘deny’, ‘deny’ override ‘allow’ (reverse order).  Allow from all  Allow all IPs or domain to access this Directory.  Some input methods for allow, deny:  Deny from 192.168.1.100 192.168.1.101  Deny from vtc.edu.hk 192.168.1.0/24  In general, all HTML files must store under /var/www/html.  We can create another web directory which is not under /var/www/html and use “Alias” to point to it.  Create a new directory “site1” under the directory “/var/www”.  Add this line to “httpd.conf”:  Alias /site1 “/var/www/site1”  And then use to control the access.  Each user in a Linux can create his/her own web site under his/her home directory.  Default directory is public_html.  Other users can access the personal web site by using ~username.  For user alan, the URL access his personal web is:  http://www.xxx.com/~alan  Backup httpd.conf and then open it.  Remove the line “UserDir disable” in httpd.conf.  Uncomment (remove the mark ‘#’) the line “UserDir public_html”.  Login as the user which want to create his/her own web site.  Create a directory “public_html” under his/her home directory  Change the permission of the home directory and public_html directory  chmod 755 /home/alan  chmod 755 public_html  One IP can have more than one domain name or host name.  One PC can have more than one IP address.  As a result, One Web Server can contains more than one web site.  For example, www.abc.com, www.bbb.com, are two web sites in a PC which store the contents in different directories.  Create two directories, “site1”, “site2” under the directory /var/www.  Backup httpd.conf and then open it.  Add following lines to your httpd.conf: NameVirtualHost * ServerName DocumentRoot www.abc.com /var/www/site1 ServerName DocumentRoot www.bbb.com /var/www/site2  Add two more ip addresses to your eth0  Backup httpd.conf and then open it.  Add following lines to your httpd.conf: DocumentRoot /var/www/site1 DocumentRoot /var/www/site2  We can apply a username and password to a web directory.  Go to the directory /var/www  Use ‘htpasswd’ to create a user file.  htpasswd -c password_file_name User_name  e.g. htpasswd -c httpusers alan  Backup httpd.conf and then open it.  File permission of password file should be 644.  Add following statements to httpd.conf: AuthName "Protected Directory" AuthType Basic AuthUserFile /var/www/httpusers require valid-user  Other input method for “require”:  require user alan mary  Only allow “alan” and “mary” to use this site.  If Apache contains too many , any changes on the access will cause RESTART!  Open httpd.conf, we can find:  AccessFileName .htaccess  We can create a .htaccess file which contain files access control attributes and place this file under a directory.  httpd.conf use following statement to restrict users access .htaccess through Internet: Order allow,deny Deny from all  For the previous web site, we can move the authentication setting to a .htaccess .  also need to change: AllowOverride AuthConfig Order allow,deny Allow from all  AllowOverride AuthConfig  Allow to use a .htaccess file to override the authenication setting.  Under the directory /var/www/site1, create a file with name ‘.htaccess’ and the content is: AuthName "Protected Directory" AuthType Basic AuthUserFile /var/www/httpusers require valid-user