Linux Networking Cookbook
Linux Networking Cookbook By Carla Schroder
November 2007
Pages: 638

| Table of Contents | Index | Sample Chapter | Forum | Colophon

Table of Contents

  1. Chapter 1 Introduction to Linux Networking

    1. Introduction

  2. Chapter 2 Building a Linux Gateway on a Single-Board Computer

    1. Introduction

    2. Getting Acquainted with the Soekris 4521

    3. Configuring Multiple Minicom Profiles

    4. Installing Pyramid Linux on a Compact Flash Card

    5. Network Installation of Pyramid on Debian

    6. Network Installation of Pyramid on Fedora

    7. Booting Pyramid Linux

    8. Finding and Editing Pyramid Files

    9. Hardening Pyramid

    10. Getting and Installing the Latest Pyramid Build

    11. Adding Additional Software to Pyramid Linux

    12. Adding New Hardware Drivers

    13. Customizing the Pyramid Kernel

    14. Updating the Soekris comBIOS

  3. Chapter 3 Building a Linux Firewall

    1. Introduction

    2. Assembling a Linux Firewall Box Problem

    3. Configuring Network Interface Cards on Debian

    4. Configuring Network Interface Cards on Fedora

    5. Identifying Which NIC Is Which

    6. Building an Internet-Connection Sharing Firewall on a Dynamic WAN IP Address

    7. Building an Internet-Connection Sharing Firewall on a Static WAN IP Address

    8. Displaying the Status of Your Firewall

    9. Turning an iptables Firewall Off

    10. Starting iptables at Boot, and Manually Bringing Your Firewall Up and Down

    11. Testing Your Firewall

    12. Configuring the Firewall for Remote SSH Administration

    13. Allowing Remote SSH Through a NAT Firewall

    14. Getting Multiple SSH Host Keys Past NAT

    15. Running Public Services on Private IP Addresses

    16. Setting Up a Single-Host Firewall

    17. Setting Up a Server Firewall

    18. Configuring iptables Logging

    19. Writing Egress Rules

  4. Chapter 4 Building a Linux Wireless Access Point

    1. Introduction

    2. Building a Linux Wireless Access Point

    3. Bridging Wireless to Wired

    4. Setting Up Name Services

    5. Setting Static IP Addresses from the DHCP Server

    6. Configuring Linux and Windows Static DHCP Clients

    7. Adding Mail Servers to dnsmasq

    8. Making WPA2-Personal Almost As Good As WPA-Enterprise

    9. Enterprise Authentication with a RADIUS Server

    10. Configuring Your Wireless Access Point to Use FreeRADIUS

    11. Authenticating Clients to FreeRADIUS

    12. Connecting to the Internet and Firewalling

    13. Using Routing Instead of Bridging

    14. Probing Your Wireless Interface Card

    15. Changing the Pyramid Router's Hostname

    16. Turning Off Antenna Diversity

    17. Managing dnsmasq's DNS Cache

    18. Managing Windows' DNS Caches

    19. Updating the Time at Boot

  5. Chapter 5 Building a VoIP Server with Asterisk

    1. Introduction

    2. Installing Asterisk from Source Code

    3. Installing Asterisk on Debian

    4. Starting and Stopping Asterisk

    5. Testing the Asterisk Server

    6. Adding Phone Extensions to Asterisk and Making Calls

    7. Setting Up Softphones

    8. Getting Real VoIP with Free World Dialup

    9. Connecting Your Asterisk PBX to Analog Phone Lines

    10. Creating a Digital Receptionist

    11. Recording Custom Prompts

    12. Maintaining a Message of the Day

    13. Transferring Calls

    14. Routing Calls to Groups of Phones

    15. Parking Calls

    16. Customizing Hold Music

    17. Playing MP3 Sound Files on Asterisk

    18. Delivering Voicemail Broadcasts

    19. Conferencing with Asterisk

    20. Monitoring Conferences

    21. Getting SIP Traffic Through iptables NAT Firewalls

    22. Getting IAX Traffic Through iptables NAT Firewalls

    23. Using AsteriskNOW, "Asterisk in 30 Minutes"

    24. Installing and Removing Packages on AsteriskNOW

    25. Connecting Road Warriors and Remote Users

  6. Chapter 6 Routing with Linux

    1. Introduction

    2. Calculating Subnets with ipcalc

    3. Setting a Default Gateway

    4. Setting Up a Simple Local Router

    5. Configuring Simplest Internet Connection Sharing

    6. Configuring Static Routing Across Subnets

    7. Making Static Routes Persistent

    8. Using RIP Dynamic Routing on Debian

    9. Using RIP Dynamic Routing on Fedora

    10. Using Quagga's Command Line

    11. Logging In to Quagga Daemons Remotely

    12. Running Quagga Daemons from the Command Line

    13. Monitoring RIPD

    14. Blackholing Routes with Zebra

    15. Using OSPF for Simple Dynamic Routing

    16. Adding a Bit of Security to RIP and OSPF

    17. Monitoring OSPFD

  7. Chapter 7 Secure Remote Administration with SSH

    1. Introduction

    2. Starting and Stopping OpenSSH

    3. Creating Strong Passphrases

    4. Setting Up Host Keys for Simplest Authentication

    5. Generating and Copying SSH Keys

    6. Using Public-Key Authentication to Protect System Passwords

    7. Managing Multiple Identity Keys

    8. Hardening OpenSSH

    9. Changing a Passphrase

    10. Retrieving a Key Fingerprint

    11. Checking Configuration Syntax

    12. Using OpenSSH Client Configuration Files for Easier Logins

    13. Tunneling X Windows Securely over SSH

    14. Executing Commands Without Opening a Remote Shell

    15. Using Comments to Label Keys

    16. Using DenyHosts to Foil SSH Attacks

    17. Creating a DenyHosts Startup File

    18. Mounting Entire Remote Filesystems with sshfs

  8. Chapter 8 Using Cross-Platform Remote Graphical Desktops

    1. Introduction

    2. Connecting Linux to Windows via rdesktop

    3. Generating and Managing FreeNX SSH Keys

    4. Using FreeNX to Run Linux from Windows

    5. Using FreeNX to Run Linux from Solaris, Mac OS X, or Linux

    6. Managing FreeNX Users

    7. Watching Nxclient Users from the FreeNX Server

    8. Starting and Stopping the FreeNX Serve

    9. Configuring a Custom Desktop

    10. Creating Additional Nxclient Sessions

    11. Enabling File and Printer Sharing, and Multimedia in Nxclient

    12. Preventing Password-Saving in Nxclient

    13. Troubleshooting FreeNX

    14. Using VNC to Control Windows from Linux

    15. Using VNC to Control Windows and Linux at the Same Time

    16. Using VNC for Remote Linux -to-Linux Administration

    17. Displaying the Same Windows Desktop to Multiple Remote Users

    18. Changing the Linux VNC Server Password

    19. Customizing the Remote VNC Desktop

    20. Setting the Remote VNC Desktop Size

    21. Connecting VNC to an Existing X Session

    22. Securely Tunneling x11vnc over SSH

    23. Tunneling TightVNC Between Linux and Windows

  9. Chapter 9 Building Secure Cross-Platform Virtual Private Networks with OpenVPN

    1. Introduction

    2. Setting Up a Safe OpenVPN Test Lab

    3. Starting and Testing OpenVPN

    4. Testing Encryption with Static Keys

    5. Connecting a Remote Linux Client Using Static Keys

    6. Creating Your Own PKI for OpenVPN

    7. Configuring the OpenVPN Server for Multiple Clients

    8. Configuring OpenVPN to Start at Boot

    9. Revoking Certificates

    10. Setting Up the OpenVPN Server in Bridge Mode

    11. Running OpenVPN As a Nonprivileged User

    12. Connecting Windows Clients

  10. Chapter 10 Building a Linux PPTP VPN Server

    1. Introduction

    2. Installing Poptop on Debian Linux

    3. Patching the Debian Kernel for MPPE Support

    4. Installing Poptop on Fedora Linux

    5. Patching the Fedora Kernel for MPPE Support

    6. Setting Up a Standalone PPTP VPN Server

    7. Adding Your Poptop Server to Active Directory

    8. Connecting Linux Clients to a PPTP Server

    9. Getting PPTP Through an iptables Firewall

    10. Monitoring Your PPTP Server

    11. Troubleshooting PPTP

  11. Chapter 11 Single Sign-on with Samba for Mixed Linux/Windows LANs

    1. Introduction

    2. Verifying That All the Pieces Are in Place

    3. Compiling Samba from Source Code

    4. Starting and Stopping Samba

    5. Using Samba As a Primary Domain Controller

    6. Migrating to a Samba Primary Domain Controller from an NT4 PDC

    7. Joining Linux to an Active Directory Domain

    8. Connecting Windows 95/98/ME to a Samba Domain

    9. Connecting Windows NT4 to a Samba Domain

    10. Connecting Windows NT/2000 to a Samba Domain

    11. Connecting Windows XP to a Samba Domain

    12. Connecting Linux Clients to a Samba Domain with Command-Line Programs

    13. Connecting Linux Clients to a Samba Domain with Graphical Programs

  12. Chapter 12 Centralized Network Directory with OpenLDAP

    1. Introduction

    2. Installing OpenLDAP on Debian

    3. Installing OpenLDAP on Fedora

    4. Configuring and Testing the OpenLDAP Server

    5. Creating a New Database on Fedora

    6. Adding More Users to Your Directory

    7. Correcting Directory Entries

    8. Connecting to a Remote OpenLDAP Server

    9. Finding Things in Your OpenLDAP Directory

    10. Indexing Your Database

    11. Managing Your Directory with Graphical Interfaces

    12. Configuring the Berkeley DB

    13. Configuring OpenLDAP Logging

    14. Backing Up and Restoring Your Directory

    15. Refining Access Controls

    16. Changing Passwords

  13. Chapter 13 Network Monitoring with Nagios

    1. Introduction

    2. Installing Nagios from Sources

    3. Configuring Apache for Nagios

    4. Organizing Nagios' Configuration Files Sanely

    5. Configuring Nagios to Monitor Localhost

    6. Configuring CGI Permissions for Full Nagios Web Access

    7. Starting Nagios at Boot

    8. Adding More Nagios Users

    9. Speed Up Nagios with check_icmp

    10. Monitoring SSHD

    11. Monitoring a Web Server

    12. Monitoring a Mail Server

    13. Using Servicegroups to Group Related Services

    14. Monitoring Name Services

    15. Setting Up Secure Remote Nagios Administration with OpenSSH

    16. Setting Up Secure Remote Nagios Administration with OpenSSL

  14. Chapter 14 Network Monitoring with MRTG

    1. Introduction

    2. Installing MRTG

    3. Configuring SNMP on Debian

    4. Configuring SNMP on Fedora

    5. Configuring Your HTTP Service for MRTG

    6. Configuring and Starting MRTG on Debian

    7. Configuring and Starting MRTG on Fedora

    8. Monitoring Active CPU Load

    9. Monitoring CPU User and Idle Times

    10. Monitoring Physical Memory

    11. Monitoring Swap Space and Memory

    12. Monitoring Disk Usage

    13. Monitoring TCP Connections

    14. Finding and Testing MIBs and OIDs

    15. Testing Remote SNMP Queries

    16. Monitoring Remote Hosts

    17. Creating Multiple MRTG Index Pages

    18. Running MRTG As a Daemon

  15. Chapter 15 Getting Acquainted with IPv6

    1. Introduction

    2. Testing Your Linux System for IPv6 Support

    3. Pinging Link Local IPv6 Hosts

    4. Setting Unique Local Unicast Addresses on Interfaces

    5. Using SSH with IPv6

    6. Copying Files over IPv6 with scp

    7. Autoconfiguration with IPv6

    8. Calculating IPv6 Addresses

    9. Using IPv6 over the Internet

  16. Chapter 16 Setting Up Hands-Free Network Installations of New Systems

    1. Introduction

    2. Creating Network Installation Boot Media for Fedora Linux

    3. Network Installation of Fedora Using Network Boot Media

    4. Setting Up an HTTP-Based Fedora Installation Server

    5. Setting Up an FTP-Based Fedora Installation Server

    6. Creating a Customized Fedora Linux Installation

    7. Using a Kickstart File for a Hands-off Fedora Linux Installation

    8. Fedora Network Installation via PXE Netboot

    9. Network Installation of a Debian System

    10. Building a Complete Debian Mirror with apt-mirror

    11. Building a Partial Debian Mirror with apt-proxy

    12. Configuring Client PCs to Use Your Local Debian Mirror

    13. Setting Up a Debian PXE Netboot Server

    14. Installing New Systems from Your Local Debian Mirror

    15. Automating Debian Installations with Preseed Files

  17. Chapter 17 Linux Server Administration via Serial Console

    1. Introduction

    2. Preparing a Server for Serial Console Administration

    3. Configuring a Headless Server with LILO

    4. Configuring a Headless Server with GRUB

    5. Booting to Text Mode on Debian

    6. Setting Up the Serial Console

    7. Configuring Your Server for Dial-in Administration

    8. Dialing In to the Server

    9. Adding Security

    10. Configuring Logging

    11. Uploading Files to the Server

  18. Chapter 18 Running a Linux Dial-Up Server

    1. Introduction

    2. Configuring a Single Dial-Up Account with WvDial

    3. Configuring Multiple Accounts in WvDial

    4. Configuring Dial-Up Permissions for Nonroot Users

    5. Creating WvDial Accounts for Nonroot Users

    6. Sharing a Dial-Up Internet Account

    7. Setting Up Dial-on-Demand

    8. Scheduling Dial-Up Availability with cron

    9. Dialing over Voicemail Stutter Tones

    10. Overriding Call Waiting

    11. Leaving the Password Out of the Configuration File

    12. Creating a Separate pppd Logfile

  19. Chapter 19 Troubleshooting Networks

    1. Introduction

    2. Building a Network Diagnostic and Repair Laptop

    3. Testing Connectivity with ping Problem

    4. Profiling Your Network with FPing and Nmap

    5. Finding Duplicate IP Addresses with arping

    6. Testing HTTP Throughput and Latency with httping

    7. Using traceroute, tcptraceroute, and mtr to Pinpoint Network Problems

    8. Using tcpdump to Capture and Analyze Traffic

    9. Capturing TCP Flags with tcpdump

    10. Measuring Throughput, Jitter, and Packet Loss with iperf

    11. Using ngrep for Advanced Packet Sniffing

    12. Using ntop for Colorful and Quick Network Monitoring

    13. Troubleshooting DNS Servers

    14. Troubleshooting DNS Clients

    15. Troubleshooting SMTP Servers

    16. Troubleshooting a POP3, POP3s, or IMAP Server

    17. Creating SSL Keys for Your Syslog-ng Server on Debian

    18. Creating SSL Keys for Your Syslog-ng Server on Fedora

    19. Setting Up stunnel for Syslog-ng

    20. Building a Syslog Server

  1. Appendix Essential References

  2. Appendix Glossary of Networking Terms

  3. Appendix Linux Kernel Building Reference

    1. Building a Custom Kernel

  4. Colophon

Return to Linux Networking Cookbook