Académique Documents
Professionnel Documents
Culture Documents
Command Reason
Introduction
ifconfig Provides a way of configuring network cards.
This guide was created as reference for the networking part of my
Computer Security course. It is a practical how-to on basic Linux route Allows you to define gateways.
networking tips and contains practical advice on how to get up and ping Allows you to check if a host is up.
running.
This pamphlet contains very little theory and is not intended as a one Step One: Configuring your interfaces:
stop shop for network exam questions. I hope you find this useful. Before we can do anything we need to configure the interface you
want to use. First, check what interfaces are available:
Table of Contents ifconfig -a
2n=amount of hosts Now we are finally ready to connect to the network. We can do this
easily using the ifconfig command. The general syntax of the
So, for example, if we had a network with the address and prefix of command is:
172.168.50.0/29 we would have 8 hosts per subnet. We can work this
ifconfig [interface] [operation]
out by doing:
32−29=3 So if we wanted to connect our computer to the 172.168.50.0/29
network with the IP address 172.168.50.1 we would type at the
23=8 terminal:
ifconfig eth0 172.168.50.1/29
A Word About Subnets Finally, we can confirm that we are connected to the network by
issuing a single ifconfig command.
Just because you have 8 hosts in your subnet doesn't mean that you
have 8 hosts available. The bottommost address is reserved and the
topmost address is a broadcast address. Meaning in a subnet with 8
hosts, only 6 are usable.
A note on DNS...
A DNS server isn't automatically agreed upon when you statically Save and close nano with Ctrl-O and Ctrl-X and we are done!
configure your network like it is when you use DHCP. Therefore you
will have to configure it.
From the previous examples, imagining that DNS1 is the DNS server
– because our network manager is very imaginative with names – and
we wanted to configure GW1 and CLIENT1 to use DNS1 as their
DNS server we would need to define it in a configuration file named
resolv.conf.
Typically the only line is resolv.conf is:
nameserver [ip address here]
Deleting a rule.
iptables -D [policy] [ID]
INPUT FORWARD OUTPUT Policy: The table you want to reference. Needs to be INPUT,
FORWARD or OUTPUT.
ID: With the first rule in the policy starting as one, the rule
number as counted from the top down.
Firewall
For example, if I wanted to delete the third rule in the FORWARD
policy I would use the command:
Internet iptables -D FORWARD 3
Imagine that you have just booted the firewall, configured the
network interfaces and enabled forwarding. We have three firewall
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
tasks we need to do.
pkts bytes target prot opt in out source destination
1. Change the default FORWARD policy behaviour from
ACCEPT to DROP.
2. Create a rule to allow tcp port 80 traffic to WWW.
3. Create a rule to allow traffic from WWW back to the internet
on port 80.
The changes here are in the -s(port) flags and the switching of
interfaces for the -i and the -o flags. The reason we have switched the
interfaces on the -i and -o flags is because the interface the packet
sees on the return leg of the journey first is eth0 and it leaves on eth1.
License.