[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: network configuration for Eth0

On Sat May 2 2009, Andrei Popescu wrote:
> > #static setup
> > #auto eth0
> > #iface eth0 inet static
> > #address 192.168.10.103
> > #netmask 255.255.255.0
> > #broadcast 192.168.10.255
> > here is what I have now:
>
> Please re-enable this part (and comment out the dhcp parts) and post the
> output of 'ifup -v eth0' (if it's complaining that it's already
> configured then do a 'ifdown eth0' first).

# ifup -v eth0
Configuring interface eth0=eth0 (inet)
run-parts --verbose /etc/network/if-pre-up.d
run-parts: executing /etc/network/if-pre-up.d/bridge
run-parts: executing /etc/network/if-pre-up.d/iptables
Restoring iptables rules...
run-parts: executing /etc/network/if-pre-up.d/uml-utilities
run-parts: executing /etc/network/if-pre-up.d/vde2

ifconfig eth0 192.168.10.103 netmask 255.255.255.0 broadcast 192.168.10.255 	   	
up
 route add default gw 192.168.10.1  eth0 
run-parts --verbose /etc/network/if-up.d
run-parts: executing /etc/network/if-up.d/000resolvconf
run-parts: executing /etc/network/if-up.d/50firestarter
Stopping the Firestarter firewall....
Starting the Firestarter firewall....
run-parts: executing /etc/network/if-up.d/avahi-daemon
run-parts: executing /etc/network/if-up.d/bind9
run-parts: executing /etc/network/if-up.d/clamav-freshclam-ifupdown
run-parts: executing /etc/network/if-up.d/mountnfs
run-parts: executing /etc/network/if-up.d/ntp
run-parts: executing /etc/network/if-up.d/ntpdate
run-parts: executing /etc/network/if-up.d/openntpd
run-parts: executing /etc/network/if-up.d/openssh-server
run-parts: executing /etc/network/if-up.d/postfix
run-parts: executing /etc/network/if-up.d/uml-utilities

well, that seems to work.
# ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 00:16:76:bc:3f:af  
          inet addr:192.168.10.103  Bcast:192.168.10.255  Mask:255.255.255.0
          inet6 addr: fe80::216:76ff:febc:3faf/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:4743323 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4512344 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:3929836675 (3.6 GiB)  TX bytes:1192756579 (1.1 GiB)
          Memory:dffe0000-e0000000 

part of the problem was 2 files I had worked on that did give me errors, and I 
removed them. 1 was ipv6, the other was an iptables entry. I was trying to 
add an iptables entry to allow ssh & http ports. I can get this to work from 
a shell script, but I don't know where to put it to make it start on boot:
iptables -I INPUT -p tcp -m state --state NEW --dport 80 -i eth0 -j ACCEPT
iptables -I INPUT -p tcp -m state --state NEW --dport 22 -i eth0 -j ACCEPT
/sbin/iptables -N ssh-connection
/sbin/iptables -A ssh-connection -i eth0 -p tcp --dport 22 -m 
recent --update --seconds 600 --hitcount 4 --rttl --name SSH -j 
LOG --log-prefix "SSH_brute_force "
/sbin/iptables -A ssh-connection -i eth0 -p tcp --dport 22 -m 
recent --update --seconds 600 --hitcount 4 --rttl --name SSH -j DROP
/sbin/iptables -A ssh-connection -p tcp --dport 22 -m state --state NEW -m 
recent --set --name SSH -j ACCEPT

-- 
Paul Cartwright
Registered Linux user # 367800
Registered Ubuntu User #12459
Reply to: