Linux Network Administrators Guide


Table of Contents
Preface
Purpose and Audience for This Book
Sources of Information
Documentation Available via FTP
Documentation Available via WWW
Documentation Available Commercially
Linux Journal and Linux Magazine
Linux Usenet Newsgroups
Linux Mailing Lists
Online Linux Support
Linux User Groups
Obtaining Linux
File System Standards
Standard Linux Base
About This Book
The Official Printed Version
Overview
Conventions Used in This Book
Submitting Changes
Acknowledgments
The Hall of Fame
1. Introduction to Networking
History
TCP/IP Networks
Introduction to TCP/IP Networks
Ethernets
Other Types of Hardware
The Internet Protocol
IP Over Serial Lines
The Transmission Control Protocol
The User Datagram Protocol
More on Ports
The Socket Library
UUCP Networks
Linux Networking
Different Streaks of Development
Where to Get the Code
Maintaining Your System
System Security
2. Issues of TCP/IP Networking
Networking Interfaces
IP Addresses
Address Resolution
IP Routing
IP Networks
Subnetworks
Gateways
The Routing Table
Metric Values
The Internet Control Message Protocol
Resolving Host Names
3. Configuringthe NetworkingHardware
Kernel Configuration
Kernel Options in Linux 2.0 and Higher
Kernel Networking Options in Linux 2.0.0 and Higher
A Tour of Linux Network Devices
Ethernet Installation
Ethernet Autoprobing
The PLIP Driver
The PPP and SLIP Drivers
Other Network Types
4. Configuring the Serial Hardware
Communications Software for Modem Links
Introduction to Serial Devices
Accessing Serial Devices
The Serial Device Special Files
Serial Hardware
Using the Configuration Utilities
The setserial Command
The stty Command
Serial Devices and the login: Prompt
Configuring the mgetty Daemon
5. Configuring TCP/IP Networking
Mounting the /proc Filesystem
Installing the Binaries
Setting the Hostname
Assigning IP Addresses
Creating Subnets
Writing hosts and networks Files
Interface Configuration for IP
The Loopback Interface
Ethernet Interfaces
Routing Through a Gateway
Configuring a Gateway
The PLIP Interface
The SLIP and PPP Interfaces
The Dummy Interface
IP Alias
All About ifconfig
The netstat Command
Displaying the Routing Table
Displaying Interface Statistics
Displaying Connections
Checking the ARP Tables
6. Name Service and Resolver Configuration
The Resolver Library
The host.conf File
The nsswitch.conf File
Configuring Name Server Lookups Using resolv.conf
Resolver Robustness
How DNS Works
Name Lookups with DNS
Types of Name Servers
The DNS Database
Reverse Lookups
Running named
The named.boot File
The BIND 8 host.conf File
The DNS Database Files
Caching-only named Configuration
Writing the Master Files
Verifying the Name Server Setup
Other Useful Tools
7. Serial Line IP
General Requirements
SLIP Operation
Dealing with Private IP Networks
Using dip
A Sample Script
A dip Reference
Running in Server Mode
8. The Point-to-Point Protocol
PPP on Linux
Running pppd
Using Options Files
Using chat to Automate Dialing
IP Configuration Options
Choosing IP Addresses
Routing Through a PPP Link
Link Control Options
General Security Considerations
Authentication with PPP
PAP Versus CHAP
The CHAP Secrets File
The PAP Secrets File
Debugging Your PPP Setup
More Advanced PPP Configurations
PPP Server
Demand Dialing
Persistent Dialing
9. TCP/IP Firewall
Methods of Attack
What Is a Firewall?
What Is IP Filtering?
Setting Up Linux for Firewalling
Kernel Configured with IP Firewall
The ipfwadm Utility
The ipchains Utility
The iptables Utility
Three Ways We Can Do Filtering
Original IP Firewall (2.0 Kernels)
Using ipfwadm
A More Complex Example
Summary of ipfwadm Arguments
IP Firewall Chains (2.2 Kernels)
Using ipchains
ipchains Command Syntax
Our Na´ve Example Revisited
Listing Our Rules with ipchains
Making Good Use of Chains
Netfilter and IP Tables (2.4 Kernels)
Backward Compatability with ipfwadmand ipchains
Using iptables
Our Na´ve Example Revisited, Yet Again
TOS Bit Manipulation
Setting the TOS Bits Using ipfwadm or ipchains
Setting the TOS Bits Using iptables
Testing a Firewall Configuration
A Sample Firewall Configuration
10. IP Accounting
Configuring the Kernel for IP Accounting
Configuring IP Accounting
Accounting by Address
Accounting by Service Port
Accounting of ICMP Datagrams
Accounting by Protocol
Using IP Accounting Results
Listing Accounting Data with ipfwadm
Listing Accounting Data with ipchains
Listing Accounting Data with iptables
Resetting the Counters
Flushing the Ruleset
Passive Collection of Accounting Data
11. IP Masquerade and Network Address Translation
Side Effects and Fringe Benefits
Configuring the Kernel for IP Masquerade
Configuring IP Masquerade
Setting Timing Parameters for IP Masquerade
Handling Name Server Lookups
More About Network Address Translation
12. ImportantNetwork Features
The inetd Super Server
The tcpd Access Control Facility
The Services and Protocols Files
Remote Procedure Call
Configuring Remote Loginand Execution
Disabling the r; Commands
Installing and Configuring ssh
13. The Network Information System
Getting Acquainted with NIS
NIS Versus NIS+
The Client Side of NIS
Running an NIS Server
NIS Server Security
Setting Up an NIS Client with GNU libc
Choosing the Right Maps
Using the passwd and group Maps
Using NIS with Shadow Support
14. The NetworkFile System
Preparing NFS
Mounting an NFS Volume
The NFS Daemons
The exports File
Kernel-Based NFSv2 Server Support
Kernel-Based NFSv3 Server Support
15. IPX and the NCP Filesystem
Xerox, Novell, and History
IPX and Linux
Caldera Support
More on NDS Support
Configuring the Kernel for IPXand NCPFS
Configuring IPX Interfaces
Network Devices Supporting IPX
IPX Interface Configuration Tools
The ipx_configure Command
The ipx_interface Command
Configuring an IPX Router
Static IPX Routing Using the ipx_route Command
Internal IPX Networks and Routing
Mounting a Remote NetWare Volume
A Simple ncpmount Example
The ncpmount Command in Detail
Hiding Your NetWare Login Password
A More Complex ncpmount Example
Exploring Some of the Other IPX Tools
Server List
Send Messages to NetWare Users
Browsing and Manipulating Bindery Data
Printing to a NetWare Print Queue
Using nprint with the Line Printer Daemon
Managing Print Queues
NetWare Server Emulation
16. ManagingTaylor UUCP
UUCP Transfers and Remote Execution
The Inner Workings of uucico
uucico Command-line Options
UUCP Configuration Files
A Gentle Introduction to Taylor UUCP
What UUCP Needs to Know
Site Naming
Taylor Configuration Files
General Configuration Options Using the config File
How to Tell UUCP About Other Systems Using the sys File
Identifying Available Devices Through the port File
How to Dial a Number Using the dial File
UUCP Over TCP
Using a Direct Connection
Controlling Access to UUCP Features
Command Execution
File Transfers
Forwarding
Setting Up Your System for Dialing In
Providing UUCP Accounts
Protecting Yourself Against Swindlers
Be Paranoid: Call Sequence Checks
Anonymous UUCP
UUCP Low-Level Protocols
Protocol Overview
Tuning the Transmission Protocol
Selecting Specific Protocols
Troubleshooting
uucico Keeps Saying “Wrong Time to Call”
uucico Complains That the Site Is Already Locked
You Can Connect to the Remote Site, but the Chat Script Fails
Your Modem Does Not Dial
Your Modem Tries to Dial but Doesn't Get Out
Login Succeeds, but the Handshake Fails
Log Files and Debugging
17. Electronic Mail
What Is a Mail Message?
How Is Mail Delivered?
Email Addresses
RFC-822
Obsolete Mail Formats
Mixing Different Mail Formats
How Does Mail Routing Work?
Mail Routing on the Internet
Mail Routing in the UUCP World
Mixing UUCP and RFC-822
Configuring elm
Global elm Options
National Character Sets
18. Sendmail
Introduction to sendmail
Installing sendmail
Overview of Configuration Files
The sendmail.cf and sendmail.mc Files
Two Example sendmail.mc Files
Typically Used sendmail.mc Parameters
Generating the sendmail.cf File
Interpreting and Writing Rewrite Rules
sendmail.cf R and S Commands
Some Useful Macro Definitions
The Lefthand Side
The Righthand Side
A Simple Rule Pattern Example
Ruleset Semantics
Configuring sendmail Options
Some Useful sendmail Configurations
Trusting Users to Set the From: Field
Managing Mail Aliases
Using a Smart Host
Managing Unwanted or Unsolicited Mail (Spam)
Configuring Virtual Email Hosting
Testing Your Configuration
Running sendmail
Tips and Tricks
Managing the Mail Spool
Forcing a Remote Host to Process its Mail Queue
Analyzing Mail Statistics
19. Getting EximUp and Running
Running Exim
If Your Mail Doesn't Get Through
Compiling Exim
Mail Delivery Modes
Miscellaneous config Options
Message Routing and Delivery
Routing Messages
Delivering Messages to Local Addresses
Alias Files
Mailing Lists
Protecting Against Mail Spam
UUCP Setup
20. Netnews
Usenet History
What Is Usenet, Anyway?
How Does Usenet Handle News?
21. C News
Delivering News
Installation
The sys File
The active File
Article Batching
Expiring News
Miscellaneous Files
Control Messages
The cancel Message
newgroup and rmgroup
The checkgroups Message
sendsys, version, and senduuname
C News in an NFS Environment
Maintenance Tools and Tasks
22. NNTP and thenntpd Daemon
The NNTP Protocol
Connecting to the News Server
Pushing a News Article onto a Server
Changing to NNRP Reader Mode
Listing Available Groups
Listing Active Groups
Posting an Article
Listing New Articles
Selecting a Group on Which to Operate
Listing Articles in a Group
Retrieving an Article Header Only
Retrieving an Article Body Only
Reading an Article from a Group
Installing the NNTP Server
Restricting NNTP Access
NNTP Authorization
nntpd Interaction with C News
23. Internet News
Some INN Internals
Newsreaders and INN
Installing INN
Configuring INN: the Basic Setup
INN Configuration Files
Global Parameters
Configuring Newsgroups
Configuring Newsfeeds
Controlling Newsreader Access
Expiring News Articles
Handling Control Messages
Running INN
Managing INN: The ctlinnd Command
Add a New Group
Change a Group
Remove a Group
Renumber a Group
Allow/Disallow Newsreaders
Reject Newsfeed Connections
Allow Newsfeed Connections
Disable News Server
Restart News Server
Display Status of a Newsfeed
Drop a Newsfeed
Begin a Newsfeed
Cancel an Article
24. Newsreader Configuration
tin Configuration
trn Configuration
nn Configuration
A. Example Network:The Virtual Brewery
Connecting the Virtual Subsidiary Network
B. Useful Cable Configurations
A PLIP Parallel Cable
A Serial NULL Modem Cable
C. Linux Network Administrator's Guide, Second Edition Copyright Information
0. Preamble
1. Applicability and Definitions
2. Verbatim Copying
3. Copying in Quantity
4. Modifications
5. Combining Documents
6. Collections of Documents
7. Aggregation with Independent Works
8. Translation
9. Termination
10. Future Revisions of this License
D. SAGE: The SystemAdministrators Guild