Vpn Server Installation – P2P
Vpn Server Installation – P2P Client
–
–
Vpn Server Installation – P2P
Vpn Server Installation – P2P Client
–
–
1 2 3 4 5 6 7 |
route del -net 10.1.0.0 netmask 255.255.255.0 metric 2 route del -net 0.0.0.0 gw 192.162.2.2 netmask 2.2.2.2 dev eth9 route del -net 0.0.0.0 netmask 2.2.2.2 gw 192.162.2.2 dev eth9 route del -net 10.1.0.0 netmask 255.255.255.0 |
I have found the cause of this is having any interfaces defined in /etc/network/interfaces ( besides lo ) defined as auto. To correct this problem, the recommended solution is to remove your interfaces from this file, and set them up with network manager. Leaving /etc/network/interfaces looking like the default:
1 |
nano /etc/init/failsafe.conf |
Around 25 lines down in the file you will see a section:
1 2 3 4 5 6 7 8 9 10 |
# Plymouth errors should not stop the script because we *must* reach # the end of this script to avoid letting the system spin forever # waiting on it to start. $PLYMOUTH message --text="Waiting for network configuration..." || : sleep 40 $PLYMOUTH message --text="Waiting up to 60 more seconds for network configuration..." || : sleep 59 $PLYMOUTH message --text="Booting system without full network configuration..." || : To solve the problem, you can just remove the calls to sleep, by commenting the out ( or at least reduce the wait time if your network really does need to wait ) |
1 2 3 4 5 6 7 8 9 |
# Plymouth errors should not stop the script because we *must* reach # the end of this script to avoid letting the system spin forever # waiting on it to start. $PLYMOUTH message --text="Waiting for network configuration..." || : #sleep 4 $PLYMOUTH message --text="Waiting up to 60 more seconds for network configuration..." || : #sleep 2 $PLYMOUTH message --text="Booting system without full network configuration..." || : |
The NFS server exposes the internal directory as the /export folder, which is bind-mounted on the host. The Docker host then mounts this folder using the NFS protocol to its /mnt folder. Then a so-called infrastructure container is created which binds the mount folder.
For Ubuntu :
1 |
apt-get install nfs-kernel-server mkdir /export chmod 777 /export |
1 |
mount --bind /opt/test/db /export |
1 2 3 |
$ mount -t nfs 127.0.0.1:/export /mnt $ exportfs -a $ service nfs-kernel-server restart |
NFS server on CentOS 7.
Network File System (NFS) is a popular distributed filesystem protocol that enables users to mount remote directories on their server.
hostname server1.example.com and IP as 192.168.0.100
1 2 3 4 5 6 7 8 9 10 |
yum install nfs-utils #directory that will be shared by NFS: mkdir /var/nfsshare #Change the permissions of the folder as follows: chmod -R 755 /var/nfsshare chown nfsnobody:nfsnobody /var/nfsshare |
Now create the
1 2 3 4 5 6 7 8 9 10 |
mkdir /var/nfsshare as shared folder, systemctl enable rpcbind systemctl enable nfs-server systemctl enable nfs-lock systemctl enable nfs-idmap systemctl start rpcbind systemctl start nfs-server systemctl start nfs-lock systemctl start nfs-idmap |
Now we will share the NFS directory over the network a follows:
nano /etc/exports
We will make two sharing points /home and /var/nfsshare. Edit the exports file as follows:
1 2 |
/var/nfsshare 192.168.0.101(rw,sync,no_root_squash,no_all_squash) /home 192.168.0.101(rw,sync,no_root_squash,no_all_squash) |
Note 192.168.0.101 is the IP of client machine, if you wish that any other client should access it you need to add the it IP wise other wise you can add “*” instead of IP for all IP access.
Condition is that it must be pingable at both ends.
start the NFS service:
1 |
systemctl restart nfs-server |
Again we need to add the NFS service override in CentOS 7 firewall-cmd public zone service as:
1 2 3 4 |
firewall-cmd --permanent --zone=public --add-service=nfs firewall-cmd --permanent --zone=public --add-service=mountd firewall-cmd --permanent --zone=public --add-service=rpc-bind firewall-cmd --reload |
Now we are ready with the NFS server part.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
yum install nfs-utils # Now create the NFS directory mount points: mkdir -p /mnt/nfs/home mkdir -p /mnt/nfs/var/nfsshare # Mount the NFS shared home directory in the client machine as shown below: mount -t nfs 192.168.0.100:/home /mnt/nfs/home/ # Multi Mount mount -t nfs 192.168.0.100:/var/nfsshare /mnt/nfs/var/nfsshare/ df -kh [root@client1 ~]# df -kh Filesystem Size Used Avail Use% Mounted on 192.168.0.100:/var/nfsshare 39G 980M 38G 3% /mnt/nfs/var/nfsshare 192.168.0.100:/home 19G 33M 19G 1% /mnt/nfs/home # ! Connected touch /mnt/nfs/var/nfsshare/test_nfs |
1 |
nano /etc/fstab |
Add the entries like this:
1 2 3 |
[...] 192.168.0.100:/home /mnt/nfs/home nfs defaults 0 0 192.168.0.100:/var/nfsshare /mnt/nfs/var/nfsshare nfs defaults 0 0 |
Note 192.168.0.100 is the server NFS-share IP address, it will vary in your case.
This will make the permanent mount of the NFS-share.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 |
Anwendung NFS Darstellung XDR Sitzung (Sun-) RPC Transport (UDP) TCP Netzwerk IP (IPv4, IPv6) Netzzugang Ethernet Token Ring FDDI … Das Network File System – abgekürzt NFS (auch Network File Service) – ist ein von Sun Microsystems entwickeltes Protokoll, das den Zugriff auf Dateien über ein Netzwerk ermöglicht. Dabei werden die Dateien nicht wie z. B. bei FTP übertragen, sondern die Benutzer können auf Dateien, die sich auf einem entfernten Rechner befinden, so zugreifen, als ob sie auf ihrer lokalen Festplatte abgespeichert wären. Bei diesem UNIX-Netzwerkprotokoll handelt es sich um einen Internet-Standard (RFC 1094, RFC 1813, RFC 3530, RFC 7530), der auch als verteiltes Dateisystem (englisch distributed file system) bezeichnet wird. # Server-Adresse: 10.0.0.1 # NFSv2, NFSv3: # Exportiert /path/to/directory an alle IPs von 10.0.0.0 bis 10.0.255.255, # und zwar zum Lesen/Schreiben (rw), asynchronem Zugriff (Daten werden # nicht sofort geschrieben) und auch von Ports über 1024 aus (insecure) # # Erreichbar als: 10.0.0.1:/path/to/directory # ### Linux-Systeme /path/to/directory 10.0.0.0/16(rw,async,insecure) ### FreeBSD /path/to/directory -network 10.0.0.0/16 # NFSv4: # Benötigt zur optimalen Funktion eine Freigabe mit der Option fsid=0. # Diese wird als root-Freigabe genutzt und ist als die Freigabe / zu # erreichen. Die anderen Freigaben liegen unterhalb davon. Ansonsten # ist optional eine Authentifizierung/Verschlüsselung mit Kerberos # möglich. # ### Linux-Systeme: # Erreichbar als 10.0.0.1:/ # Wird diese Freigabe eingehängt, so sind alle darunterliegenden # Freigaben logischerweise zugänglich. /path/to/nfsv4/root 10.0.0.0/16(rw,async,insecure,fsid=0) # Erreichbar als 10.0.0.1:/export1 /path/to/nfsv4/root/export1 10.0.0.0/16(rw,async,insecure) ### FreeBSD # Root-Punkt spezifizieren (unter Linux der mit fsid=0 markierte Punkt) V4: /path/to/nfsv4/root -network 10.0.0.0/16 # Freigaben angeben /path/to/nfsv4/root/export1 -network 10.0.0.0/16 Der Client kann eine Freigabe manuell mounten oder ggf. mit einem Eintrag in der Datei fstab automatisieren. REf: Wikipedia. direct content |
1 2 3 4 5 |
# iptables -A INPUT -s IP-ADDRESS -j DROP # iptables -A INPUT -s 65.55.44.100 -j DROP # iptables -A INPUT -s 65.55.44.100 -p tcp --destination-port 25 -j DROP |
CentOS / RHEL / Fedora Block An IP And Save It To Config File
1 2 |
# iptables -A INPUT -s 65.55.44.100 -j DROP # service iptables save |
How Do I Unblock An IP Address?
1 2 3 |
# iptables -D INPUT -s xx.xxx.xx.xx -j DROP # iptables -D INPUT -s 65.55.44.100 -j DROP # service iptables save |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 |
[client] port = 3306 socket = /var/run/mysqld/mysqld.sock [mysqld_safe] socket = /var/run/mysqld/mysqld.sock nice = 0 [mysqld] user = mysql pid-file = /var/run/mysqld/mysqld.pid socket = /var/run/mysqld/mysqld.sock port = 3306 basedir = /usr datadir = /var/lib/mysql tmpdir = /tmp lc-messages-dir = /usr/share/mysql skip-external-locking #skip-locking bu hatalı satır external diyecen bind-address = 78.41.103.72 # 127.0.0.1 key_buffer = 16K max_allowed_packet = 1M thread_stack = 64K #192 thread_cache_size = 8 table_cache = 4 #sorun yok sort_buffer_size = 64K read_buffer_size = 256K read_rnd_buffer_size = 256K net_buffer_length = 2K #sorun yok #skip-bdb #hatali #skip-innodb # hatali myisam-recover = BACKUP query_cache_limit = 1M query_cache_size = 16M expire_logs_days = 10 max_binlog_size = 5M [mysqldump] quick quote-names max_allowed_packet = 16M [mysql] no-auto-rehash [isamchk] key_buffer = 8M sort_buffer_size = 8M [myisamchk] key_buffer = 8M sort_buffer_size = 8M [mysqlhotcopy] interactive-timeout !includedir /etc/mysql/conf.d/ |