Difference between revisions of "OPS335 Web Server Lab"

From CDOT Wiki
Jump to: navigation, search
(Created page with 'FOCUS: Basic Mail (Postfix) Setup This lab will show you how to set up a Postfix email server using a Fedora 13 installed PC. You will need at least two systems to do this lab. T…')
 
Line 1: Line 1:
FOCUS: Basic Mail (Postfix) Setup
+
FOCUS: Basic Apache (Web Server) Setup
This lab will show you how to set up a Postfix email server using a Fedora 13 installed PC.
+
This lab will show you how to set up the Apache Web server using a Fedora 13 installed PC.
 
You will need at least two systems to do this lab. The first could be Fedora on your removable hard drive while the second could be a virtual machine.
 
You will need at least two systems to do this lab. The first could be Fedora on your removable hard drive while the second could be a virtual machine.
PART A - Prerequisites
+
PART A - Prerequisites (same as Lab #4)
 
Your hard drive should have Fedora 13, 64 bit Live edition already installed.
 
Your hard drive should have Fedora 13, 64 bit Live edition already installed.
 
You should have at least one VM installed: also Fedora 13, 64 bit Live edition.
 
You should have at least one VM installed: also Fedora 13, 64 bit Live edition.
Line 9: Line 9:
 
Both host and guest should have all software updated. [ yum update ]
 
Both host and guest should have all software updated. [ yum update ]
 
Ensure the clocks on both machines are set to the correct date and time.
 
Ensure the clocks on both machines are set to the correct date and time.
PART B - Testing your network
+
PART B - Testing your network (same as Lab #4)
  
 
Start Firefox on your host and authenticate yourself on Sene2net with your LEARN account.
 
Start Firefox on your host and authenticate yourself on Sene2net with your LEARN account.
Line 15: Line 15:
 
Start Firefox on your guest.
 
Start Firefox on your guest.
 
Ensure you can surf the web on your guest. NOTE: you should not have to authenticate yourself on the guest.
 
Ensure you can surf the web on your guest. NOTE: you should not have to authenticate yourself on the guest.
PART C - Testing email to the outside world using mailx and sendmail
+
PART C - Install and test Apache
 
+
Now login to vm01 (your guest VM) and install the following three packages, if they are not already installed, like this
Sendmail is installed and running by default on Fedora 13 so there is no need to install it.
+
yum install httpd
Install mailx on both the host and the guest. [ yum install mailx ]
+
yum install httpd-tools
Test email from the host by sending an email to your LEARN account. [ mail -s "PART C3" xxxxxx@learn.senecac.on.ca ]
+
yum install system-config-httpd
Note: xxxxxx is your LEARN ID.
+
Still on vm01 you can now start your web server with this command
Note: after you type in your letter, enter a period in the first column on the last line and hit the ENTER key.
+
service httpd start
Check your LEARN email to see if you got the email. If you did make a note of the return address.
+
Using Firefox on vm01 go to address "localhost". You should get the "Fedora Test Page" which indicates your web server is running. Do not continue until this step works.
Test email from the host by sending an email to your LEARN account. [ mail -s "PART C4" -r hacker@evil.com xxxxxx@learn.senecac.on.ca ]
+
Now create your own test page named index.html and put it into directory /var/www/html/. Reload the Firefox "localhost" web page - you should see your own test page now.  
Note: xxxxxx is your LEARN ID.
+
Try viewing this web page from f13 (the gateway/host). You'll need to enter the IP address of f13 in your Firefox browser. By default this address should be something like 192.168.122.aaa. If this doesn't work you may have to add a rule to the firewall on vm01 to allow incoming connections on port 80.
Note: after you type in your letter, enter a period in the first column on the last line and hit the ENTER key.
+
Edit the /etc/hosts file on each PC in your network and include the IP address and host name for both PCs. Now try accessing your web site by name in stead of IP number. Note: we're not using DNS so /etc/hosts file should work in its place.
Check your LEARN email to see if you got the email. If you did make a note of the return address.
+
Now, as root on f13 (the gateway/host),  try to forward incoming http connections to our server on vm01 (the guest). Use an iptables command something like this
Repeat steps 3 and 4 on the guest machine.
+
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 192.168.122.aaa
PART D - Install and configure Postfix
+
note: aaa is the IP address of your guest VM
On both machines do the following:
+
To test this setup you'll need to ask a classmate on another PC to try to use Firefox to view your web page. S/he'll have to enter your external interface IP number (142.204.141.yyy) in Firefox's address window.  
Stop sendmail. [ service sendmail stop ]
+
Finally, as root on vm01, use the following command to view/adjust your web server parameters:
Install Postfix - yum install postfix
+
system-config-httpd
Edit the Postfix configuration file, /etc/postfix/main.cf, and change the following lines:
+
and change your listen port to 8080 and restart your web server.
mydomain = example.org
+
Go back to f13 and redo your iptables command to forward port 80 connections to the new port 8080 on vm01.
myorigin = $mydomain
+
Verify that other students on other PCs can still view your web page. If this doesn't work you may have to add a rule to the firewall on vm01 to allow connections on port 8080.
inet_interfaces = all
 
mynetworks = 127.0.0.0/8, 192.168.122.0/24
 
relay_domains =
 
Start Postfix [ service postfix start ] on both host and guest machines
 
PART E - Testing email using IP Addresses
 
 
 
If you have problems with the following you may have to set SELinux to permissive mode and/or adjust your firewall to allow traffic to/from port 25.
 
Try sending an email from your guest to your host. [ mail -s "PART E2" yyyyyy@[192.168.122.1] ]
 
Note: yyyyyy is your host ID
 
Note: the square brackets around the host IP address
 
Try sending an email from your host to your guest. [ mail -s "PART E3" zzzzzz@[192.168.122.ZZZ] ]
 
Note: zzzzzz is your guest ID
 
Note: ZZZ is your guest IP address
 
PART F - Set up a DNS server
 
 
 
Refer to Lab #3 and set up a DNS server on your host.
 
Set your host name to f13.
 
Set your guest name to vm01.
 
Set your domain name to example.org.
 
Test your DNS on both host and guest to ensure it works properly.
 
PART F - Test email using host names
 
Now try sending mail to yourself on both machines. For example, as joker on f13, use the command:
 
 
 
$ mail joker@f13
 
the machine will prompt for a subject: enter "testing" without the quotes.
 
Now enter the body of your letter. When you're done, enter a period (.) in column 1 on the last line of your letter. This will signal end-of-file and your letter will be mailed. You should end up back at the $ prompt. If you mess up use CTRL-C to cancel the email, DO NOT USE CTRL-Z.
 
 
 
Use the mailq command (you will need to be root) to view the mail queue.
 
Use the mail command to check if you have mail.
 
PART G - Test your configuration and view your logs
 
Restart your postfix servers on both machines.
 
Check your /var/log/messages file to see that your postfix servers started without error.
 
Send some emails from both guest and host to each other and to the outside world.
 
Check your /var/log/maillog file to see that your email messages were sent correctly.
 
PART H - Learning the mail command
 
Read the mail manual page and learn how it works.
 
 
PART I - Answer the following questions and and email them to your teacher in ASCII text format.
 
PART I - Answer the following questions and and email them to your teacher in ASCII text format.
 
What is your full name and 9-digit Seneca student ID?
 
What is your full name and 9-digit Seneca student ID?
Include a copy of your main.cf file on vm01 (your guest) with this lab - but delete all commented and blank lines first - like this. [ cat /etc/postfix/main.cf | grep -v ^# | awk 'NF > 0 {print $0}'
+
What HTML code did you use for your own web page in step 4? Include the complete listing.
What is the output of the iptables-save command on both your host and guest machines?
+
Give the full path names of the Apache log files.
What firewall rule or rules, if any, did you have to enter on the guest and/or host so that email to/from each other would work?
+
What directory is the default server root?  Give the full path name.
What is the meaning of the square brackets surrounding the IP address in PART E?
+
What directory is the default document root? Give the full path name.
What were your results to PART G? Show log segments to verify your answers.
+
What is the default configuration file for the Apache web server on Fedora 13? Give the full path name.
 +
What is the default maximum number of connections allowed on the server by default?
 +
What user/group does Apache run under on Fedora 13?
 +
What exact command did you use in step 11 of part C?
 +
What specific command (give full details) would you need to use on f13 to forward ssh connections to vm01?
 +
What is the web site for Apache?
 +
What is Apache's current version number? Note: this may be different from the version running on Fedora 13.
 +
What is displayed by the iptables-save command on both f13 and vm01 at the end of this lab?
 +
Finally, show part (a small segment) of the Apache access log file that indicate successful access to your web site.

Revision as of 21:34, 30 August 2011

FOCUS: Basic Apache (Web Server) Setup This lab will show you how to set up the Apache Web server using a Fedora 13 installed PC. You will need at least two systems to do this lab. The first could be Fedora on your removable hard drive while the second could be a virtual machine. PART A - Prerequisites (same as Lab #4) Your hard drive should have Fedora 13, 64 bit Live edition already installed. You should have at least one VM installed: also Fedora 13, 64 bit Live edition. Both your host and guest should have default firewalls enabled. Both your host and guest should have SELinux enabled. Both host and guest should have all software updated. [ yum update ] Ensure the clocks on both machines are set to the correct date and time. PART B - Testing your network (same as Lab #4)

Start Firefox on your host and authenticate yourself on Sene2net with your LEARN account. Ensure you can surf the web on your host machine. Start Firefox on your guest. Ensure you can surf the web on your guest. NOTE: you should not have to authenticate yourself on the guest. PART C - Install and test Apache Now login to vm01 (your guest VM) and install the following three packages, if they are not already installed, like this yum install httpd yum install httpd-tools yum install system-config-httpd Still on vm01 you can now start your web server with this command service httpd start Using Firefox on vm01 go to address "localhost". You should get the "Fedora Test Page" which indicates your web server is running. Do not continue until this step works. Now create your own test page named index.html and put it into directory /var/www/html/. Reload the Firefox "localhost" web page - you should see your own test page now. Try viewing this web page from f13 (the gateway/host). You'll need to enter the IP address of f13 in your Firefox browser. By default this address should be something like 192.168.122.aaa. If this doesn't work you may have to add a rule to the firewall on vm01 to allow incoming connections on port 80. Edit the /etc/hosts file on each PC in your network and include the IP address and host name for both PCs. Now try accessing your web site by name in stead of IP number. Note: we're not using DNS so /etc/hosts file should work in its place. Now, as root on f13 (the gateway/host), try to forward incoming http connections to our server on vm01 (the guest). Use an iptables command something like this iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 192.168.122.aaa note: aaa is the IP address of your guest VM To test this setup you'll need to ask a classmate on another PC to try to use Firefox to view your web page. S/he'll have to enter your external interface IP number (142.204.141.yyy) in Firefox's address window. Finally, as root on vm01, use the following command to view/adjust your web server parameters: system-config-httpd and change your listen port to 8080 and restart your web server. Go back to f13 and redo your iptables command to forward port 80 connections to the new port 8080 on vm01. Verify that other students on other PCs can still view your web page. If this doesn't work you may have to add a rule to the firewall on vm01 to allow connections on port 8080. PART I - Answer the following questions and and email them to your teacher in ASCII text format. What is your full name and 9-digit Seneca student ID? What HTML code did you use for your own web page in step 4? Include the complete listing. Give the full path names of the Apache log files. What directory is the default server root? Give the full path name. What directory is the default document root? Give the full path name. What is the default configuration file for the Apache web server on Fedora 13? Give the full path name. What is the default maximum number of connections allowed on the server by default? What user/group does Apache run under on Fedora 13? What exact command did you use in step 11 of part C? What specific command (give full details) would you need to use on f13 to forward ssh connections to vm01? What is the web site for Apache? What is Apache's current version number? Note: this may be different from the version running on Fedora 13. What is displayed by the iptables-save command on both f13 and vm01 at the end of this lab? Finally, show part (a small segment) of the Apache access log file that indicate successful access to your web site.