1,576
edits
Changes
no edit summary
{{Admon/caution|THIS IS AN OLD VERSION OF THE LAB|'''This is an archived version. Do not use this in your OPS235 course.'''}}
=LAB PREPARATION=
# In the '''IPv4 Settings''' tab change the method from "Automatic (DHCP)" to '''"Manual"'''.
# In the Addresses section, enter the following information:
#: IP Address: '''192.168.235.1211'''
#: Subnet Mask: '''255.255.255.0'''
#: Default Gateway: The IP address of '''virbr1''' on your centos host.
# When finished, check your settings, and then click the '''Apply''' button.
# Open a terminal and issue the '''ifconfig''' command to confirm the IP ADDRESS settings change.
# Verify that '''centos2centos1'''VM is now connected to the VPN by issuing the following command from your '''c7host''' machine:<br><b><code><span style="color:#3366CC;font-size:1.2em;">ping 192.168.235.1211</span></code></b>
'''Answer Part 2 observations / questions in your lab log book.'''
== Part 3: Backing up Only Recent File Changes ==
This part is a repeat of part2, except we will be demonstrating how to use the '''find''' command to backup recent changes to files. In this case, we will save date/time stamp information in a file, configure to connect '''centos1centos2''' to the network, run the '''find''' command, and prove that the incremental backup worked (showing the files created as a result of the configuration of centos1 to the VPN).
{| width="40%" align="right" cellpadding="10"
|}
# Keep your '''centos2centos1''' VM running (you will need it running later in this lab).# Start the '''centos1centos2''' VM and login# Before we configure centos1 centos2 network configuration, we should create a timestamp file that can be used to see which files have changed as a result of using the GUI tool. Issue the following command:
#: <b><code><span style="color:#3366CC;font-size:1.2em;">date > /tmp/timestamp</span></code></b>
# Run the network configuration tool and enter the following static configuration in the same way that you configured '''centos2centos1'''.#* IP Address: '''192.168.235.1112'''
#* Subnetmask: '''255.255.255.0'''
#* Default Gateway: '''192.168.235.1'''
#: <b>nameserver 192.168.235.1</b>
# Save your editing session.
# Confirm your settings work by doing the following(you might need to do the steps '''3''' and '''4''' a few times before it works; keep checking with the commands below and wait a bit before each attempt):
#: <b><code><span style="color:#3366CC;font-size:1.2em;">ifconfig</span></code></b>
#:<b><code><span style="color:#3366CC;font-size:1.2em;">route -n</span></code></b>
#::NETMASK="255.255.255.0"
#::GATEWAY="192.168.235.1"
#::HWADDR="52:54:00:3f:5c:fa" <-- '''use the DO NOT COPY THIS VALUE! Use MAC address for YOUR interfaceusing:''' <code><span style="color:#3366CC;font-size:1.2em;">ifconfig eth0</span></code>
#::DNS1="192.168.235.1" '''
#::BOOTPROTO="static"
'''Answer Part 4 observations / questions in your lab log book.'''
=INVESTIGATION 2: VIRTUAL NETWORKING ENVIRONMENT TWEAKS AND OTHER USEFUL UTILITIES=
=== Making iptables Policies Persistent ===
It should be noted that all of the commands that we do here with iptables will not be persistent unless you have your configuration. That means if you re-boot, the default iptables configuration will be loaded. When your iptables service starts or at boot time it has to load the rules from the file '''/etc/sysconfig/iptables-config'''.
The final section below teaches you to make your iptables settings permanent.
# Make a backup of the file '''/etc/sysconfig/iptables'''# Examine the file to see how rules are added.# Issue by issuing the command: <br><b><code><span style="color:#3366CC;font-size:1.2em;">iptables-save > /etc/sysconfig/iptables.bk</span></code></b> to save #To make the iptables rules '''persistent''' (i.e. keeps rules when system restarts), you added with issue the iptables command, above: <br><b><code><span style="color:#3366CC;font-size:1.2em;">iptables-save > /etc/sysconfig/iptables</span></code></b># Verify that the file ''''/etc/sysconfig/iptables''' was updated with your new rulesexists.
# Restart your iptables service and test your configuration.
'''Arrange proof of the following on the screen:'''
<ol><li><span style="color:green;font-size:1.5em;">✓</span> '''centos1centos2''' VM:<blockquote><ul><li>Contents of '''/tmp/lab6''' directory.</li></ul><li><span style="color:green;font-size:1.5em;">✓</span> '''centos2''' VM:<ul><li>'''ssh''' from centos2 to the CentOS host</li></ul></blockquote></li></li><li><span style="color:green;font-size:1.5em;">✓</span> '''<u>All</u> VMs''':<blockquote><ul><li>'''ifconfig''' information</li><li>Contents of '''/etc/hosthosts''' file</li></ul></blockquote></li><li><span style="color:green;font-size:1.5em;">✓</span>'''c7host''' machine<blockquote><ul><li>'''arp''' cache information</li><li>Contents of '''/etc/hosthosts''' file</li><li>Proof of backup</li><li>A list of your '''iptables''' rules</li></ul></blockquote></li><li><span style="color:green;font-size:1.5em;">✓</span> '''Lab6''' log-book filled out.</li></ol>
= Preparing for = Practice For Quizzes , Tests, Midterm & Final Exam ==
# What is a port?
