Olaf Kirch amp; Terry Dawson Linux Network Administrator's Guide, 2nd Edition Preface Purpose and Audience for This Book Sources of Information Documentation Available via FTP Documentation Available via WWW Documentation Available Commercially Linux Journal and Linux Magazine Linux Usenet Newsgroups Linux Mailing Lists Online Linux Support Linux User Groups Obtaining Linux File System Standards Standard Linux Base About This Book The Official Printed Version Overview Conventions Used in This Book Submitting Changes Acknowledgments The Hall of Fame Chapter 1. Introduction to Networking History TCP/IP Networks Introduction to TCP/IP Networks Ethernets Other Types of Hardware The Internet Protocol IP Over Serial Lines The Transmission Control Protocol The User Datagram Protocol More on Ports The Socket Library UUCP Networks Linux Networking Different Streaks of Development Where to Get the Code Maintaining Your System System Security Chapter 2. Issues of TCP/IP Networking Networking Interfaces IP Addresses Address Resolution IP Routing IP Networks Subnetworks Gateways The Routing Table Metric Values The Internet Control Message Protocol Resolving Host Names Chapter 3. Configuring the Networking Hardware Kernel Configuration Kernel Options in Linux 2.0 and Higher Kernel Networking Options in Linux 2.0.0 and Higher A Tour of Linux Network Devices Ethernet Installation Ethernet Autoprobing The PLIP Driver The PPP and SLIP Drivers Other Network Types Chapter 4. Configuring the Serial Hardware Communications Software for Modem Links Introduction to Serial Devices Accessing Serial Devices The Serial Device Special Files Serial Hardware Using the Configuration Utilities The setserial Command The stty Command Serial Devices and the login: Prompt Configuring the mgetty Daemon Chapter 5. Configuring TCP/IP Networking Mounting the /proc Filesystem Installing the Binaries Setting the Hostname Assigning IP Addresses Creating Subnets Writing hosts and networks Files Interface Configuration for IP The Loopback Interface Ethernet Interfaces Routing Through a Gateway Configuring a Gateway The PLIP Interface The SLIP and PPP Interfaces The Dummy Interface IP Alias All About ifconfig The netstat Command Displaying the Routing Table Displaying Interface Statistics Displaying Connections Checking the ARP Tables Chapter 6. Name Service and Resolver Configuration The Resolver Library The host.conf File The nsswitch.conf File Configuring Name Server Lookups Using resolv.conf Resolver Robustness How DNS Works Name Lookups with DNS Types of Name Servers The DNS Database Reverse Lookups Running named The named.boot File The BIND 8 host.conf File The DNS Database Files Caching-only named Configuration Writing the Master Files Verifying the Name Server Setup Other Useful Tools Chapter 7. Serial Line IP General Requirements SLIP Operation Dealing with Private IP Networks Using dip A Sample Script A dip Reference The modem commands The echo command The get command The print command Variable names The if and goto commands send, wait, and sleep mode and default Running in Server Mode Chapter 8. The Point-to-Point Protocol PPP on Linux Running pppd Using Options Files Using chat to Automate Dialing IP Configuration Options Choosing IP Addresses Routing Through a PPP Link Link Control Options General Security Considerations Authentication with PPP PAP Versus CHAP The CHAP Secrets File The PAP Secrets File Debugging Your PPP Setup More Advanced PPP Configurations PPP Server Demand Dialing Persistent Dialing Chapter 9. TCP/IP Firewall Methods of Attack What Is a Firewall? What Is IP Filtering? Setting Up Linux for Firewalling Kernel Configured with IP Firewall The ipfwadm Utility The ipchains Utility The iptables Utility Three Ways We Can Do Filtering Original IP Firewall (2.0 Kernels) Using ipfwadm A naïve example An important refinement Listing our rules A More Complex Example Summary of ipfwadm Arguments Categories Commands Parameters Optional arguments ICMP datagram types IP Firewall Chains (2.2 Kernels) Using ipchains ipchains Command Syntax Commands Rule specification parameters Options Our Naïve Example Revisited Listing Our Rules with ipchains Making Good Use of Chains User-defined chains The ipchains support scripts Netfilter and IP Tables (2.4 Kernels) Backward Compatability with ipfwadm and ipchains Using iptables Commands Rule specification parameters Options Extensions TCP Extensions: used with -m tcp -p tcp UDP Extensions: used with -m udp -p udp ICMP Extensions: used with -m icmp -p icmp MAC Extensions: used with -m mac Our Naïve Example Revisited, Yet Again TOS Bit Manipulation Setting the TOS Bits Using ipfwadm or ipchains Setting the TOS Bits Using iptables Testing a Firewall Configuration A Sample Firewall Configuration Chapter 10. IP Accounting Configuring the Kernel for IP Accounting Configuring IP Accounting Accounting by Address Accounting by Service Port Accounting of ICMP Datagrams Accounting by Protocol Using IP Accounting Results Listing Accounting Data with ipfwadm Listing Accounting Data with ipchains Listing Accounting Data with iptables Resetting the Counters Flushing the Ruleset Passive Collection of Accounting Data Chapter 11. IP Masquerade and Network Address Translation Side Effects and Fringe Benefits Configuring the Kernel for IP Masquerade Configuring IP Masquerade Setting Timing Parameters for IP Masquerade Handling Name Server Lookups More About Network Address Translation Chapter 12. Important Network Features The inetd Super Server The tcpd Access Control Facility The Services and Protocols Files Remote Procedure Call Configuring Remote Login and Execution Disabling the r; Commands Installing and Configuring ssh The ssh daemon The ssh client Using ssh Chapter 13. The Network Information System Getting Acquainted with NIS NIS Versus NIS+ The Client Side of NIS Running an NIS Server NIS Server Security Setting Up an NIS Client with GNU libc Choosing the Right Maps Using the passwd and group Maps Using NIS with Shadow Support Chapter 14. The Network File System Preparing NFS Mounting an NFS Volume The NFS Daemons The exports File Kernel-Based NFSv2 Server Support Kernel-Based NFSv3 Server Support Chapter 15. IPX and the NCP Filesystem Xerox, Novell, and History IPX and Linux Caldera Support More on NDS Support Configuring the Kernel for IPX and NCPFS Configuring IPX Interfaces Network Devices Supporting IPX IPX Interface Configuration Tools The ipx_configure Command The ipx_interface Command Configuring an IPX Router Static IPX Routing Using the ipx_route Command Internal IPX Networks and Routing Mounting a Remote NetWare Volume A Simple ncpmount Example The ncpmount Command in Detail Hiding Your NetWare Login Password A More Complex ncpmount Example Exploring Some of the Other IPX Tools Server List Send Messages to NetWare Users Browsing and Manipulating Bindery Data Printing to a NetWare Print Queue Using nprint with the Line Printer Daemon Managing Print Queues NetWare Server Emulation Chapter 16. Managing Taylor UUCP UUCP Transfers and Remote Execution The Inner Workings of uucico uucico Command-line Options UUCP Configuration Files A Gentle Introduction to Taylor UUCP What UUCP Needs to Know Site Naming Taylor Configuration Files General Configuration Options Using the config File How to Tell UUCP About Other Systems Using the sys File System name Telephone number port and speed The login chat Alternates Restricting call times Identifying Available Devices Through the port File How to Dial a Number Using the dial File UUCP Over TCP Using a Direct Connection Controlling Access to UUCP Features Command Execution File Transfers Forwarding Setting Up Your System for Dialing In Providing UUCP Accounts Protecting Yourself Against Swindlers Be Paranoid: Call Sequence Checks Anonymous UUCP UUCP Low-Level Protocols Protocol Overview Tuning the Transmission Protocol Selecting Specific Protocols Troubleshooting uucico Keeps Saying "Wrong Time to Call" uucico Complains That the Site Is Already Locked You Can Connect to the Remote Site, but the Chat Script Fails Your Modem Does Not Dial Your Modem Tries to Dial but Doesn't Get Out Login Succeeds, but the Handshake Fails Log Files and Debugging Chapter 17. Electronic Mail What Is a Mail Message? How Is Mail Delivered? Email Addresses RFC-822 Obsolete Mail Formats Mixing Different Mail Formats How Does Mail Routing Work? Mail Routing on the Internet Mail Routing in the UUCP World Mixing UUCP and RFC-822 Configuring elm Global elm Options National Character Sets Chapter 18. Sendmail Introduction to sendmail Installing sendmail Overview of Configuration Files The sendmail.cf and sendmail.mc Files Two Example sendmail.mc Files Typically Used sendmail.mc Parameters Comments VERSIONID and OSTYPE DOMAIN FEATURE Local macro definitions Defining mail transport protocols Configure mail routing for local hosts Generating the sendmail.cf File Interpreting and Writing Rewrite Rules sendmail.cf R and S Commands Some Useful Macro Definitions The Lefthand Side The Righthand Side A Simple Rule Pattern Example Ruleset Semantics Interpreting the rule in our example Configuring sendmail Options Some Useful sendmail Configurations Trusting Users to Set the From: Field Managing Mail Aliases Using a Smart Host Managing Unwanted or Unsolicited Mail (Spam) The Real-time Blackhole List The access database Barring users from receiving mail Configuring Virtual Email Hosting Accepting mail for other domains Forwarding virtual-hosted mail to other destinations Testing Your Configuration Running sendmail Tips and Tricks Managing the Mail Spool Forcing a Remote Host to Process its Mail Queue Analyzing Mail Statistics mailstats hoststat Chapter 19. Getting Exim Up and Running Running Exim If Your Mail Doesn't Get Through Compiling Exim Mail Delivery Modes Miscellaneous config Options Message Routing and Delivery Routing Messages Delivering Messages to Local Addresses Local users Forwarding Alias Files Mailing Lists Protecting Against Mail Spam UUCP Setup Chapter 20. Netnews Usenet History What Is Usenet, Anyway? How Does Usenet Handle News? Chapter 21. C News Delivering News Installation The sys File The active File Article Batching Expiring News Miscellaneous Files Control Messages The cancel Message newgroup and rmgroup The checkgroups Message sendsys, version, and senduuname C News in an NFS Environment Maintenance Tools and Tasks Chapter 22. NNTP and the nntpd Daemon The NNTP Protocol Connecting to the News Server Pushing a News Article onto a Server Changing to NNRP Reader Mode Listing Available Groups Listing Active Groups Posting an Article Listing New Articles Selecting a Group on Which to Operate Listing Articles in a Group Retrieving an Article Header Only Retrieving an Article Body Only Reading an Article from a Group Installing the NNTP Server Restricting NNTP Access NNTP Authorization nntpd Interaction with C News Chapter 23. Internet News Some INN Internals Newsreaders and INN Installing INN Configuring INN: the Basic Setup INN Configuration Files Global Parameters The inn.conf file Configuring Newsgroups The active and newsgroups files Configuring Newsfeeds The newsfeeds file The nntpsend.ctl file Controlling Newsreader Access The incoming.conf file The nnrp.access file Expiring News Articles The expire.ctl file Handling Control Messages The control.ctl file Running INN Managing INN: The ctlinnd Command Add a New Group Change a Group Remove a Group Renumber a Group Allow/Disallow Newsreaders Reject Newsfeed Connections Allow Newsfeed Connections Disable News Server Restart News Server Display Status of a Newsfeed Drop a Newsfeed Begin a Newsfeed Cancel an Article Chapter 24. Newsreader Configuration tin Configuration trn Configuration nn Configuration Appendix A. Example Network: The Virtual Brewery Connecting the Virtual Subsidiary Network Appendix B. Useful Cable Configurations A PLIP Parallel Cable A Serial NULL Modem Cable Appendix C. Copyright Information Preamble Applicability and Definitions Verbatim Copying Copying in Quantity Modifications Combining Documents Collections of Documents Aggregation with Independent Works Translation Termination Future Revisions of this License Appendix D. SAGE: The System Administrators Guild
Olaf Kirch amp; Terry Dawson Linux Network Administrator's Guide, 2nd Edition Preface The Internet is now a household term in many countries. With otherwise serious people beginning to joyride along the Information Superhighway, computer networking seems to be moving toward the status of TV sets and microwave ovens. The Internet has unusually high media coverage, and social science majors are descending on Usenet newsgroups, online virtual reality environments, and the Web to conduct research on the new "Internet Culture."
Of course, networking has been around for a long time. Connecting computers to form local area networks has been common practice, even at small installations, and so have long-haul links using transmission lines provided by telecommunications companies. A rapidly growing conglomerate of world-wide networks has, however, made joining the global village a perfectly reasonable option for even small non-profit organizations of private computer users. Setting up an Internet host with mail and news capabilities offering dialup and ISDN access has become affordable, and the advent of DSL (Digital Subscriber Line) and Cable Modem technologies will doubtlessly continue this trend.
Talking about computer networks often means talking about Unix. Of course, Unix is not the only operating system with network capabilities, nor will it remain a frontrunner forever, but it has been in the networking business for a long time, and will surely continue to be for some time to come.
What makes Unix particularly interesting to private users is that there has been much activity to bring free Unix-like operating systems to the PC, such as 386BSD, FreeBSD, and Linux.
Linux is a freely distributable Unix clone for personal computers. It currently runs on a variety of machines that includes the Intel family of processors, but also Motorola 680x0 machines, such as the Commodore Amiga and Apple Macintosh; Sun SPARC and Ultra-SPARC machines; Compaq Alphas; MIPS; PowerPCs, such as the new generation of Apple Macintosh; and StrongARM, like the rebel.com Netwinder and 3Com Palm machines. Linux has been ported to some relatively obscure platforms, like the Fujitsu AP-1000 and the IBM System 3/90. Ports to other interesting architectures are currently in progress in developers' labs, and the quest to move Linux into the embedded controller space promises success.
Linux was developed by a large team of volunteers across the Internet. The project was started in 1990 by Linus Torvalds, a Finnish college student, as an operating systems course project. Since that time, Linux has snowballed into a full-featured Unix clone capable of running applications as diverse as simulation and modeling programs, word processors, speech recognition systems, World Wide Web browsers, and a horde of other software, including a variety of excellent games. A great deal of hardware is supported, and Linux contains a complete implementation of TCP/IP networking, including SLIP, PPP, firewalls, a full IPX implementation, and many features and some protocols not found in any other operating system. Linux is powerful, fast, and free, and its popularity in the world beyond the Internet is growing rapidly.
The Linux operating system itself is covered by the GNU General Public License, the same copyright license used by software developed by the Free Software Foundation. This license allows anyone to redistribute or modify the software (free of charge or for a profit) as long as all modifications and distributions are freely distributable as well. The term "free software" refers to freedom of application, not freedom of cost.
