User Tools
настройка_шлюза_в_классе
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
|
настройка_шлюза_в_классе [2020/05/22 08:11] val [Ubuntu] |
настройка_шлюза_в_классе [2020/11/28 18:00] val [DNS] |
||
|---|---|---|---|
| Line 3: | Line 3: | ||
| ===== ISP1 ===== | ===== ISP1 ===== | ||
| - | ==== FreeBSD/Ubuntu ==== | + | ==== FreeBSD/Debian/Ubuntu ==== |
| * Сменить пароль | * Сменить пароль | ||
| Line 59: | Line 59: | ||
| </code> | </code> | ||
| - | ==== Ubuntu ==== | + | ==== Debian/Ubuntu ==== |
| <code> | <code> | ||
| root@nessus.isp.un:~# cat /etc/hostname | root@nessus.isp.un:~# cat /etc/hostname | ||
| Line 78: | Line 78: | ||
| iptables -t nat -A POSTROUTING -s 172.16.1.254 -j ACCEPT | iptables -t nat -A POSTROUTING -s 172.16.1.254 -j ACCEPT | ||
| - | iptables -t nat -A POSTROUTING -s 172.16.1.0/24,192.168.0.0/16 -j SNAT --to-source 10.M.N.252 | + | iptables -t nat -A POSTROUTING -s 172.16.1.0/24,192.168.0.0/16 -j SNAT --to-source 10.M.N.178 |
| conntrack -F | conntrack -F | ||
| Line 94: | Line 94: | ||
| iface eth0 inet static | iface eth0 inet static | ||
| pre-up iptables-restore < /etc/iptables.rules | pre-up iptables-restore < /etc/iptables.rules | ||
| - | address 10.N.M.252 | + | address 10.N.M.178 |
| netmask 255.255.255.0 | netmask 255.255.255.0 | ||
| gateway 10.N.M.254 | gateway 10.N.M.254 | ||
| Line 105: | Line 105: | ||
| # up route add -net 192.168.1.0 netmask 255.255.255.0 gw 172.16.1.1 | # up route add -net 192.168.1.0 netmask 255.255.255.0 gw 172.16.1.1 | ||
| # ... | # ... | ||
| - | # up route add -net 192.168.20.0 netmask 255.255.255.0 gw 172.16.1.20 | + | # up route add -net 192.168.55.0 netmask 255.255.255.0 gw 172.16.1.55 |
| </code><code> | </code><code> | ||
| - | # cat route.sh | + | # cat route.bash |
| </code><code> | </code><code> | ||
| - | for i in `jot 20 1` | + | for i in {1..55} |
| do | do | ||
| #route add -net 192.168.${i}.0 netmask 255.255.255.0 gw 172.16.1.${i} | #route add -net 192.168.${i}.0 netmask 255.255.255.0 gw 172.16.1.${i} | ||
| - | #echo up route add -net 192.168.${i}.0 netmask 255.255.255.0 gw 172.16.1.${i} | + | #echo " " up route add -net 192.168.${i}.0 netmask 255.255.255.0 gw 172.16.1.${i} |
| done | done | ||
| </code><code> | </code><code> | ||
| Line 164: | Line 164: | ||
| }; | }; | ||
| - | //For un4, msc | + | //For lin7 (depricate), msc (depricate) |
| zone "168.192.in-addr.arpa" { | zone "168.192.in-addr.arpa" { | ||
| type master; | type master; | ||
| Line 171: | Line 171: | ||
| }; | }; | ||
| - | //for un2, bsd2 | + | //for lin2 |
| zone "corp1.un" IN {type forward;forwarders {192.168.1.10;};}; | zone "corp1.un" IN {type forward;forwarders {192.168.1.10;};}; | ||
| ... | ... | ||
| - | zone "corp20.un" IN {type forward;forwarders {192.168.20.10;};}; | + | zone "corp55.un" IN {type forward;forwarders {192.168.55.10;};}; |
| //zone "corp1.un" IN {type forward;forwarders {172.16.1.1;};}; | //zone "corp1.un" IN {type forward;forwarders {172.16.1.1;};}; | ||
| ... | ... | ||
| - | //zone "corp20.un" IN {type forward;forwarders {172.16.1.20;};}; | + | //zone "corp55.un" IN {type forward;forwarders {172.16.1.55;};}; |
| </code><code> | </code><code> | ||
| # cat un | # cat un | ||
| Line 195: | Line 195: | ||
| openvas.isp A 172.16.1.252 | openvas.isp A 172.16.1.252 | ||
| + | ;for lin1, asterisk1 | ||
| + | ;$GENERATE 1-55 server.corp$ A 172.16.1.$ | ||
| - | ;for un2, bsd2, un3, asterisk2 | + | ;for lin2, asterisk2 |
| - | ;$GENERATE 1-26 ns$ A 172.16.1.$ | + | ;$GENERATE 1-55 ns$ A 172.16.1.$ |
| - | ;$GENERATE 1-26 ns$ A 192.168.$.10 | + | ;$GENERATE 1-55 ns$ A 192.168.$.10 |
| - | ;$GENERATE 1-26 corp$ NS ns$ | + | ;$GENERATE 1-55 corp$ NS ns$ |
| - | ; for uncom, un1, bsd1 | + | ;for lin5 |
| - | ;$GENERATE 27-37 server.corp$ A 172.16.1.$ | + | ;$GENERATE 1-9 router$.isp A 172.16.1.19$ |
| - | + | ||
| - | ;asterisk1 | + | |
| - | ;$GENERATE 1-14 server.corp$ A 172.16.1.$ | + | |
| - | ;$GENERATE 1-9 server.corp$ A 172.16.1.10$ | + | |
| - | ;$GENERATE 10-14 server.corp$ A 172.16.1.1$ | + | |
| + | ;for lin7, lin3 | ||
| + | ;$GENERATE 1-55 server.corp$ A 192.168.$.10 | ||
| + | ;$GENERATE 1-55 www.corp$ A 192.168.$.20 | ||
| + | ;$GENERATE 1-55 gate.corp$ A 192.168.$.1 | ||
| + | ;$GENERATE 1-55 router.corp$ A 192.168.$.1 | ||
| + | ;$GENERATE 1-55 switch.corp$ A 192.168.$.3 | ||
| + | ;$GENERATE 1-55 switch1.corp$ A 192.168.$.3 | ||
| + | ;$GENERATE 1-55 switch2.corp$ A 192.168.$.4 | ||
| + | ;$GENERATE 1-55 switch3.corp$ A 192.168.$.5 | ||
| + | ;$GENERATE 1-9 lan.corp$ A 192.168.10$.10 | ||
| + | ;$GENERATE 10-55 lan.corp$ A 192.168.1$.10 | ||
| + | ;$GENERATE 10-55 corp$ A 192.168.$.10 | ||
| + | ;$GENERATE 10-55 mgmt.corp$ A 192.168.$.20 | ||
| ;for CGP | ;for CGP | ||
| Line 245: | Line 255: | ||
| ;$GENERATE 1-9 comp$ MX 10 mail.comp$ | ;$GENERATE 1-9 comp$ MX 10 mail.comp$ | ||
| ;$GENERATE 1-9 comp$ A 172.16.1.20$ | ;$GENERATE 1-9 comp$ A 172.16.1.20$ | ||
| - | |||
| - | ;for msc, un4, unbez | ||
| - | $GENERATE 38-55 server.corp$ A 192.168.$.10 | ||
| - | $GENERATE 38-55 www.corp$ A 192.168.$.20 | ||
| - | $GENERATE 38-55 gate.corp$ A 192.168.$.1 | ||
| - | $GENERATE 38-55 router.corp$ A 192.168.$.1 | ||
| - | ;$GENERATE 1-9 lan.corp$ A 192.168.10$.10 | ||
| - | $GENERATE 38-55 lan.corp$ A 192.168.1$.10 | ||
| - | $GENERATE 38-55 corp$ A 192.168.$.10 | ||
| - | $GENERATE 38-55 mgmt.corp$ A 192.168.$.20 | ||
| - | </code><code> | ||
| - | # cat 192.168.rev | ||
| - | </code><code> | ||
| - | $TTL 3h | ||
| - | @ SOA ns.un. root.gate.isp.un. 43 1d 12h 1w 3h | ||
| - | |||
| - | NS ns.un. | ||
| - | |||
| - | ;for msc, un4, unbez, !!! not for un3 | ||
| - | ;$GENERATE 40-55 1.$ PTR gate.corp$.un. | ||
| - | $GENERATE 40-55 1.$ PTR router.corp$.un. | ||
| - | |||
| - | $GENERATE 40-55 10.$ PTR server.corp$.un. | ||
| - | $GENERATE 40-55 3.$ PTR switch.corp$.un. | ||
| - | $GENERATE 40-55 20.$ PTR mgmt.corp$.un. | ||
| </code><code> | </code><code> | ||
| # cat isp.dns.sh | # cat isp.dns.sh | ||
| </code><code> | </code><code> | ||
| - | STANDS="1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25" | + | STANDS="1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 51 53 54 55" |
| for i in $STANDS | for i in $STANDS | ||
| Line 293: | Line 278: | ||
| ns A 172.16.1.254 | ns A 172.16.1.254 | ||
| - | ;mail A 192.168.$i.10 | + | mail A 192.168.$i.10 |
| ;mail A 172.16.1.$(( $i + 200)) | ;mail A 172.16.1.$(( $i + 200)) | ||
| EOF | EOF | ||
настройка_шлюза_в_классе.txt · Last modified: 2020/11/28 18:01 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
