Setup SAMBA server on Ubuntu 9.04

Step 1: Installation

#apt-get install samba

Step 2: Configuration

Configuration file : /etc/samba/smb.conf

• Edit below section

Workgroup = EXAMPLE

…………

Security = user

• Create a new section at the bottom of the file /etc/samba/smb.conf

[Samba Share]

Comment= Samba  File Server Share

Path=/path to directory

Browsable = yes

Guest ok = yes

Read only = no

Create mask = 0755

Step 3: Create directory and change permissions

#mkdir /path to directoy

#chown  -R nobody:nobody /path to directory

Step 4 : Restart Samba service

#/etc/init.d/samba restart

Enjoy!!!!!!!!!!!!

Open ports using IPTABLES

If you want your machine to respond to requests initiated from elsewhere on the internet you need to open the required ports. You need to know below details first:

1. Service name you want to open up
2. Is it a tcp or udp service?
3. Port number(s) uses by service?

Example:

To enable ssh access to your box from anywhere on for Class A networks, you could use something like

iptables -A allowed -p tcp –dport 22 -s 10.2.0.0/16 -j ACCEPT
iptables -A allowed -p udp –dport 22 -s 10.2.0.0/16 -j ACCEPT

iptables -A allowed -p tcp –dport 22 -s 10.8.0.0/16 -j ACCEPT
iptables -A allowed -p udp –dport 22 -s 10.8.0.0/16 -j ACCEPT

This allows both udp and tcp traffic from either of the two class A networks to access port 22 on your machine.

Work with tcpwrappers hosts.deny and hosts.allow

You can use tcpwrappers to Block user,ip,daemon from outside or your inside newwork. For allow use host.allow file and to block use host.deny file.

Step 1. Use your favorite editor like vi.

Step 2. Type vi /etc/hosts.deny
Step 3. At the bottom line just type “ALL:ALL:deny” to restricted all of daemon process
Step 4. Save it.
Step 5. Open “/etc/hosts.allow” with vi editor
Step 6. At the buttom line “ALL some ip that you allow):allow” to allow anything from my IP address
Step 7. Save it.

Working with tar and tar Encryption

STEP 1 :  (Using the tar command on the directory /example)

Suppose you have a directory /stuff. To tar everything in stuff to create a “.tar” file.

# tar -cvf example.tar example

It will create example.tar file.

STEP 2 :  (Using the tar command to create a “.tar.gz” of /example)

# tar -czf example.tar.gz example

STEP 3 :  (List the files in the archive)

# tar -tzf example.tar.gz
or
# tar -tf example.tar

STEP 4 :   (ENCRYPTION)

# tar -zcvf – example | openssl des3 -salt -k secretpassword | dd of=example.des3

This will create example.des3…Please don’t forget the password you put in place of secretpassword.

If you want to do this interactively then

# dd if=example.des3 |openssl des3 -d -k secretpassword|tar zxf -

Multiple IP address on Single NIC (Redhat/Fedora)

We can setup two Ipaddress on single NIC.

Below i have mentioned for Redhat/Fedora/CentOs system.

STEP 1 : (Initial/First IP address)

#cat /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0
BOOTPROTO=static
BROADCAST=10.8.0.255
IPADDR=10.8.0.10
NETMASK=255.255.255.0
NETWORK=10.8.0.0
ONBOOT=yes

STEP 2 : (Second IP address)
#cat /etc/sysconfig/network-scripts/ifcfg-eth0:1

DEVICE=eth0:1
BOOTPROTO=static
BROADCAST=10.8.0.255
IPADDR=10.8.0.11
NETMASK=255.255.255.0
NETWORK=10.8.0.0
ONBOOT=yes

View Routing Table and Change your default Gateway

The netstat -nr command will provide the contents of the touting table.

# netstat -nr

Kernel IP routing table

Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface

10.8.0.0        0.0.0.0         255.255.255.0   U         0 0          0 eth0

169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth0

0.0.0.0         10.8.0.1        0.0.0.0         UG        0 0          0 eth0

Change Your Default Gateway

You will need to update your /etc/sysconfig/network file to reflect the change. This file is used to configure your default gateway

NETWORKING=yes
HOSTNAME=newhost
GATEWAY=10.8.0.2

Use of Netstat Commands

Netstat (network statistics) is a command-line tool that displays network connections (both incoming and outgoing), routing tables, and a number of network interface statistics. Netstat is a useful tool for checking your network configuration and activity.

Check tcp connection established on your machine using below command

1: netstat –tcp

% netstat –tcp –numeric
Active Internet connections (w/o servers)

Proto Recv-Q Send-Q Local Address           Foreign Address         State

tcp        0      0 nexubuntu:ldap          nexubuntu:38885         ESTABLISHED

tcp        0      0 nexubuntu:38885         nexubuntu:ldap          ESTABLISHED

tcp        0      0 nexubuntu:ssh           10.8.0.151:50776        ESTABLISHED

tcp        0      0 nexubuntu:microsoft-ds  nexubuntu:59000         ESTABLISHED

tcp        0      0 nexubuntu:38875         nexubuntu:ldap          ESTABLISHED

tcp        0      0 nexubuntu:ldap          nexubuntu:52342         ESTABLISHED

tcp        0      0 nexubuntu:ssh           10.8.0.151:50775        ESTABLISHED

tcp      244      0 nexubuntu:59004         nexubuntu:microsoft-ds  ESTABLISHED

tcp      244      0 nexubuntu:59000         nexubuntu:microsoft-ds  ESTABLISHED

tcp        0      0 nexubuntu:ldap          nexubuntu:38875         ESTABLISHED

tcp        0      0 nexubuntu:microsoft-ds  nexubuntu:59004         ESTABLISHED

tcp        0      0 nexubuntu:52343         nexubuntu:ldap          TIME_WAIT

tcp        0      0 nexubuntu:52342         nexubuntu:ldap          ESTABLISHED

tcp        0      0 nexubuntu:microsoft-ds  nexubuntu:58998         ESTABLISHED

tcp      244      0 nexubuntu:58998         nexubuntu:microsoft-ds  ESTABLISHED

If you want to see what (TCP) ports your machine is listening on, use netstat –tcp –listening. Another useful flag to add to this is –programs which indicates which process is listening on the specified port.

2: netstat –tcp –listening –programs

# sudo netstat –tcp –listening –programs
Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name

tcp        0      0 *:nfs                   *:*                     LISTEN      -

tcp        0      0 *:ldap                  *:*                     LISTEN      2715/slapd

tcp        0      0 *:ftp                   *:*                     LISTEN      3302/vsftpd

tcp        0      0 *:ssh                   *:*                     LISTEN      4022/sshd

tcp        0      0 nexubuntu:postgresql    *:*                     LISTEN      2680/postgres

tcp        0      0 *:smtp                  *:*                     LISTEN      3259/master

tcp        0      0 *:58777                 *:*                     LISTEN      2098/rpc.statd

tcp        0      0 *:microsoft-ds          *:*                     LISTEN      3283/smbd

tcp6       0      0 [::]:ldap               [::]:*                  LISTEN      2715/slapd

tcp6       0      0 [::]:www                [::]:*                  LISTEN      3750/apache2

Uses netstat –route to display the routing table.

3: netstat –route

% netstat –route
Kernel IP routing table

Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface

10.8.0.0        *               255.255.255.0   U         0 0          0 eth0

link-local      *               255.255.0.0     U         0 0          0 eth0

default         mygateway1.ar7  0.0.0.0         UG        0 0          0 eth0

Uses the –statistics flag to display networking statistics.

Using this flag by itself displays all IP, TCP, UDP, and ICMP connection statistics.

4: netstat –statistics –route

Network configuration for Debian

Ip from dhcp

#/etc/network/interfaces
# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet dhcp

For a static IP

#/etc/network/interfaces
# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
address 10.8.0.100
netmask 255.255.255.0
gateway 10.8.0.1
broadcast 10.8.0.255

How to add multiple IP addresses manually

# ifconfig

will output all the configured addresses

eth0: inet addr:10.8.0.10 Bcast:10.8.0.255 Mask:255.255.255.0

To add on extra IP addresses execute below command:

# ifconfig eth0:1 10.8.0.12 netmask 255.255.255.0

For additional IP addresses, make sure you increment the 1 in eth0:1

Third ip address would be like this

# ifconfig eth0:2 10.8.0.13 netmask 255.255.255.0

Assigning a virtual IP to a NIC

Assigning a virtual IP to a NIC is a very easy task either you use the system-config-network tool or just do some text file editing. The script ifconfig can also be used to create a virtual network interface, but this would not be permanent since the changes ifconfig makes do not survive a reboot.

In Fedora, all information about the network interfaces is kept in the following directories:

• /etc/sysconfig/network-scripts/
• /etc/sysconfig/networking/

My NIC configuration script is /etc/sysconfig/network-scripts/ifcfg-eth0 looks like this:

DEVICE=eth0

BOOTPROTO=static

BROADCAST=192.168.0.255

HWADDR=00:00:00:00:00:00

IPADDR=192.168.0.1

NETMASK=255.255.255.0

NETWORK=192.168.0.0

ONBOOT=yes

TYPE=Ethernet

GATEWAY=192.168.0.254

Make a copy of this in the same directory naming the new file ifcfg-eth0:1

# cp ifcfg-eth0 ifcfg-eth0\:1

Modification in file ifcfg-eth0\:1 is shown in bold

DEVICE=eth0:1

BOOTPROTO=static

BROADCAST=192.168.0.255

HWADDR=00:00:00:00:00:00

IPADDR=192.168.0.101

NETMASK=255.255.255.0

NETWORK=192.168.0.0

ONBOOT=yes

TYPE=Ethernet

GATEWAY=192.168.0.254

So, its IP address will be 192.168.0.101. Save the file and copy it to/etc/sysconfig/networking/devices/:

# cp ifcfg-eth0\:1 /etc/sysconfig/networking/devices/

Also, copy it to your default network profile or whichever profile you use:

# cp ifcfg-eth0\:1 /etc/sysconfig/networking/profiles/default/

Now, bring up the new interface using the ifup script:

# ifup eth0\:1

Running ifconfig, the new interface should be listed. You can also check it by pinging:

# ping 192.168.0.101