<<O>> Difference Topic LacieSystemSetup (3 - 25 Sep 2009 - Main.PetrMalat) |
Line: 1 to 1 | ||||||||
---|---|---|---|---|---|---|---|---|
System setup | ||||||||
Line: 16 to 16 | ||||||||
Repeat this for all your users. | ||||||||
Changed: | ||||||||
< < |
Continue with LacieRecommendedSoftware | |||||||
> > |
Recommended softwareFTP server - vsftpdI tested various FTP servers in debian and the best results I've got with vsftpd.InstalationBecause vsftpd is included in debian, instalation is very simple:aptitude install vsftpd ConfigurationUPnP multimedia server - Media TombInstalationMediatomb is also included in debian:aptitude install mediatomb-daemon ConfigurationFile sharing: bittorent, donkey, gnuttela... - MLDonkeyInstalationConfigurationGUI: KMLDonkeyFirewall setupBridged connectionThis is situation, which I use, so the description is more detailed. My network configuration is shown below:switch WiFi _______ _____ ISP ----| VLAN1 | eth0 | | eth1 \|/ . . . . . . NTB1 | ~~~~~ |-------| br0 |--------| . . EDMini ----| | |_____| | . . . . | V | . . . . NTB2 PC1 ----| L | . | A | . PC2 ----| N | . Nokia N95 | 0 | PC3 ----|_______|I use switch which is able to tag packets according the incomming port. It is configured to distinguish between traffic from outside my network (ISP) and my home network traffic. All networks (vlan0, vlan1 and eth1) are bridged together, as my ISP provides enougth IP addresses. I consider my network secure as the wifi is protected by WPA2 and when someone is able to hack cable connection, he can also easily grabs the computers. Becouse some services I use doesn't support password protection, filtering is required. It can be done using ebtables. Command scheme is following: ebtables -I FORWARD -i __INCOMING_INTERFACE -p IPv4 --ip-protocol __PROTOCOL --ip-destination-port __PORT_NUMBER -j DROPwhere
ebtables -I FORWARD -i vlan1 -p IPv4 --ip-protocol tcp --ip-destination-port 2049 -j DROP Routed connectionIn case of routed connection, use iptables. Commands will looks like this:iptables -I FORWARD -i __INCOMING_INTERFACE -p __PROTOCOL --dport __PORT_NUMBER -j REJECTwhere
Filtering on EDMiniIf you want to do filtering on EDMini, use following command to reject all packets except these originating from __ALLOWED_IP:iptables -I INPUT -i __INCOMING_INTERFACE -s ! __ALLOWED_IP -p __PROTOCOL --dport __PORT_NUMBER -j REJECTwhere
Services protocols and port numbers
| |||||||
Deleted: | ||||||||
< < |
|