<!DOCTYPE html>
<html dir="ltr" lang="en">
<head>
<meta charset='utf-8'>
<title>2.3. Network</title>
</head>
<body>
<a href="index.html">Core OS Index</a>
<h1>2.3. Network</h1>
<p>Operation of the network can be handle with init scripts;</p>
<dl>
<dt><a href="conf/rc.d/iptables">/etc/rc.d/iptables</a></dt>
<dd>Configure <a href="#iptables">iptables</a>, start option
loads set of rules from file /etc/iptables/net.v4, open option
allows everything to outside and blocks everything from outside,
stop will block and log everything.</dd>
<dt><a href="conf/rc.d/net">/etc/rc.d/net</a></dt>
<dd>Configure Ethernet interface with static or dynamic (dhcp)
IP, set default route and add default gateway.</dd>
<dt><a href="conf/rc.d/wlan">/etc/rc.d/wlan</a></dt>
<dd>Configure Wireless interface, launch wpa_supplicant to handle
wireless authenticationand dynamic (dhcp)
connection to router and add as default gateway.</dd>
</dl>
<p>Choose wireless or net as connection to outside world and configure
<a href="conf/rc.conf">/etc/rc.conf</a> to run at startup, example
connecting using wireless interface;</p>
<pre>
#
# /etc/rc.conf: system configuration
#
FONT=default
KEYMAP=dvorak
TIMEZONE="Europe/Lisbon"
HOSTNAME=c9
SYSLOG=sysklogd
SERVICES=(lo iptables wlan crond)
# End of file
</pre>
<p>If is first boot after install configure iptables and one of above
described scripts then proceed to
<a href="package.html#sysup">update system.</a></p>
<h2 id="resolv">2.3.1. Resolver</h2>
<p>This example will use
<a href="http://www.chaoscomputerclub.de/en/censorship/dns-howto">Chaos Computer Club</a>
server, edit /etc/resolv.conf and make it immutable;</p>
<pre>
# /etc/resolv.conf.head can replace this line
nameserver 213.73.91.35
# /etc/resolv.conf.tail can replace this line
</pre>
<pre>
# chattr +i /etc/resolv.conf
</pre>
<h2 id="static">2.3.2. Static IP</h2>
<p>Current example of <a href="conf/rc.d/net">/etc/rc.d/net</a>;</p>
<pre>
Address: 192.168.0.1 11000000.10101000.00000000 .00000001
Netmask: 255.255.255.0 = 24 11111111.11111111.11111111 .00000000
Wildcard: 0.0.0.255 00000000.00000000.00000000 .11111111
=>
Network: 192.168.0.0/24 11000000.10101000.00000000 .00000000 (Class C)
Broadcast: 192.168.0.255 11000000.10101000.00000000 .11111111
HostMin: 192.168.0.1 11000000.10101000.00000000 .00000001
HostMax: 192.168.0.254 11000000.10101000.00000000 .11111110
Hosts/Net: 254 (Private Internet)
</pre>
<p>Other IP class that can used for private network;</p>
<pre>
Address: 10.0.0.1 00001010.00000000.00000000 .00000001
Netmask: 255.255.255.0 = 24 11111111.11111111.11111111 .00000000
Wildcard: 0.0.0.255 00000000.00000000.00000000 .11111111
=>
Network: 10.0.0.0/24 00001010.00000000.00000000 .00000000 (Class A)
Broadcast: 10.0.0.255 00001010.00000000.00000000 .11111111
HostMin: 10.0.0.1 00001010.00000000.00000000 .00000001
HostMax: 10.0.0.254 00001010.00000000.00000000 .11111110
Hosts/Net: 254 (Private Internet)
</pre>
<p>Manual configuring like net script;</p>
<pre>
# DEV=enp8s0
# ADDR=192.168.1.9
# MASK=24
# GW=192.168.1.254
</pre>
<pre>
# ip addr flush dev ${DEV}
# ip route flush dev ${DEV}
# ip addr add ${ADDR}/${MASK} dev ${DEV} broadcast +
# ip link set ${DEV} up
# ip route add default via ${GW}
</pre>
<h2 id="iptables">2.3.3. Iptables</h2>
<p>For more information about firewall systems read arch wiki
<a href="https://wiki.archlinux.org/index.php/Iptables">iptables</a>
an <a href="https://wiki.archlinux.org/index.php/nftables">nftables</a>.</p>
<p>To setup iptables rules a set of scripts is used, init script
<a href="conf/rc.d/iptables">/etc/rc.d/iptables</a>
loads set of rules from file /etc/iptables/net.v4 at boot time.
Start option "open" option allows everything to outside
and blocks everything from outside, "stop" will block and log
everything. Setup init script and rules ;</p>
<pre>
# mkdir /etc/iptables
# cp core/conf/ip<style>pre { line-height: 125%; }
td.linenos .normal { color: inherit; background-color: transparent; padding-left: 5px; padding-right: 5px; }
span.linenos { color: inherit; background-color: transparent; padding-left: 5px; padding-right: 5px; }
td.linenos .special { color: #000000; background-color: #ffffc0; padding-left: 5px; padding-right: 5px; }
span.linenos.special { color: #000000; background-color: #ffffc0; padding-left: 5px; padding-right: 5px; }
.highlight .hll { background-color: #ffffcc }
.highlight .c { color: #888888 } /* Comment */
.highlight .err { color: #a61717; background-color: #e3d2d2 } /* Error */
.highlight .k { color: #008800; font-weight: bold } /* Keyword */
.highlight .ch { color: #888888 } /* Comment.Hashbang */
.highlight .cm { color: #888888 } /* Comment.Multiline */
.highlight .cp { color: #cc0000; font-weight: bold } /* Comment.Preproc */
.highlight .cpf { color: #888888 } /* Comment.PreprocFile */
.highlight .c1 { color: #888888 } /* Comment.Single */
.highlight .cs { color: #cc0000; font-weight: bold; background-color: #fff0f0 } /* Comment.Special */
.highlight .gd { color: #000000; background-color: #ffdddd } /* Generic.Deleted */
.highlight .ge { font-style: italic } /* Generic.Emph */
.highlight .ges { font-weight: bold; font-style: italic } /* Generic.EmphStrong */
.highlight .gr { color: #aa0000 } /* Generic.Error */
.highlight .gh { color: #333333 } /* Generic.Heading */
.highlight .gi { color: #000000; background-color: #ddffdd } /* Generic.Inserted */
.highlight .go { color: #888888 } /* Generic.Output */
.highlight .gp { color: #555555 } /* Generic.Prompt */
.highlight .gs { font-weight: bold } /* Generic.Strong */
.highlight .gu { color: #666666 } /* Generic.Subheading */
.highlight .gt { color: #aa0000 } /* Generic.Traceback */
.highlight .kc { color: #008800; font-weight: bold } /* Keyword.Constant */
.highlight .kd { color: #008800; font-weight: bold } /* Keyword.Declaration */
.highlight .kn { color: #008800; font-weight: bold } /* Keyword.Namespace */
.highlight .kp { color: #008800 } /* Keyword.Pseudo */
.highlight .kr { color: #008800; font-weight: bold } /* Keyword.Reserved */
.highlight .kt { color: #888888; font-weight: bold } /* Keyword.Type */
.highlight .m { color: #0000DD; font-weight: bold } /* Literal.Number */
.highlight .s { color: #dd2200; background-color: #fff0f0 } /* Literal.String */
.highlight .na { color: #336699 } /* Name.Attribute */
.highlight .nb { color: #003388 } /* Name.Builtin */
.highlight .nc { color: #bb0066; font-weight: bold } /* Name.Class */
.highlight .no { color: #003366; font-weight: bold } /* Name.Constant */
.highlight .nd { color: #555555 } /* Name.Decorator */
.highlight .ne { color: #bb0066; font-weight: bold } /* Name.Exception */
.highlight .nf { color: #0066bb; font-weight: bold } /* Name.Function */
.highlight .nl { color: #336699; font-style: italic } /* Name.Label */
.highlight .nn { color: #bb0066; font-weight: bold } /* Name.Namespace */
.highlight .py { color: #336699; font-weight: bold } /* Name.Property */
.highlight .nt { color: #bb0066; font-weight: bold } /* Name.Tag */
.highlight .nv { color: #336699 } /* Name.Variable */
.highlight .ow { color: #008800 } /* Operator.Word */
.highlight .w { color: #bbbbbb } /* Text.Whitespace */
.highlight .mb { color: #0000DD; font-weight: bold } /* Literal.Number.Bin */
.highlight .mf { color: #0000DD; font-weight: bold } /* Literal.Number.Float */
.highlight .mh { color: #0000DD; font-weight: bold } /* Literal.Number.Hex */
.highlight .mi { color: #0000DD; font-weight: bold } /* Literal.Number.Integer */
.highlight .mo { color: #0000DD; font-weight: bold } /* Literal.Number.Oct */
.highlight .sa { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Affix */
.highlight .sb { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Backtick */
.highlight .sc { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Char */
.highlight .dl { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Delimiter */
.highlight .sd { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Doc */
.highlight .s2 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Double */
.highlight .se { color: #0044dd; background-color: #fff0f0 } /* Literal.String.Escape */
.highlight .sh { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Heredoc */
.highlight .si { color: #3333bb; background-color: #fff0f0 } /* Literal.String.Interpol */
.highlight .sx { color: #22bb22; background-color: #f0fff0 } /* Literal.String.Other */
.highlight .sr { color: #008800; background-color: #fff0ff } /* Literal.String.Regex */
.highlight .s1 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Single */
.highlight .ss { color: #aa6600; background-color: #fff0f0 } /* Literal.String.Symbol */
.highlight .bp { color: #003388 } /* Name.Builtin.Pseudo */
.highlight .fm { color: #0066bb; font-weight: bold } /* Name.Function.Magic */
.highlight .vc { color: #336699 } /* Name.Variable.Class */
.highlight .vg { color: #dd7700 } /* Name.Variable.Global */
.highlight .vi { color: #3333bb } /* Name.Variable.Instance */
.highlight .vm { color: #336699 } /* Name.Variable.Magic */
.highlight .il { color: #0000DD; font-weight: bold } /* Literal.Number.Integer.Long */</style><div class="highlight"><pre><span></span><span class="ch">#!/usr/bin/env zsh</span>
<span class="c1"># Helper to change the numerical prefixes across the repo, say if you want to</span>
<span class="c1"># create room between 023 and 024, and so on.</span>
<span class="c1">#</span>
<span class="c1"># Assumes there's only ever one file with any numeric prefix. If you move</span>
<span class="c1"># 003trace.tests you might need to do some manual patch-up.</span>
setopt<span class="w"> </span>extendedglob
<span class="k">if</span><span class="w"> </span><span class="o">[[</span><span class="w"> </span><span class="nv">$#</span><span class="w"> </span>-eq<span class="w"> </span><span class="m">0</span><span class="w"> </span><span class="o">&&</span><span class="w"> </span><span class="sb">`</span>git<span class="w"> </span>diff<span class="w"> </span>HEAD<span class="w"> </span><span class="p">|</span>wc<span class="w"> </span>-l<span class="sb">`</span><span class="w"> </span>-gt<span class="w"> </span><span class="m">0</span><span class="w"> </span><span class="o">]]</span>
<span class="k">then</span>
<span class="w"> </span><span class="nb">echo</span><span class="w"> </span><span class="s2">"Uncommitted changes"</span>
<span class="w"> </span><span class="nb">exit</span>
<span class="k">fi</span>
<span class="k">if</span><span class="w"> </span><span class="o">[[</span><span class="w"> </span><span class="nv">$#</span><span class="w"> </span>-gt<span class="w"> </span><span class="m">0</span><span class="w"> </span><span class="o">]]</span><span class="w"> </span><span class="c1"># dry run</span>
<span class="k">then</span>
<span class="w"> </span>git<span class="o">()</span><span class="w"> </span><span class="o">{</span>
<span class="w"> </span><span class="nb">echo</span><span class="w"> </span><span class="nv">$*</span>
<span class="w"> </span><span class="o">}</span>
<span class="k">fi</span>
<span class="c1">#�</span>
<span class="nv">index</span><span class="o">=</span><span class="m">0</span>
ls<span class="w"> </span><span class="o">[</span><span class="m">0</span>-9<span class="o">]</span>*<span class="w"> </span><span class="p">|</span>grep<span class="w"> </span>-v<span class="w"> </span><span class="s2">"trace.test"</span><span class="w"> </span><span class="p">|</span>sort<span class="w"> </span>-n<span class="w"> </span><span class="p">|</span>
<span class="w"> </span><span class="k">while</span><span class="w"> </span><span class="nb">read</span><span class="w"> </span>file
<span class="w"> </span><span class="k">do</span>
<span class="w"> </span><span class="nb">echo</span><span class="w"> </span><span class="nv">$file</span><span class="w"> </span>><span class="p">&</span><span class="m">2</span>
<span class="w"> </span><span class="k">while</span><span class="w"> </span><span class="o">[[</span><span class="w"> </span><span class="nv">$file</span><span class="w"> </span>!<span class="o">=</span><span class="w"> </span><span class="sb">`</span><span class="nb">printf</span><span class="w"> </span><span class="s2">"%03d"</span><span class="w"> </span><span class="nv">$index</span><span class="sb">`</span>*<span class="w"> </span><span class="o">]]</span>
<span class="w"> </span><span class="k">do</span>
<span class="w"> </span><span class="nb">echo</span>
<span class="w"> </span><span class="nv">index</span><span class="o">=</span><span class="k">$((</span><span class="nv">$index</span><span class="o">+</span><span class="m">1</span><span class="k">))</span>
<span class="w"> </span><span class="k">done</span>
<span class="w"> </span><span class="nb">echo</span><span class="w"> </span><span class="nv">$file</span>
<span class="w"> </span><span class="nv">index</span><span class="o">=</span><span class="k">$((</span><span class="nv">$index</span><span class="o">+</span><span class="m">1</span><span class="k">))</span>
<span class="w"> </span><span class="k">done</span><span class="w"> </span>><span class="w"> </span>.layout
vim<span class="w"> </span>-c<span class="w"> </span><span class="s2">"set nu"</span><span class="w"> </span>.layout
<span class="c1">#�</span>
root<span class="o">()</span><span class="w"> </span><span class="o">{</span>
<span class="w"> </span><span class="nb">echo</span><span class="w"> </span><span class="nv">$1</span><span class="w"> </span><span class="p">|</span>perl<span class="w"> </span>-pwe<span class="w"> </span><span class="s1">'s/^[0-9]*//'</span>
<span class="o">}</span>
<span class="nv">index</span><span class="o">=</span><span class="m">0</span>
cat<span class="w"> </span>.layout<span class="w"> </span><span class="p">|</span>
<span class="w"> </span><span class="k">while</span><span class="w"> </span><span class="nb">read</span><span class="w"> </span>file
<span class="w"> </span><span class="k">do</span>
<span class="w"> </span><span class="k">if</span><span class="w"> </span><span class="o">[</span><span class="w"> </span>!<span class="w"> </span>-z<span class="w"> </span><span class="nv">$file</span><span class="w"> </span><span class="o">]</span>
<span class="w"> </span><span class="k">then</span>
<span class="w">