about summary refs log tree commit diff stats
path: root/core/network.html
diff options
context:
space:
mode:
Diffstat (limited to 'core/network.html')
-rw-r--r--core/network.html79
1 files changed, 31 insertions, 48 deletions
diff --git a/core/network.html b/core/network.html
index b8b7617..e1b590d 100644
--- a/core/network.html
+++ b/core/network.html
@@ -29,10 +29,7 @@
 
         <h2 id="resolv">2.1.1. Resolver</h2>
 
-        <p>Configure your resolver with a server that don't censorship there for
-        respect your freedom and privacy. Read
-        <a href="https://trac.torproject.org/projects/tor/wiki/doc/DnsResolver/PublicDnsResolvers#PublicDNSServers">Tor Dns Resolver</a>
-        for more information. This example will use
+        <p>This example will use
         <a href="http://www.chaoscomputerclub.de/en/censorship/dns-howto">Chaos Computer Club</a>
         server, edit /etc/resolv.conf and make it immutable;</p>
 
@@ -51,6 +48,20 @@
         <p>Current example of <a href="conf/rc.d/net">/etc/rc.d/net</a>;</p>
 
         <pre>
+        Address:   192.168.0.1           11000000.10101000.00000000 .00000001
+        Netmask:   255.255.255.0 = 24    11111111.11111111.11111111 .00000000
+        Wildcard:  0.0.0.255             00000000.00000000.00000000 .11111111
+        =>
+        Network:   192.168.0.0/24        11000000.10101000.00000000 .00000000 (Class C)
+        Broadcast: 192.168.0.255         11000000.10101000.00000000 .11111111
+        HostMin:   192.168.0.1           11000000.10101000.00000000 .00000001
+        HostMax:   192.168.0.254         11000000.10101000.00000000 .11111110
+        Hosts/Net: 254                   (Private Internet)
+        </pre>
+
+        <p>Other IP class that can used for private network;</p>
+
+        <pre>
         Address:   10.0.0.1              00001010.00000000.00000000 .00000001
         Netmask:   255.255.255.0 = 24    11111111.11111111.11111111 .00000000
         Wildcard:  0.0.0.255             00000000.00000000.00000000 .11111111
@@ -62,78 +73,50 @@
         Hosts/Net: 254                   (Private Internet)
         </pre>
 
+        <p>Manual configuring like net script;</p>
+
         <pre>
         # DEV=enp8s0
-        # ADDR=10.0.0.1
+        # ADDR=192.168.1.9
         # MASK=24
-        # GW=10.0.0.1
-        # ip addr flush dev ${DEV}
-        # ip route flush dev ${DEV}
+        # GW=192.168.1.254
         </pre>
 
         <pre>
+        # ip addr flush dev ${DEV}
+        # ip route flush dev ${DEV}
         # ip addr add ${ADDR}/${MASK} dev ${DEV} broadcast +
         # ip link set ${DEV} up
-        </pre>
-
-        <p>Script don't add above network as gateway;</p>
-
-        <pre>
         # ip route add default via ${GW}
         </pre>
 
-        <p>Other IP class used in home setups;</p>
-
-        <pre>
-        Address:   192.168.0.1           11000000.10101000.00000000 .00000001
-        Netmask:   255.255.255.0 = 24    11111111.11111111.11111111 .00000000
-        Wildcard:  0.0.0.255             00000000.00000000.00000000 .11111111
-        =>
-        Network:   192.168.0.0/24        11000000.10101000.00000000 .00000000 (Class C)
-        Broadcast: 192.168.0.255         11000000.10101000.00000000 .11111111
-        HostMin:   192.168.0.1           11000000.10101000.00000000 .00000001
-        HostMax:   192.168.0.254         11000000.10101000.00000000 .11111110
-        Hosts/Net: 254                   (Private Internet)
-        </pre>
-
-        <pre>
-        # DEV=enp8s0
-        # ADDR=192.168.1.1
-        # MASK=24
-        # GW=192.168.1.254
-        </pre>
-
 	<h2 id="iptables">2.1.3. Iptables</h2>
 
         <p>For more information about iptables read
         <a href="https://wiki.archlinux.org/index.php/Iptables">arch wiki</a>.
         You can use
-        <a href="scripts/iptables.sh">iptables script</a>
-        at boot time and iptables-save and iptables-restore tools to
-        configure nat and filtering;</p>
+        <a href="conf/iptables/rules.v4">/etc/iptables/rules.v4</a>
+        as template, replace interface by the one facing the router/gateway.
+        This configuration file is used at boot time by iptables-restore command,
+        if you use a script or change the rules of running system you can
+        use iptables-save command to save configuration to a file.</p>
 
         <pre>
         # mkdir /etc/iptables
-        # cp c9-doc/core/scripts/iptables.sh /etc/iptables/
+        # cp c9-doc/core/conf/iptables/rules.v4 /etc/iptables/
+        # cp c9-doc/core/conf/rc.d/iptables /etc/rc.d/
+        # chmod +x /etc/rc.d/iptables
         </pre>
 
-        <p>Adjust iptables to your needs, then;</p>
+        <p>Adjust rules.v4 to your needs, then;</p>
 
         <pre>
-        # cd /etc/iptables
-        # sh iptables.sh
-        # iptables-save > rules.v4
+        # sh /etc/rc.d/iptables start
         </pre>
 
         <p>Copy init script, edit if you dont like to
         let drop when you call stop.</p>
 
-        <pre>
-        # cp c9-doc/core/conf/rc.d/iptables /etc/rc.d/
-        # vim /etc/rc.d/iptables
-        # chmod +x /etc/rc.d/iptables
-        </pre>
-
         <p>Re-configure your rc.conf and add iptables before (w)lan is up;</p>
 
         <pre>
generated by cgit-pink 1.4.1-2-gfad0 (git 2.36.2.497.gbbea4dcf42) at 2025-05-18 13:33:21 +0000