Outils personnels

Server Configuration

De

Aller à : navigation, rechercher

Networking

shorewall

We installed both shorewall and webmin. We have the following rules:

  • loc -> all : ACCEPT
  • fw -> all : ACCEPT
  • net -> all : DROP
  • ssh to firewall : ACCEPT
  • webmin to firewall from university network : ACCEPT
  • afp -> fw : ACCEPT


IPv6

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
	address 130.79.91.34
	netmask 255.255.254.0
	network 130.79.90.0
	broadcast 130.79.91.255
	gateway 130.79.91.254
	# dns-* options are implemented by the resolvconf package, if installed
	dns-nameservers 130.79.200.1
	dns-search u-strasbg.fr

# Private network (i.e. testbed)
auto eth1
iface eth1 inet static
	address 10.0.0.1
	netmask 255.255.255.0
	network 10.0.0.0
	broadcast 10.0.0.255


The testbed may use an IPv6 connection. We configured radvd (/etc/radvd.conf):

interface eth1
{
        AdvSendAdvert on;
        prefix  2001:660:4701:1001::/64
        {
                AdvOnLink on;
                AdvAutonomous on;
        };
};

NITOS / OMF

[NITOS was deployed at the university of Thessaly (Greece). The group has the same objective: experimenting the wireless Internet.

NITOS is based on the COntrol and Management Framework (OMF), developed actively by Orbit, NICTA and NITlab.

They provide an abstraction to control a networking testbed.


(old) Monolitic Proprietary testbed

The first version of exprima consisted in a home-made testbed. We use a combination of NFS / PXE / DHCP/ TFTP to re-install automatically the nodes. IN particular, custom scripts on the voyage nodes permitted to maintain up-to-date images on the server.

This version is now obsolete.

OMF deployment

I just point to the excellent tutorial for OMF 5.4: http://omf.mytestbed.net/projects/omf/wiki/Installation_Guide_54.

Personal Notes OMF installation/configuration

xmpp - openfire

To insert a new server certificate

http://www.igniterealtime.org/builds/openfire/docs/latest/documentation/ssl-guide.html

change the default keystore password:

keytool -storepasswd -keystore keystore

(default: changeit).
And then, modify it in the admin console: add the property xmpp.socket.ssl.keypass in the system properties.


Converts the cer file into a pkcs12:

openssl pkcs12 -export -in exprima.cer -inkey exprima.key -out exprima.p12 -name exprima -CAfile CNRS2.crt -caname root


import in the certs for java/openfire:

keytool -importkeystore -destkeystore keystore -srckeystore /home/theoleyre/exprima.p12 -srcstoretype PKCS12 -alias exprima

test:

keytool -list -keystore keystore

to remove a key:

keytool -delete -alias XXX