|
Warning: this is an htmlized version!
The original is here, and the conversion rules are here. |
#######
#
# E-scripts on basic things on networking.
#
# Note 1: use the eev command (defined in eev.el) and the
# ee alias (in my .zshrc) to execute parts of this file.
# Executing this file as a whole makes no sense.
# An introduction to eev can be found here:
#
# (find-eev-quick-intro)
# http://angg.twu.net/eev-intros/find-eev-quick-intro.html
#
# Note 2: be VERY careful and make sure you understand what
# you're doing.
#
# Note 3: If you use a shell other than zsh things like |&
# and the for loops may not work.
#
# Note 4: I always run as root.
#
# Note 5: some parts are too old and don't work anymore. Some
# never worked.
#
# Note 6: the definitions for the find-xxxfile commands are on my
# .emacs.
#
# Note 7: if you see a strange command check my .zshrc -- it may
# be defined there as a function or an alias.
#
# Note 8: the sections without dates are always older than the
# sections with dates.
#
# This file is at <http://angg.twu.net/e/netbasics.e>
# or at <http://angg.twu.net/e/netbasics.e.html>.
# See also <http://angg.twu.net/emacs.html>,
# <http://angg.twu.net/.emacs[.html]>,
# <http://angg.twu.net/.zshrc[.html]>,
# <http://angg.twu.net/escripts.html>,
# and <http://angg.twu.net/>.
#
#######
# (find-diag "netbasics")
gv ~/LATEX/eps/netbasics.ps
# (find-htetfile "Networking-Overview-HOWTO.gz")
# (find-htetfile "NET3-4-HOWTO.gz")
# (find-htetfile "NET3-4-HOWTO.gz" "gateway")
#####
#
# boot-floppies-2.2.13 (source)
# 2000may27
#
#####
# The most urgent question is what dbootstrap does with the domain
# name.
# (code-c-d "bf" "/usr/src/boot-floppies-2.2.13/")
# (code-c-d "bfdb" "/usr/src/boot-floppies-2.2.13/utilities/dbootstrap/")
pdsc $SDEBIAN/dists/potato/main/source/admin/boot-floppies_2.2.13.dsc
cd /usr/src/boot-floppies-2.2.13/utilities/dbootstrap/
agrep -i domain * > ~/o
# (find-fline "~/o")
# (find-bffile "")
# (find-bffile "debian/")
# (find-es "potato")
# (find-bfdbfile "netconfig.c" "char *domain")
# (find-bfdbfile "netconfig.c" "int get_domain() ")
# (find-bfdbfile "netconfig.c" '* 3 "get_domain()")
# (find-bfdbfile "netconfig.c" '* 3 "configure_static")
# (find-bfdbfile "netconfig.c" "DOMAIN=")
# (find-bfdbfile "netconfig.c" "\"search %s\\n\", domain")
# So the domain name goes only to resolv.conf?
# But hey, resolv.conf is a DNS thing, not a NIS thing...
# (eeman "resolv.conf")
# (eeman "1 hostname" "also used by NIS/YP")
# (eeman "1 hostname" "set once at system startup")
# (find-fline "/etc/init.d/networking")
# (find-fline "/etc/init.d/hostname.sh")
# (find-bffile "")
# (find-bffile "documentation/README-udma66")
# (find-bffile "documentation/kernel-config-udma66")
# (find-htetfile "NET3-4-HOWTO.txt.gz")
#####
#
# nis
# 2000may27
#
#####
# (find-htetfile "NIS-HOWTO.gz")
# (find-htetfile "NIS-HOWTO.gz" '* 2 "How NIS works")
# (find-htetfile "NIS-HOWTO.gz" "ASCII-to-DBM")
# (find-status "nis")
# (find-vldifile "nis.list")
# (find-fline "/usr/doc/nis/")
#####
#
# Which addresses can telnet to us? (Version 0)
# 2000may21
#
#####
# «inetd_access_0»
# (find-fline "/etc/passwd" "edrxp")
# (find-expmanfile "interact")
# (find-expmanfile "send" "set send_human")
# Set edrxp's password to something that I remember
# (and that must surely be changed later!)
expect -c '
spawn passwd edrxp
expect "new UNIX password: " { sleep 0.1; send "edrx\n" }
expect "new UNIX password: " { sleep 0.1; send "edrx\n" }
interact
'
# Some possible (test) settings for /etc/hosts.{allow,deny}:
# the default from the potato packages,
# a configuration that should allow everything,
# ...
# Default (paranoid):
#
cd /
ar p /big/potato/dists/potato/main/binary-i386/base/netbase_3.17-1.deb \
data.tar.gz \
| tar -xvzf - "./etc/hosts.*"
/etc/init.d/inetd restart
# Allow everything:
#
echo -n > /etc/hosts.allow
echo -n > /etc/hosts.deny
/etc/init.d/inetd restart
# Test:
#
expect -c '
spawn telnet 127.0.0.1
expect "login: " { sleep 0.2; send "edrxp\n" }
expect "ssword: " { sleep 0.2; send "edrx\n" }
interact -o "# " { send "\004"; sleep 0.1; exit 0 } \
"Login incorrect" { send_user "Login incorrect"; exit 1 }
'
# (find-fline "/etc/hosts.allow")
# (find-fline "/etc/hosts.deny")
# (find-fline "/etc/services" "telnet")
# (find-fline "/etc/inetd.conf" "telnet")
# (find-fline "/var/log/daemon.log")
# (find-fline "/var/log/syslog")
# (find-fline "/var/log/auth.log")
# (find-fline "/etc/hosts.allow")
# (find-fline "/etc/hosts.deny")
# (eeman "5 hosts_access")
# (eeman "5 hosts_options")
#####
#
# Which addresses can telnet to us? (Version 1)
# 2000may21
#
#####
# «inetd_access_1»
# (find-status "netbase")
# (find-fline "/etc/init.d/inetd")
# (eeman "rpcinfo")
# (find-fline "/usr/doc/netbase/portmapper.txt.gz")
# (find-fline "~/EXPECT/test_access")
# (find-angg ".zshrc" "restart_inetd")
# Paranoid mode.
cd /
ar p /big/potato/dists/potato/main/binary-i386/base/netbase_3.17-1.deb \
data.tar.gz \
| tar -xvzf - "./etc/hosts.*"
restart_inetd
test_access try_telnet 127.0.0.1 edrxp edrx
# Allow everything.
echo -n > /etc/hosts.allow
echo -n > /etc/hosts.deny
restart_inetd
test_access try_telnet 127.0.0.1 edrxp edrx
# Deny everything.
# *Argh* - the test here doesn't work, it seems that the connections
# are always being considered as coming from a local host, and are
# thus allowed.
# (find-fline "/usr/doc/netbase/portmapper.txt.gz" "The local host")
#
echo -n > /etc/hosts.allow
echo "ALL: *" > /etc/hosts.deny
restart_inetd
test_access try_telnet 127.0.0.1 edrxp edrx
#####
#
# net-3-howto in potato
#
#####
# (find-htetfile "NET3-4-HOWTO.gz")
# (find-fline "/usr/doc/HOWTO/NET-3-HOWTO.gz")
ar p /big/potato/dists/potato/main/binary-i386/doc/doc-linux-text_1999.10-1.deb data.tar.gz \
| tar -tzvf -
# (find-htetfile "NET-3-HOWTO.txt.gz")
# (find-htetfile "NET3-4-HOWTO.txt.gz" " 5.6.")
# How to set up a second loopback interface?
# Not a very good way, as this replaces the old "lo".
ifconfig lo 10.0.0.1
ifconfig
ifconfig lo 127.0.0.1
ifconfig
# Error:
ifconfig lo1 10.0.0.1
# Error:
ifconfig lo add 10.0.0.1
# Segfault:
ifconfig lo1 hw loop 10.0.0.1
ifconfig
#####
#
# All (?) a socket connection can know about the remote end
# 2000may21
#
#####
# (find-es "tcl" "socket_servers_0")
# (eeman "3tcl socket")
# Doesn't work:
expect -c '
proc ans {sock callerip clientport} {
puts "$sock $callerip $clientport"
puts [gets $sock]
close $sock
}
socket -server ans 5000
# vwait forever
set sock [socket 127.0.0.1 5000]
puts $sock hello
puts [read $sock 99999]
close $sock
'
expect -c '
proc ans {sock callerip clientport} {
puts "$sock $callerip $clientport"
puts [eval [read $sock]]
close $sock
}
socket -server ans 5000
vwait forever
' &
#####
#
# ldp-nag
# 2000may27
#
#####
# (find-status "ldp-nag")
# (find-vldifile "ldp-nag.list")
# (find-fline "/usr/doc/ldp-nag/")
# (find-naghw3 "node1.html")
# (find-naghw3 "node16.html" "The Socket Library")
# (find-naghw3 "node48.html" "Ethernet Cabling")
# (find-naghw3 "node1.html" "Configuring TCP/IP Networking")
# (find-naghw3 "node62.html" "Setting the Hostname")
# (find-naghw3 "node64.html" "Writing hosts and networks Files")
# (find-naghw3 "node78.html" "Checking the ARP Tables")
# (eeman "arp")
# (eeman "arping")
# (find-status "netbase")
# (find-vldifile "netbase.list")
# (find-fline "/usr/doc/netbase/")
#####
#
# ping's inner workings
# 2000may10
#
#####
# «ping-inner»
#ltrace ping -c 1 127.0.0.1
(ltrace ping -c 1 127.0.0.1 > /dev/null) |& tee ~/o
# (find-fline "~/o")
# (eeman "2 socket")
# (eeman "7 socket")
# (eeman "2 setsockopt")
# (eeman "2 sendto")
# (eeman "2 recvfrom")
# (eeman "ping")
k22glimpse ICMP
k22glimpse 'ECHO_RE(QUEST|PONSE)'
# Pings are answered by the kernel.
# (find-k22file "net/ipv4/icmp.c" "Handle ICMP_ECHO (\"ping\") requests")
# (find-vldifile "doc-rfc.list")
# (find-fline "/usr/doc/doc-rfc/")
# (find-drfcfile "rfc1812.txt.gz")
# (find-drfcfile "rfc1812.txt.gz" " o Application Layer")
# (find-drfcfile "rfc1812.txt.gz" "lost or duplicated")
# (find-drfcfile "rfc1812.txt.gz" "Internal host loopback address")
# (find-drfcfile "rfc1009.txt.gz")
# (find-drfcfile "rfc1009.txt.gz" "loopback")
# (find-drfcfile "rfc893.txt.gz")
#####
#
# Docs about IP masquerading and virtual private nets
# 2000may30
#
#####
# And what about encapsulation? I'm being able to ping my machine from
# the outside, but not to connect to it via ftp, telnet or ssh; I
# always get a (!!!) "No route to host"! Time to learn more about ping
# and/or traceroute...
pdsc $SPOTATO/main/source/base/netbase_3.18-4.dsc
# (code-c-d "netbase" "/usr/src/netbase-3.18/")
# (find-netbasefile "")
# (find-netbasefile "netkit-base/ping/")
# (find-netbasefile "iputils/")
# (find-netbasefile "iputils/ping.c")
# (find-netbasefile "iputils/ping6.c")
# (find-k22file "net/core/dev.c" "encapsulated data")
# (find-htetfile "NET3-4-HOWTO.txt.gz" "IP-Alias")
# (find-htetfile "NET3-4-HOWTO.txt.gz" "virtual private networking")
# (find-htetfile "NET3-4-HOWTO.txt.gz" "make use of that one IP address")
# (find-k22file "Documentation/Configure.help" "CONFIG_FB\n")
# (find-htetfile "IP-Masquerade.txt.gz")
# (find-htetfile "VPN-Masquerade-HOWTO.txt.gz")
# (find-htetfile "mini/IP-Masquerade.txt.gz")
# (find-htetfile "mini/IPMasquerading+Napster.txt.gz")
# (find-htetfile "mini/IP-Subnetworking.txt.gz" "IP numbers belong to Interfaces - NOT hosts!")
# (find-drfcfile "rfc1918.txt.gz")
# (find-drfcfile "rfc1631.txt.gz")
# (find-drfcfile "rfc952.txt.gz")
# (find-drfcfile "rfc893.txt.gz")
# (find-k22file "Documentation/Configure.help" "IP masquerading")
# (find-k22file "Documentation/Configure.help" "\nIP: masquerading")
# (find-k22file "Documentation/Configure.help" "load balancing")
# (find-k22file "net/ipv4/" "ip_masq")
apti linuxconf
# (find-status "linuxconf")
# (find-vldifile "linuxconf.list")
# (find-vldifile "linuxconf.list" "ip_aliases")
# (find-fline "/usr/doc/linuxconf/")
# (find-k22file "Documentation/networking/alias.txt")
# (find-drfcfile "rfc1812.txt.gz" '* 2 "5.2.1 Forwarding Algorithm")
# Local Variables:
# coding: utf-8-unix
# End: