[debian-edu-commits] [Debian Wiki] Update of "DebianEdu/Documentation/en/ITIL/ExtraConfiguration" by PetterReinholdtsen
Debian Wiki
debian-www at lists.debian.org
Fri Jul 31 08:00:43 UTC 2015
Dear Wiki user,
You have subscribed to a wiki page or wiki category on "Debian Wiki" for change notification.
The "DebianEdu/Documentation/en/ITIL/ExtraConfiguration" page has been changed by PetterReinholdtsen:
https://wiki.debian.org/DebianEdu/Documentation/en/ITIL/ExtraConfiguration?action=diff&rev1=14&rev2=15
Comment:
Generated from git.
== Simple firewall with floppy (Coyote) ==
- User Case: To get started with Debian Edu's we need to make a simple firewall. The purpose is to divide Debian Edu's network from the second network that is set up.
+ Use Case: To get started with Debian Edu's we need to make a simple firewall. The purpose is to separate Debian Edu's network from the second network that is set up.
Main author Klaus Ade Johnstad
@@ -47, +47 @@
'''./makefloppysh'''
- 1. When creating Coyote Linux on a Linux machine, one need to answer several questions. Here is a summary of the answers that can be supplied:
+ 1. When creating Coyote Linux on a Linux machine, one needs to answer several questions. Here is a summary of the answers that can be supplied:
{{{
a. Coyote floppy builder script v2.9
@@ -100, +100 @@
e. Does your Internet connection get its IP via DHCP? [y/n]:
}}}
- Answer yes(y) or no(n) in accordance with what is the network configuration.
+ Answer yes(y) or no(n) in accordance with what the network configuration is.
If one gets an IP via DHCP, the following information should be filled out:
@@ -141, +141 @@
Enter the module name for you local network card:
}}}
- This is the tricky part. Knowing which module to use for network cards is sometimes difficult. See [[#!ExtraConfiguration--clmodules|Section 3.12]] to get an overview of the available modules. Remember to not use .o at the end of the module name. Use only "first name" on the module.
+ This is the tricky part. Knowing which module to use for network cards is sometimes difficult. See [[#!ExtraConfiguration--clmodules|Section 3.12]] to get an overview of the available modules. Remember to not use .o at the end of the module name. Use only "first name" of the module.
Many prefer 3Com. Almost all use this module '''3c59x'''.
@@ -149, +149 @@
k. The default language of the Coyote Web Administrator is English
Do you like to configure a different language ? [Y/N]: n
}}}
- Use English. It is much easier to get help. Search for example using Google to find solution to problems.
+ Use English. It is much easier to get help. Search for example using Google to find solutions to problems.
{{{
l. Syslog server address:
@@ -190, +190 @@
* {{attachment:graphics23.png}}
- Fill in necessary network information here: See [[#!ExtraConfiguration--fwconf|A]]
+ Fill in the necessary network information here: See [[#!ExtraConfiguration--fwconf|A]]
- Fill in the correct IP address and subnet mask (Netmask) and Coyote Linux will give the correct calculation of broadcast address (Broadcast) and URL (Network)
+ Fill in the correct IP address and subnet mask (Netmask) and Coyote Linux will give the correct calculation of the broadcast address (Broadcast) and the network address (Network)
'''Figure 3-4. Insert a password on the Coyote Linux Floppy'''
@@ -230, +230 @@
Drag and drop to choose the correct network card at the Coyote Linux machine.
- This particular screen uses the module for 3Com on the LAN side of the grid (Debian Edu's) and Intel pro 100 card for WAN (Internet) connection.
+ In this particular screen, we use the module for 3Com on the LAN side of the grid (Debian Edu's) and Intel pro 100 card for the WAN (Internet) connection.
'''Figure 3-10. Select language'''
@@ -258, +258 @@
== Simple firewall with CD ==
- User Case: To get started with Debian Edu's we need to make a simple firewall. The purpose is to divide Debian Edu's network from the second network that is set up.
+ Use Case: To get started with Debian Edu's we need to make a simple firewall. The purpose is to separate Debian Edu's network from the second network that is set up.
Main author Klaus Ade Johnstad
@@ -288, +288 @@
ip_conntrack_irc 2672 1
ip_conntrack_ftp 3440 1
}}}
- In this list of modules loaded for the network card 3com509 in place twice. For a list of available modules, look at
+ In this list of modules that are loaded, the module for the network card 3com509 is loaded twice. For a list of available modules, look at
It is best practice to write down on the machine itself what kind of network card it contains.
@@ -321, +321 @@
There are two network cards in Coyote Linux, one (LAN) is connected to the Skolelinux/Debian-edu server, the other is connected with a crossed cable, or via a switch to another network (WAN). Sometimes it can be a bit difficult to decide which network card is which, especially if they are both connected to the same address. The method we use to determine which card is which, is to use a crossed cable and connect it to the network card in the Skolelinux/Debian-edu main server.
- 1. First you start Coyote Linux without any cable network card
+ 1. First you start Coyote Linux without any wired network card
1. Then use the crossed cable to connect Coyote Linux with the Skolelinux / Debian-edu main server (make sure it goes to the NIC labeled eth0 if the main server is a combined server).
1. Login to the main server. Try to '''ping''' the Coyote Linux machine. Use the command '''ping -c10 10.0.2.1''', or alternatively, try to ping the main server from Coyote Linux command '''ping -c10 10.0.2.2'''.
1. Then you get a response like this if it works:
@@ -344, +344 @@
WAN network:
down
}}}
- Since you have started without any cables in the network card.
+ Since you have started without any wires connected to the network card.
When the role of each of the network cards is decided, it is time to reboot the firewall with all the cables in place.
@@ -397, +397 @@
1. You use a connection with the wrong Internet connection. So you have to look anew at [[#!ExtraConfiguration--clconnectiontype|2.b]]
- If you have a connection with a DHCP-assigned address, which is not static. Then it must be a physical connection with a network between Coyote Linux and the net contact
+ If you have a connection with a DHCP-assigned address, which is not static. Then it must be a physical connection through a network wire between Coyote Linux and the net contact
1. You have chosen the wrong driver module for this network card.
@@ -407, +407 @@
then use '''space''' to scroll. Look for references to '''eth0''' and '''eth1'''. Look at [[#!ExtraConfiguration--clnicnames|Different names to the network cards]] for a reminder of what eth0 and eth1 means. Usually it is an indicator of what the problem is.
- '''Q:'''We have sat up firewalls with many different driver modules for many network cards. We have yet to find any not working properly.
+ '''Q:'''We have set up firewalls with many different driver modules for many network cards. We didn't find one not working properly.
'''A:'''Do you have you looked at this site for more information about network card and corresponding driver modules for Coyote Linux? [http://www.dalantech.com/ http://www.dalantech.com]
=== Verification ===
- The firewall works if you enter the Internet browser via the main server or a connected client.
+ The firewall works if you try to reach the Internet through the web browser on the main server or through a connected client.
=== Update the configuration database ===
@@ -526, +526 @@
Coyote Linux is a good solution if you just need a DHCP server on the network regardless of what type of machines, be it Linux, Windows or Mac.
- The only thing needing to be configured differently, is to enable the DHCP server. < FIXME: create link to screenshot>
+ The only thing that needs to be configured differently, is to enable the DHCP server. < FIXME: create link to screenshot>
A brief summary about changing a Coyote Linux to a DHCP-server:
@@ -578, +578 @@
* Tele2 ADSL Privat, Norway
* Tele2 ADSL Bedrift, Norway
* UPC Chello Classis, Norway
- * The Department of Education in Oslo. Not tested on schools connected Simen's !InnsIKT-solution for Oslo schools
+ * The Department of Education in Oslo. Not tested on schools connected to Simens' !InnsIKT-solution for Oslo schools
Due different network policies in The Department of Education in Oslo''must'' you make the following changes in [[#!ExtraConfiguration--mainserver|the main server]]:
@@ -606, +606 @@
// 0.0.0.0;
};
}}}
- This mean to remove the comment marker (#) in front of "forwarders".
+ This means to remove the comment marker (#) in front of "forwarders".
If you don't do this, you one will not be able to connect to the Internet due to problems with the name server (DNS) in The Department of Education in Oslo. Operating staff will also engage more people to get this changed to such as this service want it.
@@ -684, +684 @@
== Particularly old network cards in the firewall (ISA) ==
- Use case: We want to try to use some network cards in the firewall that is almost 20 years old. They are using the so called ISA bus. Is this possible?
+ Use case: We want to try to use some network cards in the firewall that are almost 20 years old. They are using the so called ISA bus. Is this possible?
Author: Klaus Ade Johnstad.
@@ -704, +704 @@
=== Exception handling ===
- Alert: Many reports show problems with using two 3c509 card on the same machine if one of the cards is a combo type. This is a card type with different types of networking contacts.
+ Warning: Many reports show problems with using two 3c509 card on the same machine if one of the cards is a combo type. This is a card type with different types of network cable plugs.
Do not use combo type ISA bus cards!
More information about the debian-edu-commits
mailing list