Network Services Configurations

Covers DHCP, DNS, NTP and other core network services.

NAT/Firewall Configuration

Internet Connection Failover

This example has two internet connections, eth0, eth1 which fail over from one to the other.

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
route add default gw 1.1.1.1 dev eth0
route add default gw 2.2.2.2 dev eth1
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 30 > /proc/sys/net/ipv4/route/gc_timeout

Mulitple Gateways/ISPs (Multi-Home)

This example shows out to configure multiple routes for dual gateways such as the case of having two ISP and requiring response on both. So, traffic inbound on IP0 will properly respond

DEV0="eth0"
TAB0="Comcast"
NET0="75.1.1.0/24"
IP0="75.1.1.37"
GW0="75.1.1.38"

DEV1="eth1"
TAB1="CLink"
NET1="66.2.2.184/29"
IP1="66.2.2.186"
GW1="66.2.2.185"

ip route add $NET0 dev $DEV0 src $IP0 table $TAB0
ip route add default via $GW0 table $TAB0

ip route add $NET1 dev $DEV1 src $IP1 table $TAB1
ip route add default via $GW1 table $TAB1

ip route add $NET0 dev $DEV0 src $IP0
ip route add $NET1 dev $DEV1 src $IP1

ip rule add from $IP0 table $TAB0
ip rule add from $IP1 table $TAB1

ip route add default via $GW0

File Server Configurations

Using Samba...

Rate Limit Connections

No more than three new connection attempts per second.

iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 4 -j DROP

See Also

comments powered by Disqus