Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
linux:skoleni:firewall [2016/05/12 15:37]
admin [High Availability HA Router] 		linux:skoleni:firewall [2016/05/13 15:47] (current)
admin [OpenVPN a Easy RSA]
Line 164: Line 164:
    ​--downscript=/​etc/​ucarp/​down.sh    ​--downscript=/​etc/​ucarp/​down.sh
 </​code>  ​ </​code>  ​
 +
 +====== OpenVPN a Easy RSA ======
 +   yum install openvpn easy-rsa
 +
 +Nasledujici se bude odehravat v adresari ​
 +''/​usr/​share/​easy-rsa/​2.0''​
 +
 +<​code>​
 +[root@router-bck 2.0]# . ./vars
 +NOTE: If you run ./​clean-all,​ I will be doing a rm -rf on /​usr/​share/​easy-rsa/​2.0/​keys
 +[root@router-bck 2.0]# ./clean-all
 +[root@router-bck 2.0]# ./build-ca
 +</​code>​
 +
 +
 +Priklad konfigurace klienta '/​etc/​openvpn/​client.conf''​
 +<code bash>
 +client
 +dev tun
 +proto udp
 +
 +remote 192.168.5.38 1194
 +
 +; stoji za komentar
 +;​resolv-retry infinite
 +
 +nobind
 +
 +persist-key
 +persist-tun
 +
 +ca ca.crt
 +cert ten-vas.crt
 +key taky-ten-vas.key
 +
 +verb 3
 +</​code>​
 +Konfigurace serveru ''/​etc/​openvpn/​server.conf''​
 +<​code>​
 +port 1194
 +proto udp
 +dev tun0
 +
 +ca ca.crt
 +cert dalibor.crt
 +key dalibor.key
 +
 +dh dh2048.pem
 +server 10.88.88.0 255.255.255.0
 +# okomentovat ifconfig-pool-persist ipp.txt
 +
 +route 10.0.1.0 255.255.255.0
 +# Then create a file ccd/​Thelonious with this line:
 +
 +# okomentovat
 +#push "route 192.168.182.0 255.255.255.0"​
 +#push "​redirect-gateway"​
 +#push "​dhcp-option DNS 192.168.183.1"​
 +#push "​dhcp-option WINS 10.8.0.1"​
 +#​client-config-dir ccd
 +
 +
 +#​okomentovat client-to-client
 +keepalive 10 120
 +#tls-auth ta.key 0   # secret file
 +
 +#cipher BF-CBC ​        # Blowfish
 +#cipher AES-128-CBC ​  # AES
 +#cipher DES-EDE3-CBC ​ # Triple-DES
 +
 +# pozor na mikrotiky! :-D
 +#​comp-lzo ​  # compresion
 +;​max-clients 100
 +status openvpn-status.log
 +</​code>​
 +
 +====== Samba Server ======
 +Priklad jednoducheho konfiguracniho souboru ''/​etc/​samba/​smb.conf''​
 +<​code>​
 +[global]
 +
 +        workgroup = MYGROUP
 +        server string = Samba Server Version %v
 +
 +;       ​netbios name = MYSERVER
 +
 +        log file = /​var/​log/​samba/​log.%m
 +        max log size = 50
 +
 +        security = user
 +        passdb backend = tdbsam
 +
 +        # the login script name depends on the machine name
 +;       logon script = %m.bat
 +        # the login script name depends on the unix user used
 +;       logon script = %u.bat
 +;       logon path = \\%L\Profiles\%u
 +        # disables profiles support by specifing an empty path
 +;       logon path =
 +
 +[homes]
 +        comment = Home Directories
 +        browseable = no
 +        writable = yes
 +
 +[pub]
 +        path=/​srv/​samba-public
 +        writable = yes
 +        readonly = no
 +        browsable = yes
 +
 +</​code>​
 +
 +Pridejte uzivatele uziv
 +<​code>​
 +  adduser uziv
 +  pdbedit -a uziv
 +</​code>​
 +
 +Priklad vytvoreni slozky Kos (Trash)
 +<​code>​
 +  vfs object = recycle:​recycle
 +  recycle:​subdir_mode = 0777
 +  recycle:​repository = .recycle
 +  recycle:​keeptree = Yes
 +  recycle:​touch = Yes
 +  recycle:​versions = No
 +  recycle:​maxsize = 100000000 ; 100 metric million bytes
 +</​code>​
 +
 
linux/skoleni/firewall.1463060240.txt.gz · Last modified: 2016/05/12 15:37 by admin