Die Firewall

Setzen und anpassen des Hostnamen

• LAB=lab34
• hostnamectl set-hostname $LAB.linuggs.de
• hostnamectl

 Static hostname: lab34.linuggs.de
       Icon name: computer-vm
         Chassis: vm 🖴
      Machine ID: a736abd11f52406db0e02d7a3877059b
         Boot ID: 089a7ce53e6a429797007e7e4acba90b
  Virtualization: oracle
Operating System: Debian GNU/Linux 12 (bookworm)  
          Kernel: Linux 6.1.0-25-amd64
    Architecture: x86-64
 Hardware Vendor: innotek GmbH
  Hardware Model: VirtualBox
Firmware Version: VirtualBox

• cat /etc/hosts

127.0.0.1	localhost
127.0.1.1	firewall.lab34.int	firewall

Installation des vlan Paketes

• apt install vlan

Anpassen der Netzwerk Konfiguration

• cat /etc/network/interfaces

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# WAN
auto enp0s3
iface enp0s3 inet static
 address 172.30.34.14
 gateway 172.30.34.254

iface enp0s3 inet6 static
 address 2a02:24d8:71:3040::3034/64
 gateway 2a02:24d8:71:3040::1


#MGMT
auto enp0s9
iface enp0s9 inet6 static
 address 2a02:24d8:71:3034::1/64

iface enp0s9 inet static
 address 172.26.52.1/24

#CLIENTS
auto enp0s9.21
iface enp0s9.21 inet6 static
 address 2a02:24d8:71:3035::1/64
 vlan-raw-device enp0s9

iface enp0s9.21 inet static
 address 172.26.53.1/24 
 vlan-raw-device enp0s9

#SERVER
auto enp0s9.22
iface enp0s9.22 inet6 static
 address 2a02:24d8:71:3036::1/64
 vlan-raw-device enp0s9

iface enp0s9.22 inet static
 address 172.26.54.1/24
 vlan-raw-device enp0s9

#DMZ
auto enp0s8
iface enp0s8 inet6 static
 address 2a02:24d8:71:3037::1/64

iface enp0s8 inet static
 address 172.26.55.0/24

Forwarding anschalten

• echo net.ipv4.ip_forward=1 >> /etc/sysctl.conf
• echo net.ipv6.conf.all.forwarding=1 >> /etc/sysctl.conf

Reboot

• reboot