Die Firewall Linux in heterogenen Netzen Grundkonfiguration
Version vom 3. Oktober 2024, 13:01 Uhr von Thomas.will (Diskussion | Beiträge) (→Anpassen der Netzwerk Konfiguration)
Die Firewall
Setzen und anpassen des Hostnamen
- LAB=lab34
- hostnamectl set-hostname $LAB.linuggs.de
- hostnamectl
Static hostname: lab34.linuggs.de
Icon name: computer-vm
Chassis: vm 🖴
Machine ID: a736abd11f52406db0e02d7a3877059b
Boot ID: 089a7ce53e6a429797007e7e4acba90b
Virtualization: oracle
Operating System: Debian GNU/Linux 12 (bookworm)
Kernel: Linux 6.1.0-25-amd64
Architecture: x86-64
Hardware Vendor: innotek GmbH
Hardware Model: VirtualBox
Firmware Version: VirtualBox
- cat /etc/hosts
127.0.0.1 localhost 127.0.1.1 firewall.lab34.int firewall
Installation des vlan Paketes
- apt install vlan
Anpassen der Netzwerk Konfiguration
- cat /etc/network/interfaces
source /etc/network/interfaces.d/* # The loopback network interface auto lo iface lo inet loopback # WAN auto enp0s3 iface enp0s3 inet static address 172.30.34.14 gateway 172.30.34.254 iface enp0s3 inet6 static address 2a02:24d8:71:3040::3034/64 gateway 2a02:24d8:71:3040::1 #MGMT auto enp0s9 iface enp0s9 inet6 static address 2a02:24d8:71:3034::1/64 iface enp0s9 inet static address 172.26.52.1/24 #CLIENTS auto enp0s9.21 iface enp0s9.21 inet6 static address 2a02:24d8:71:3035::1/64 vlan-raw-device enp0s9 iface enp0s9.21 inet static address 172.26.53.1/24 vlan-raw-device enp0s9 #SERVER auto enp0s9.22 iface enp0s9.22 inet6 static address 2a02:24d8:71:3036::1/64 vlan-raw-device enp0s9 iface enp0s9.22 inet static address 172.26.54.1/24 vlan-raw-device enp0s9 #DMZ auto enp0s8 iface enp0s8 inet6 static address 2a02:24d8:71:3037::1/64 iface enp0s8 inet static address 172.26.55.0/24
Forwarding anschalten
- echo net.ipv4.ip_forward=1 >> /etc/sysctl.conf
- echo net.ipv6.conf.all.forwarding=1 >> /etc/sysctl.conf
Reboot
- reboot