Namings changes

linux/configs/l-NETWORK/dhcpd.conf

@@ -0,0 +1,31 @@
+# /etc/dhcp/dhcpd.conf file
+# L-RTR-A
+default-lease-time 600;
+max-lease-time 7200;
+
+ddns-update-style interim;
+update-static-leases on;
+zone skill39.wsr. {  
+	primary 172.16.20.10;
+}
+zone 16.172.in-addr.arpa. {  
+	primary 172.16.20.10;
+}
+authoritative;
+
+option domain-name "skill39.wsr";
+option domain-name-servers 172.16.20.10, 192.168.20.10;
+
+subnet 172.16.50.0 netmask 255.255.255.252 {}
+subnet 172.16.100.0 netmask 255.255.255.0 { 
+	range 172.16.100.65 172.16.100.75; 
+	option routers 172.16.100.1;
+}
+subnet 172.16.200.0 netmask 255.255.255.0 { 
+	range 172.16.200.65 172.16.200.75; 
+	option routers 172.16.200.1;
+}
+host lclib { 
+	hardware ethernet 00:0C:29:1D:2C:06;  
+	fixed-address 172.16.200.61;
+}

linux/configs/l-NETWORK/l-fw.sh

@@ -0,0 +1,71 @@
+HS="/etc/hostname"
+rm $HS; touch $HS
+echo "L-FW" >> $HS
+H="/etc/hosts"; rm $H; touch $H
+echo -e "# ${H} file.\n# Configured by Maxim\n\n" >> $H
+echo -e "# Default values\n127.0.0.1\tlocalhost\n::1\tip6-localhots ip6-loopback\nff02::1\tip6-allnodes\nff02::2\tip6-allrouters\n" >> $H
+echo -e "# Work values\n172.16.20.10\tl-srv l-srv.skill39.wsr\n10.10.10.1\tl-fw l-fw.skill39.wsr\n172.16.50.2\tl-rtr-a l-rtr-a.skill39.wsr\n172.16.55.2\tl-rtr-b l-rtr-b.skill39.wsr\n172.16.200.61\tl-cli-b l-cli-b.skill39.wsr\n20.20.20.5\tout-cli out-cli.skill39.wsr\n20.20.20.100\tr-fw r-fw.skill39.wsr\n192.168.20.10\tr-srv r-srv.skill39.wsr\n192.168.10.2\tr-rtr r-rtr.skill39.wsr\n192.168.100.100\tr-cli r-cli.skill39.wsr">> $H 
+echo -e "10.10.10.10\tisp" >> $H
+echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
+iptables -F
+iptables -t nat -F
+apt-cdrom add
+
+apt install frr iptables-persistent tcpdump ssh nfs-common network-manager curl lynx net-tools vim bind9utils cifs-utils -y
+
+sed -ie "s/^hosts:\t*/hosts:\t\tdns files [NOTFOUND=return] # old:/" /etc/nsswitch.conf
+SSHC="/etc/ssh/sshd_config"
+cp $SSHC $SSHC.old
+sed -ie 's/#PermitRoot.*/PermitRootLogin yes/' $SSHC
+echo "AllowUsers ssh_p root ssh_c" >> $SSHC
+iptables -t nat -A POSTROUTING -o ens256 -j MASQUERADE
+iptables -t nat -A PREROUTING -i ens256 -p udp --dport 53 -j DNAT --to-destination 172.16.20.10
+
+nmcli con del id ens192
+nmcli con del id ens224
+nmcli con del id ens256
+nmcli con del id ens160
+nmcli con del id gre1
+
+nmcli con add con-name ens192 ifname ens192 autoconnect yes type ethernet ip4 "172.16.50.1/30"
+nmcli con mod ens192 +ipv4.dns 172.16.20.10 +ipv4.dns 192.168.20.10 +ipv4.dns-search "skill39.wsr"
+nmcli con add con-name ens224 ifname ens224 autoconnect yes type ethernet ip4 "172.16.55.1/30"
+nmcli con mod ens224 +ipv4.dns 172.16.20.10 +ipv4.dns 192.168.20.10 +ipv4.dns-search "skill39.wsr"
+nmcli con add con-name ens256 ifname ens256 autoconnect yes type ethernet ip4 "172.16.20.1/24"
+nmcli con mod ens256 +ipv4.dns 172.16.20.10 +ipv4.dns 192.168.20.10 +ipv4.dns-search "skill39.wsr"
+nmcli con add con-name ens160 ifname ens160 autoconnect yes type ethernet ip4 "10.10.10.1/24" gw4 10.10.10.10
+nmcli con mod ens160 +ipv4.dns 172.16.20.10 +ipv4.dns 192.168.20.10 +ipv4.dns-search "skill39.wsr"
+nmcli con add type ip-tunnel ip-tunnel.mode gre con-name gre1 ifname gre1 autoconnect yes remote 20.20.20.100 local 10.10.10.1
+nmcli con mod gre1 ipv4.method manual ip-tunnel.ttl 64 +ipv4.addresses "10.5.5.1/30" 
+
+nmcli con up ens192 ifname ens192
+nmcli con up ens224 ifname ens224
+nmcli con up ens256 ifname ens256
+nmcli con up ens160 ifname ens160
+nmcli con up gre1 ifname gre1
+
+systemctl stop frr; systemctl disable frr;
+sed -ie 's/ospfd=no/ospfd=yes/' /etc/frr/daemons; 
+sed -ie 's/zebra=no/zebra=yes/' /etc/frr/daemons; 
+systemctl start frr; systemctl enable frr;
+
+vtysh
+conf t
+	ip forw
+	router ospf    
+		network 172.16.20.0/24 area 0    
+		network 172.16.50.0/30 area 0    
+		network 172.16.55.0/30 area 0    
+		network 10.5.5.0/30 area 0    
+		network 5.5.5.0/27 area 0    
+		passive-interface ens160
+		passive-interface ens256
+		exit
+	exit
+write
+exit
+useradd ssh_p -p p_hss
+useradd ssh_c -p c_hss
+systemctl disable chronyd ; systemctl stop chronyd
+shutdown -r 0
+

linux/configs/l-NETWORK/l-rtr-a.sh

@@ -0,0 +1,53 @@
+HS="/etc/hostname"
+rm $HS; touch $HS
+echo "L-RTR-A" >> $HS
+H="/etc/hosts"; rm $H; touch $H
+echo -e "# ${H} file.\n# Configured by Maxim\n\n" >> $H
+echo -e "# Default values\n127.0.0.1\tlocalhost\n::1\tip6-localhots ip6-loopback\nff02::1\tip6-allnodes\nff02::2\tip6-allrouters\n" >> $H
+echo -e "# Work values\n172.16.20.10\tl-srv l-srv.skill39.wsr\n10.10.10.1\tl-fw l-fw.skill39.wsr\n172.16.50.2\tl-rtr-a l-rtr-a.skill39.wsr\n172.16.55.2\tl-rtr-b l-rtr-b.skill39.wsr\n172.16.200.61\tl-cli-b l-cli-b.skill39.wsr\n20.20.20.5\tout-cli out-cli.skill39.wsr\n20.20.20.100\tr-fw r-fw.skill39.wsr\n192.168.20.10\tr-srv r-srv.skill39.wsr\n192.168.10.2\tr-rtr r-rtr.skill39.wsr\n192.168.100.100\tr-cli r-cli.skill39.wsr">> $H 
+echo -e "10.10.10.10\tisp" >> $H
+echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
+iptables -F 
+apt-cdrom add
+
+apt install frr tcpdump ssh nfs-common network-manager curl lynx net-tools vim bind9utils cifs-utils -y
+
+sed -ie "s/^hosts:\t*/hosts:\t\tdns files [NOTFOUND=return] # old:/" /etc/nsswitch.conf
+SSHC="/etc/ssh/sshd_config"
+cp $SSHC $SSHC.old
+sed -ie 's/#PermitRoot.*/PermitRootLogin yes/' $SSHC
+
+nmcli con add con-name ens192 ifname ens192 autoconnect yes type ethernet ip4 172.16.50.2/30 gw4 172.16.50.1
+nmcli con mod ens192 +ipv4.dns 172.16.20.10 +ipv4.dns 192.168.20.10 +ipv4.dns-search "skill39.wsr"
+nmcli con up ens192 ifname ens192
+nmcli con add con-name ens224 ifname ens224 autoconnect yes type ethernet ip4 172.16.100.1/24 
+nmcli con mod ens224 +ipv4.dns 172.16.20.10 +ipv4.dns 192.168.20.10 +ipv4.dns-search "skill39.wsr"
+nmcli con up ens224 ifname ens224
+
+systemctl stop frr; systemctl disable frr;
+sed -ie 's/ospfd=no/ospfd=yes/' /etc/frr/daemons; 
+sed -ie 's/zebra=no/zebra=yes/' /etc/frr/daemons; 
+systemctl start frr; systemctl enable frr;
+
+vtysh
+conf t
+	router ospf
+		network 172.16.50.0/30 area 0
+		network 172.16.100.0/24 area 0
+		passive-interface esn224
+		exit
+	exit
+write
+exit
+
+apt install isc-dhcp-server -y
+
+sed -ie "s/INTERFACESv4=\"\"/INTERFACESv4=\"ens192 ens224\"/" /etc/default/isc-dhcp-server
+DHC="/etc/dhcp/dhcpd.conf"
+rm $DHC; touch $DHC
+echo -e "# /etc/dhcp/dhcpd.conf file\n# L-RTR-A\ndefault-lease-time 600;\nmax-lease-time 7200;\n\nddns-update-style interim;\nupdate-static-leases on;\nzone skill39.wsr. { primary 172.16.20.10; }\nzone 16.172.in-addr.arpa. { primary 172.16.20.10; }\nauthoritative;\n\noption domain-name \"skill39.wsr\";\noption domain-name-servers 172.16.20.10, 192.168.20.10;\n\nsubnet 172.16.50.0 netmask 255.255.255.252 {}\nsubnet 172.16.100.0 netmask 255.255.255.0 {\n\trange 172.16.100.65 172.16.100.75;\n\toption routers 172.16.100.1;\n}\nsubnet 172.16.200.0 netmask 255.255.255.0 {\n\trange 172.16.200.65 172.16.200.75;\n\toption routers 172.16.200.1;\n}\nhost lclib {\n\thardware ethernet 00:0C:29:1D:2C:06;\n\tfixed-address 172.16.200.61;\n}\n" >> $DHC
+systemctl start isc-dhcp-server && systemctl enable isc-dhcp-server
+
+systemctl disable chronyd ; systemctl stop chronyd
+shutdown -r 0
+

linux/configs/l-NETWORK/l-rtr-b.sh

@@ -0,0 +1,51 @@
+HS="/etc/hostname"
+rm $HS; touch $HS
+echo "L-RTR-B" >> $HS
+H="/etc/hosts"; rm $H; touch $H
+echo -e "# ${H} file.\n# Configured by Maxim\n\n" >> $H
+echo -e "# Default values\n127.0.0.1\tlocalhost\n::1\tip6-localhots ip6-loopback\nff02::1\tip6-allnodes\nff02::2\tip6-allrouters\n" >> $H
+echo -e "# Work values\n172.16.20.10\tl-srv l-srv.skill39.wsr\n10.10.10.1\tl-fw l-fw.skill39.wsr\n172.16.50.2\tl-rtr-a l-rtr-a.skill39.wsr\n172.16.55.2\tl-rtr-b l-rtr-b.skill39.wsr\n172.16.200.61\tl-cli-b l-cli-b.skill39.wsr\n20.20.20.5\tout-cli out-cli.skill39.wsr\n20.20.20.100\tr-fw r-fw.skill39.wsr\n192.168.20.10\tr-srv r-srv.skill39.wsr\n192.168.10.2\tr-rtr r-rtr.skill39.wsr\n192.168.100.100\tr-cli r-cli.skill39.wsr">> $H 
+echo -e "10.10.10.10\tisp" >> $H
+echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
+iptables -F 
+apt-cdrom add
+
+apt install frr tcpdump ssh nfs-common network-manager curl lynx net-tools vim bind9utils cifs-utils -y
+
+sed -ie "s/^hosts:\t*/hosts:\t\tdns files [NOTFOUND=return] # old:/" /etc/nsswitch.conf
+SSHC="/etc/ssh/sshd_config"
+cp $SSHC $SSHC.old
+sed -ie 's/#PermitRoot.*/PermitRootLogin yes/' $SSHC
+
+systemctl start NetworkManager
+nmcli con add con-name ens192 ifname ens192 autoconnect yes type ethernet ip4 172.16.55.2/30 gw4 172.16.55.1
+nmcli con mod ens192 +ipv4.dns 172.16.20.10 +ipv4.dns 192.168.20.10 +ipv4.dns-search "skill39.wsr"
+nmcli con up ens192 ifname ens192
+nmcli con add con-name ens224 ifname ens224 autoconnect yes type ethernet ip4 172.16.200.1/24 
+nmcli con mod ens224 +ipv4.dns 172.16.20.10 +ipv4.dns 192.168.20.10 +ipv4.dns-search "skill39.wsr"
+nmcli con up ens224 ifname ens224
+
+systemctl stop frr; systemctl disable frr;
+sed -ie 's/ospfd=no/ospfd=yes/' /etc/frr/daemons; 
+sed -ie 's/zebra=no/zebra=yes/' /etc/frr/daemons; 
+systemctl start frr; systemctl enable frr;
+
+vtysh
+conf t
+	router ospf    
+		network 172.16.55.0/30 area 0    
+		network 172.16.200.0/24 area 0
+		passive-interface ens224
+		exit
+	exit
+write
+exit
+
+apt install isc-dhcp-relay -y
+
+# 172.16.50.2
+# ens192 ens224
+
+systemctl disable chronyd ; systemctl stop chronyd
+shutdown -r 0
+

linux/configs/l-NETWORK/l-srv.sh

@@ -0,0 +1,55 @@
+HS="/etc/hostname"
+rm $HS; touch $HS
+echo "L-SRV" >> $HS
+H="/etc/hosts"; rm $H; touch $H
+echo -e "# ${H} file.\n# Configured by Maxim\n\n" >> $H
+echo -e "# Default values\n127.0.0.1\tlocalhost\n::1\tip6-localhots ip6-loopback\nff02::1\tip6-allnodes\nff02::2\tip6-allrouters\n" >> $H
+echo -e "# Work values\n172.16.20.10\tl-srv l-srv.skill39.wsr\n10.10.10.1\tl-fw l-fw.skill39.wsr\n172.16.50.2\tl-rtr-a l-rtr-a.skill39.wsr\n172.16.55.2\tl-rtr-b l-rtr-b.skill39.wsr\n172.16.200.61\tl-cli-b l-cli-b.skill39.wsr\n20.20.20.5\tout-cli out-cli.skill39.wsr\n20.20.20.100\tr-fw r-fw.skill39.wsr\n192.168.20.10\tr-srv r-srv.skill39.wsr\n192.168.10.2\tr-rtr r-rtr.skill39.wsr\n192.168.100.100\tr-cli r-cli.skill39.wsr">> $H 
+echo -e "10.10.10.10\tisp" >> $H
+echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
+iptables -F 
+apt-cdrom add
+
+apt-get install tcpdump bind9 ssh nfs-common network-manager curl lynx net-tools vim bind9utils cifs-utils dnsutils -y
+
+apt install git zsh curl -y
+sh -c "$(curl -fsSL https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"
+
+sed -ie "s/^hosts:\t*/hosts:\t\tdns files [NOTFOUND=return] # old:/" /etc/nsswitch.conf
+SSHC="/etc/ssh/sshd_config"
+cp $SSHC $SSHC.old
+sed -ie 's/#PermitRoot.*/PermitRootLogin yes/' $SSHC
+
+nmcli con del id ens192
+nmcli con add con-name ens192 ifname ens192 autoconnect yes type ethernet ip4 "172.16.20.10/24" gw4 172.16.20.1
+nmcli con mod ens192 +ipv4.dns 172.16.20.10 +ipv4.dns 192.168.20.10 +ipv4.dns-search "skill39.wsr"
+nmcli con up ens192 ifname ens192
+
+NMCO="/etc/bind/named.conf.options"
+rm $NMCO; touch $NMCO; chown -R bind:bind $NMCO
+echo -e "// /etc/bind/named.conf.options file\noptions {\n\tdirectory \"/var/cache/bind\";\n\tforwarders { 10.10.10.10; };\n\tdnssec-validation no;\n\tlisten-on-v6 { none; };\n\trecursion yes;\n};"  >> $NMCO
+
+mkdir /opt/dns
+cp /etc/bind/db.local /opt/dns/skill39.db
+cp /etc/bind/db.127 /opt/dns/db.172
+cp /etc/bind/db.127 /opt/dns/db.192
+chown -R bind:bind /opt/dns
+sed -ie "s/^}$/\n\n  # skill39 zones\n  \/opt\/dns\/** rw,\n}/" /etc/apparmor.d/usr.sbin.named
+
+echo -e "
+zone \"skill39.wsr\" {\n\ttype master;\n\tallow-transfer { any; };\n\tallow-update { 172.16.50.2; };\n\tfile \"/opt/dns/skill39.db\";\n};
+zone \"16.172.in-addr.arpa\" { \n\ttype master; \n\tallow-transfer { any; };\n\tallow-update { 172.16.50.2; };\n\tfile \"/opt/dns/db.172\";};
+zone \"168.192.in-addr.arpa\" {\n\ttype master; \n\tallow-transfer { any; }; \n\tfile \"/opt/dns/db.192\";\n};" >> /etc/bind/named.conf.default-zones
+
+nano /opt/dns/skill39.db
+# ( -opt-dns )
+
+nano /opt/dns/db.172
+# ( -opt-dns )
+
+nano /opt/dns/db.192
+# ( -opt-dns )
+
+systemctl disable chronyd ; systemctl stop chronyd
+shutdown -r 0
+