Wednesday, March 17, 2010

Find a MAC Address of a Computer by IP

To find the MAC address of a computer on your local network you can type the following in a command prompt:

ping 10.1.1.5

Ping the computer that you want to get the address for

arp –a

This command will display all of the ARP table entries on your computer.  Look for the the address that matches the IP you pinged.

Thursday, March 11, 2010

Make your computer a router

Overview:

This guide will step you through the process of turning your Linux machine into a router.  These instructions are designed to work with Debian and should work on Ubuntu Server and Desktop.  No GUI is required only the base system needs to be installed.  As always the latest repositories should be used when possible.  The instructions use vi, you may substitute vi for vim, nano, or even gedit if you’d like

Requirements:

Debian or Ubuntu 9.10 (earlier versions may also work)
Two network adapters

Part 1: Setting up the DHCP Server

First, you need to pick the IP addresses to use on your internal network.  Most people will choose either 192.168.1.x or 10.1.1.x; both will work.  For this I will be using 10.1.1.0/24. 

Edit the interfaces file to set the IP addresses of the adapters.  You can do this by typing:

sudo vi /etc/network/interfaces

Add the static IP settings for the internal network adapter.  In this example device eth0 is the external adapter (it will be receiving its internet connect via DHCP from your ISP or elsewhere) and eth1 which will be the adapter connecting to the internal network. Some configurations may require additional settings, what’s most import here is that eth1 is static and its address and netmask are defined.

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
allow-hotplug eth0
iface eth0 inet dhcp

# The secondary/internal network interface
auto eth1
iface eth1 inet static
address 10.1.1.1
netmask 255.255.255.0

The next step is to install the dhcp daemon and configure it:

sudo apt-get install dhcp3-server

Once the server is installed it will try to start which usually fails.  This is normal.  The dhcp server needs to be configured so it will run properly.  So edit it by typing the following:

sudo vi /etc/dhcp3/dhcpd.conf

The file will already contain basic config but a few lines need to be changed.  Change the lines starting with “option domain-name” to match that of the configuration of your network.  In this example the domain name is router.local, and the DNS server is the server being setup (see part 2 for DNS config)

option domain-name "router.local";
option domain-name-servers 10.1.1.1;

Define the subnet and range of IP addresses the server will issue:

subnet 10.1.1.0 netmask 255.255.255.0 {
  range 10.1.1.100 10.1.1.200;
  option broadcast-address 10.1.1.255;
  option routers 10.1.1.1;
}

Additionally, if you want certain clients to always receive the same IP (static DHCP) you can add this to the config file.  Simply give it a host name, specify the client’s MAC address, and give it the IP.  The hostname does not have to match the computer’s hostname but it helps to keep them consistent.  To avoid problems you should specify an address outside of the range mentioned above.

host laptop     {
  hardware ethernet 00:0c:0f:82:e2:00;
  fixed-address 10.1.1.5;
  server-name "laptop";
}

To test your configuration reboot the server and client your clients.  The client machines should obtain IP addresses based on your configuration.  If it does not work check the syslog (/var/log/syslog) for help.

Part 2: Setting up the DNS server

To install the package type:

sudo apt-get install bind9

Once the daemon is installed a few files need to be created/edited.  First, edit /etc/bind/named.conf.local:

sudo vi /etc/bind/named.conf.local

A zone needs to be added for our new network, so add the lines to do so like below.  The zone name must match the domain-name specified that was specified in /etc/dhcp3/dhcpd.conf.  The file mentioned will to be created.  It doesn’t really matter where it is at so long as the service has access to it. 

zone "router.local" {
   type master;
   file "/etc/bind/zones/router.local.db";
};

With the new zone created, the zone configuration file must also be created.  Edit the zone file referenced in named.conf.local and add the appropriate lines below.  Watching the syntax carefully will save you plenty of time. 

$TTL 24H ;This specifies the amount of time(1W,1D,1H..)
router.local. IN SOA ns.router.local. root.router.local. (
   20103010 ;this line is the version number, client check for updates using this line
   28800
   3600
   604800
   38400
)

; Nameservers
@                      IN        NS        10.1.1.1
router.local.      IN        NS        10.1.1.1
ns                     IN        CNAME    10.1.1.1
www                 IN        CNAME    10.1.1.1

; Hosts
; static host names can also be defined here.
laptop.gateman.local.        IN        A        10.1.1.5

Now the configuration is complete, restart the DNS server and test to make sure it is working properly.  Again, if it does not work check /var/log/syslog for clues.

Restart DNS:

/etc/init.d/bind9 restart

Test client:

nslookup www.google.com

If everything worked you should see a response like this:

Server:        10.1.1.1
Address:      10.1.1.1#53

Non-authoritative answer:
www.google.com  canonical name = www.l.google.com.
Name:   www.l.google.com
Address: 74.125.19.103
Name:   www.l.google.com
Address: 74.125.19.105

If you only want your DNS server to be used by the internal network you can restrict who can query by adding the following lines to the file /etc/bind9/named.conf.options within the curly brackets for options.

options {
    #(other lines here)
        version none;
        allow-query { 10.1.1.0/24; };
        allow-transfer { none; };
};

There is a great resource for advanced configuration and troubleshooting here:
http://wiki.kartbuilding.net/index.php/DNS_-_Bind9

Part 3: IP Masquerading

Make sure iptables is installed:

sudo apt-get install iptables

Most Linux kernels above 2.4 support ip forwarding so module installation is not needed.  The IP forwarding does need to be enabled though. Edit the file /etc/sysctl.conf and look for the line below and uncomment it.

net.ipv4.ip_forward=1

Now the system is ready for rules.  Each rule can be added by type iptables with the proper switches.  In this example to complete the router setup type the following:

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

For help creating more IP table entries see the man pages or see any of the links below:

http://www.howtoforge.com/linux_iptables_sarge
http://wiki.kartbuilding.net/index.php/Iptables_Firewall
http://www.aboutdebian.com/firewall.htm

The ip tables need to be saved in order to be persistent.  Save the tables by running the command:

sudo iptables-save > /etc/iptables.rules

Now that the tables have been saved to a file it can be setup to load automatically.  To do this add the following line to your /etc/network/interface file:

up iptables-restore < /etc/iptables.rules

Once all this has been completed, restart the computer and test your connection.  If it doesn’t work right away, don’t worry, check the logs in /var/log and debug on client by doing ping, nslookup, and tracert.