[clug] LAN

Logan McLintock u4955237 at anu.edu.au
Tue Sep 24 13:02:28 CEST 2013 

Thanks for the quick reply
You are right, you can do static routing on my netgear - i did know this, so stupid. Not sure if I can static 9 routes though - but I will investigate
Also, good point, the LAN should be secured by the router firewall =)
I will investigate -)
Thank you

________________________________
From: miloska [miloska at gmail.com]
Sent: Tuesday, September 24, 2013 8:16 PM
To: Logan McLintock
Subject: Re: [clug] LAN

Please note that you sent this email only to me, not to the list.

My recommendation would be to set up the DHCP server to give static IPs for known mac addresses - this is what I have at home myself with my beloved raspberry pi. Most likely your rotuer has this option - it's a bit of a work to find all MAC addresses, but it also should be there somewhere in your router's configuration interface.

Also there is no direct connection between the static/dynamic IPs and the packetfilter configurations - I'd recommend do one thing at a time. As it's an internal network I wouldn't worry too much about the filtering anyway (as long as the main firewall is maintained correctly).

Cheers,
Miklos




On Tue, Sep 24, 2013 at 8:09 PM, Logan McLintock <u4955237 at anu.edu.au<mailto:u4955237 at anu.edu.au>> wrote:
Sorry for the delay,

ANU moved my email to Outlook Office 365 (micro$oft lol), so I was wondering where my email was getting to . . .
I will have to fix my email settings lol

My problem is, my current network is DHCP and I need static ip addresses to use MPI and other parallel computing. But when I change a computer to a static ip, after a while the internet doesn't work properly?

For linux:

sudo iptables -I INPUT 1 -i lo -j ACCEPT
sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 22 -s 192.168.0.0/16<http://192.168.0.0/16> -J ACCEPT *** I think this should work?
sudo iptables -A INPUT -j DROP

For BSD:

block in all
pass out all keep state

*** Not sure how to let in SSH using pf

pass in proto tcp to any port 22 keep state ??


That's basically it lol. I was kind of just wondering what you guys would do if you were me? My Mac has 3 by 1 TB WD Black HHD and a 120GB SSD, so should I use that storage to file share as I don't have a NAS?

What should I do to make the network gangster? Thanks -)

Regards,
Logan

________________________________
From: miloska [miloska at gmail.com<mailto:miloska at gmail.com>]
Sent: Sunday, September 22, 2013 5:32 PM
To: Logan McLintock
Cc: linux at lists.samba.org<mailto:linux at lists.samba.org>
Subject: Re: [clug] LAN

Hi Logan,

what is the problem with the current setup and/or what do you want to improve?

The current setup looks good for me for a small general purpose network.

Cheers,


On Sun, Sep 22, 2013 at 5:24 PM, Logan Ryan McLintock <u4955237 at anu.edu.au<mailto:u4955237 at anu.edu.au>> wrote:
Oh I forgot to mention (this may or may not be important) but one of the computers (Mac Pro) has a lot more power and memory than the other computers, and it is the only one with double ether.


On 22/09/2013, at 5:19 PM, Logan Ryan McLintock <u4955237 at anu.edu.au<mailto:u4955237 at anu.edu.au>> wrote:

> Hi All,
>
> I was wondering if some could give me some suggestions on my home network.
>
> I have a;
>
> * N600 Wireless Dual Band Gigabit ADSL2+ Modem Router DGND3700v2
>
> * and 9 computers (4 are R Pis lol), all running a Debian or Ubuntu based distro, except for two running Mountain Lion (I would like to get rid of Mountain Lion for GNU/Linux, but I am not sure if the drivers, fans, temperature, efi etc will be ok).
>
> I am thinking that static ip addresses for the computers would be best as my aim is to;
>
> * Use ssh to perform parallel mathematical simulations (like mpi)
>
> However, I want the ssh to only work inside the LAN with a safe key as security is important (no WAN access).
>
> My network looks like:
>
> Router ---> 8 port switch -------> computer 1
>                          |-------> computer 2
>                        |-------> computer 3
>                          |-------> computer 4
>                          |-------> computer 5
>                          |-------> 5 Port Switch ---------> R Pi 1
>                                                 |---------> R Pi 2
>                                                 |---------> R Pi 3
>                                                 |---------> R Pi 4
>
> Any suggestions would be greatly appreciated as I am really not sure the best way to do this.
>
> I have some knowledge of GNU/Linux iptables and freeBSD pf firewall rulesets.
> I was thinking of making my own router using a computer with two ether connections, and putting it in-between my NETGEAR router and my LAN, but this seems complex for a noob like me.
>
> Cheers fellow genii -) cyclops
> Logan

--
linux mailing list
linux at lists.samba.org<mailto:linux at lists.samba.org>
https://lists.samba.org/mailman/listinfo/linux

More information about the linux mailing list