NF/ Observatory Networking with Linux
The WNMU Node is NFO's connection to the Internet. The eth0 interface is an NE2000 card connected to Western New Mexico University's system. The eth1 interface is the Wavelan card that talks to both the Pinos Altos Node and to the David's Basement Node. Wavelan works very well over the one mile path to David's Basement. The WNMU Node is unique in that it must act as the proxy server for the computers not directly connected to WNMU's system. Check the arp settings in the following rc.local file:
#! /bin/sh echo "setting ttyS2 to irq 5" /bin/setserial /dev/ttyS2 irq 5 echo "sending commands to TNC" sleep 1 /bin/stty 9600 clocal < /dev/cua2 /bin/echo -ne "\300\001\025\300" > /dev/cua2 /bin/echo -ne "\300\002\377\300" > /dev/cua2 /bin/echo -ne "\300\003\004\300" > /dev/cua2 /bin/echo -ne "\300\004\004\300" %gt; /dev/cua2 /bin/echo "Commands to TNC done..." #echo "setting /dev/ttyS3 to irq 11" #/bin/setserial /dev/ttyS3 irq 11 /sbin/ifconfig eth0 188.8.131.52 /sbin/ifconfig eth1 184.108.40.206 echo "Starting WWW Server" /etc/httpd echo "Attaching AX25 link to Radio Port" /sbin/axattach -s 9600 /dev/ttyS2 KC5ZG-1 sleep 1 /sbin/ifconfig sl0 220.127.116.11 /sbin/ifconfig sl0 mtu 512 /sbin/route -n add 18.104.22.168 eth1 /sbin/route -n add 22.214.171.124\ gw 126.96.36.199 eth1 /sbin/route -n add 188.8.131.52\ gw 184.108.40.206 eth1 /sbin/route -n add 220.127.116.11\ gw 18.104.22.168 eth1 /sbin/route -n add 22.214.171.124\ gw 126.96.36.199 eth1 /sbin/route -n add 188.8.131.52 eth0 /sbin/route -n add default gw 184.108.40.206 eth0 /sbin/route -n add 220.127.116.11 eth0 /sbin/route -n add 18.104.22.168 sl0 /sbin/route -n add 22.214.171.124 sl0 /sbin/route -n add 126.96.36.199 gw 188.8.131.52\ sl0 /sbin/route -n add 184.108.40.206 gw 220.127.116.11\ sl0 /sbin/route -n add 18.104.22.168 gw 22.214.171.124\ sl0 /sbin/route -n add 126.96.36.199 eth1 /sbin/route -n add 188.8.131.52 gw 184.108.40.206\ sl0 /sbin/route -n add 220.127.116.11\ gw 18.104.22.168 eth1 /sbin/route -n add 22.214.171.124 eth1 /sbin/route -n add 126.96.36.199 gw 188.8.131.52\ sl0 /sbin/route -n add 184.108.40.206 gw 220.127.116.11\ sl0 /sbin/route -n add 18.104.22.168 gw 22.214.171.124 sl0 echo "Clearing stale file locks" rm /etc/mtab~ rm /nos/spool/mail/*.lck rm /nos/spool/mqueue/*.lck rm /nos/spool/*.lck echo "Publishing wnmu arp entries" /sbin/arp -s 126.96.36.199 00:c0:df:46:b1:b6 pub /sbin/arp -s 188.8.131.52 00:c0:df:46:b1:b6 pub /sbin/arp -s 184.108.40.206 00:c0:df:46:b1:b6 pub
The ham radio equipment for this node is similar to that used at the NF/ Ranch Node with the exception the the transceiver which is a TEKK data radio. In its spare time www.wnmu.edu also acts as the web server for the University and NFO.
This node is located in the basement of a Victorian mansion in downtown Silver City. It is the mail server for the observatory and connects the Wavlan part of the network to a coaxial cable Ethernet that is the LAN for the computers we use for teaching an advanced astronomy class. These computers are located near the astro mansion. The data reduction computer is also on the Ethernet LAN and is in a house around the corner from the astro mansion. rc.local looks like this:
#! /bin/sh /sbin/ifconfig eth1 220.127.116.11 echo "Adding routes" #/sbin/route -n add 18.104.22.168 sl0 #/sbin/route -n add 22.214.171.124 gw 126.96.36.199 sl0 /sbin/route -n add 188.8.131.52 eth1 /sbin/route -n add default gw 184.108.40.206 eth1 /sbin/route -n add 220.127.116.11 eth0 /sbin/route -n add 18.104.22.168 eth0 /sbin/route -n add 22.214.171.124 eth0 /sbin/arp -s 126.96.36.199 00:40:95:26:76:fb /sbin/arp -s 188.8.131.52 00:40:95:26:77:ab echo "Publishing wnmu arp entries" /sbin/arp -s 184.108.40.206 00:40:95:14:ea:41 pub /sbin/arp -s 220.127.116.11 00:40:95:14:ea:41 pub /sbin/arp -s 18.104.22.168 00:40:95:14:ea:41 pub /sbin/arp -s 22.214.171.124 00:40:95:14:ea:41 pub /sbin/arp -s 126.96.36.199 00:40:95:14:ea:41 pub /sbin/arp -s 188.8.131.52 00:40:95:14:ea:41 pub /sbin/arp -s 184.108.40.206 00:40:95:14:ea:41 pub /sbin/arp -s 220.127.116.11 00:40:95:14:ea:41 pub /sbin/arp -s 18.104.22.168 00:40:95:14:ea:41 pub /sbin/arp -s 22.214.171.124 00:40:95:14:ea:41 pub /sbin/arp -s 126.96.36.199 00:40:95:14:ea:41 pub /sbin/route add 188.8.131.52 gw 184.108.40.206\ eth1 /sbin/route add 220.127.116.11 gw 18.104.22.168\ eth1
I Hope I've provided enough detail in this article to help others set up their own wide area network. Some of the ham radio information will be useful only to licensed amateur radio operators, but the Spread Spectrum devices are available to everyone.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- BitTorrent Inc.'s Sync
- The Death of RoboVM
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Humble Hacker?
- New Container Image Standard Promises More Portable Apps
- The US Government and Open-Source Software
- Open-Source Project Secretly Funded by CIA
- Canonical and BQ's Aquaris M10 Ubuntu Edition Tablet
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide