Pactrip
Da CircolabWiki.
Pactrip
E' il firewall del circolab.
instrada tutto quello che gli arriva dal Cialtrouter a seconda dei casi verso macchine interne (vedi ConfigurazioneRete)
c'è una Debian 4.0 installata
tutta la configurazione del firewall è in un solo file caricato all'avvio /etc/init.d/secircolab
in /etc/crontab e' configurato il reload ogni 2 min delle regole firewall:
/2 * root /etc/init.d/secircolab_old
Per cui questo e' il file VERO del firewall
Le regole di controllo del traffico sono invece in /etc/init.d/traffic_control (vedi ConfigurazioneRete)
Fa funzione di DHCP sulla sottorete 10.0.1.0/24 con:
- Assegnazione statica dal 101 al 108
- Assegnazione dinamica dal 120 al 200
Su Pactrip gira anche ntop per l'analisi del traffico ed e' visibile dall'esterno sulla porta 3000
Per raggiungere Pactrip via ssh usare la porta 2223
Hardware
description: Computer
serial: ========
width: 32 bits
*-core
description: Motherboard
product: R440FX UP
vendor: Intel
physical id: 0
version: 660942-101
serial: B01663783
*-firmware
description: BIOS
vendor: Intel Corporation
physical id: 0
version: 1.00.03.DM0 (01/09/97)
size: 64KB
capacity: 64KB
capabilities: isa pci pnp upgrade shadowing escd cdboot bootselect edd int13floppynec int13floppytoshiba int13floppy360 int13floppy1200 int13floppy720 int13floppy2880 int5printscreen int9keyboard int14serial int17printer int10video
*-cpu
description: CPU
product: Pentium Pro
vendor: Intel Corp.
physical id: 4
bus info: cpu@0
version: 6.1.9
slot: UB31
size: 512MHz
capacity: 512MHz
width: 32 bits
clock: 102MHz
capabilities: fpu fpu_exception wp vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov up
*-cache:0
description: L1 cache
physical id: 0
size: 16KB
*-cache:1
description: L2 cache
physical id: 1
size: 256KB
*-memory
description: System memory
product: FPM EDO PARITY ECC DIMM Memory Controller
physical id: 5
size: 96MB
capacity: 1GB
*-bank:0
description: EDO DIMM
physical id: 0
slot: DIMM-0
size: 32MB
capacity: 32MB
clock: 16MHz (60.0ns)
*-bank:1
description: EDO DIMM [[empty]]
physical id: 1
slot: DIMM-3
*-bank:2
description: EDO DIMM [[empty]]
physical id: 2
slot: DIMM-2
*-cache
description: L2 cache
physical id: a
slot: PCI-1
size: 256KB
capacity: 256KB
capabilities: internal write-back
*-pci
description: Host bridge
product: 440FX - 82441FX PMC [[Natoma]]
vendor: Intel Corporation
physical id: 100
bus info: pci@00:00.0
version: 02
width: 32 bits
clock: 33MHz
configuration: latency=64
*-network:0
description: Ethernet interface
product: 82557/8/9 [[Ethernet Pro 100]]
vendor: Intel Corporation
physical id: a
bus info: pci@00:0a.0
logical name: eth0
version: 02
serial: 00:a0:c9:49:ca:43
size: 10MB/s
capacity: 100MB/s
width: 32 bits
clock: 33MHz
capabilities: bus_master ethernet physical tp mii 10bt 10bt-fd 100bt 100bt-fd autonegotiation
configuration: autonegotiation<code>on broadcast</code>yes driver<code>e100 driverversion</code>3.5.10-k2-NAPI duplex<code>half firmware</code>N/A ip<code>192.168.0.1 latency</code>66 link<code>yes maxlatency</code>56 mingnt<code>8 multicast</code>yes port<code>MII speed</code>10MB/s
resources: iomemory:fe9fe000-fe9fefff ioport:f800-f81f iomemory:fe800000-fe8fffff irq:10
*-network:1
description: Ethernet interface
product: RTL-8139/8139C/8139C+
vendor: Realtek Semiconductor Co., Ltd.
physical id: c
bus info: pci@00:0c.0
logical name: eth3
version: 10
serial: 00:00:b4:94:89:48
size: 100MB/s
capacity: 100MB/s
width: 32 bits
clock: 33MHz
capabilities: bus_master ethernet physical tp mii 10bt 10bt-fd 100bt 100bt-fd autonegotiation
configuration: autonegotiation<code>on broadcast</code>yes driver<code>8139too driverversion</code>0.9.27 duplex<code>full ip</code>10.0.2.1 latency<code>66 link</code>yes maxlatency<code>64 mingnt</code>32 multicast<code>yes port</code>MII speed=100MB/s
resources: ioport:f400-f4ff iomemory:fe9fdc00-fe9fdcff irq:9
*-network:2
description: Ethernet interface
product: RTL-8139/8139C/8139C+
vendor: Realtek Semiconductor Co., Ltd.
physical id: e
bus info: pci@00:0e.0
logical name: eth2
version: 10
serial: 00:40:f4:6f:a2:95
size: 100MB/s
capacity: 100MB/s
width: 32 bits
clock: 33MHz
capabilities: bus''master cap''list ethernet physical tp mii 10bt 10bt-fd 100bt 100bt-fd autonegotiation
configuration: autonegotiation<code>on broadcast</code>yes driver<code>8139too driverversion</code>0.9.27 duplex<code>full ip</code>10.0.1.1 latency<code>66 link</code>yes maxlatency<code>64 mingnt</code>32 multicast<code>yes port</code>MII speed=100MB/s
resources: ioport:f000-f0ff iomemory:fe9fd800-fe9fd8ff irq:5
*-network:3
description: Ethernet interface
product: RTL-8139/8139C/8139C+
vendor: Realtek Semiconductor Co., Ltd.
physical id: f
bus info: pci@00:0f.0
logical name: eth1
version: 10
serial: 00:02:44:78:3e:73
size: 10MB/s
capacity: 100MB/s
width: 32 bits
clock: 33MHz
capabilities: bus''master cap''list ethernet physical tp mii 10bt 10bt-fd 100bt 100bt-fd autonegotiation
configuration: autonegotiation<code>on broadcast</code>yes driver<code>8139too driverversion</code>0.9.27 duplex<code>half ip</code>10.0.0.1 latency<code>66 link</code>yes maxlatency<code>64 mingnt</code>32 multicast<code>yes port</code>MII speed=10MB/s
resources: ioport:ec00-ecff iomemory:fe9fd400-fe9fd4ff irq:11
*-scsi
description: SCSI storage controller
product: AIC-7880U
vendor: Adaptec
physical id: d
bus info: pci@00:0d.0
logical name: scsi0
version: 00
width: 32 bits
clock: 33MHz
capabilities: scsi bus_master scsi-host
configuration: driver<code>aic7xxx latency</code>64 maxlatency<code>8 mingnt</code>8
resources: iomemory:fe9ff000-fe9fffff irq:11
*-isa
description: ISA bridge
product: 82371SB PIIX3 ISA [[Natoma/Triton II]]
vendor: Intel Corporation
physical id: 12
bus info: pci@00:12.0
version: 01
width: 32 bits
clock: 33MHz
capabilities: isa bus_master
configuration: latency=0
*-ide
description: IDE interface
product: 82371SB PIIX3 IDE [[Natoma/Triton II]]
vendor: Intel Corporation
physical id: 12.1
bus info: pci@00:12.1
version: 00
width: 32 bits
clock: 33MHz
capabilities: ide bus_master
configuration: driver<code>PIIX_IDE latency</code>64
resources: ioport:ffa0-ffaf
*-ide
description: IDE Channel 0
physical id: 0
bus info: ide@0
logical name: ide0
clock: 33MHz
*-disk
description: ATA Disk
product: Maxtor 91021U2
vendor: Maxtor
physical id: 0
bus info: ide@0.0
logical name: /dev/hda
version: FA520S60
serial: G23JW6SC
size: 9770MB
capacity: 9770MB
capabilities: ata dma lba iordy smart pm apm partitioned partitioned:dos
configuration: apm<code>off smart</code>on
*-volume:0
description: Linux filesystem partition
physical id: 1
bus info: ide@0.0,1
logical name: /dev/hda1
capacity: 94MB
capabilities: primary bootable
*-volume:1
description: Extended partition
physical id: 2
bus info: ide@0.0,2
logical name: /dev/hda2
size: 266MB
capacity: 266MB
capabilities: primary extended partitioned partitioned:extended
*-logicalvolume
description: Linux swap / Solaris partition
physical id: 5
logical name: /dev/hda5
capacity: 266MB
capabilities: nofs
*-volume:2
description: Linux filesystem partition
physical id: 3
bus info: ide@0.0,3
logical name: /dev/hda3
capacity: 9405MB
capabilities: primary
*-cdrom
description: DVD reader
product: SAMSUNG DVD-ROM SD-612F
physical id: 1
bus info: ide@0.1
logical name: /dev/hdb
version: FS03
capabilities: packet atapi cdrom removable nonmagnetic dma lba iordy audio dvd
*-disc
physical id: 0
logical name: /dev/hdb
*-display
description: VGA compatible controller
product: GD 5430/40 [[Alpine]]
vendor: Cirrus Logic
physical id: 14
bus info: pci@00:14.0
version: 22
size: 16MB
width: 32 bits
clock: 33MHz
capabilities: vga vga_palette
configuration: latency=0
resources: iomemory:fb000000-fbffffff
