我正在维护一个带有小型 LAN 和 wifi 的网关服务器,它充当防火墙、备份服务器、宽带网关、媒体服务器等。
Bind9 变得过于复杂,所以我干脆将它完全卸载了。一切都运行顺利,直到我发现我无法从任何工作站登录到 backuppc 管理站点 - 它只允许我通过服务器上的 localhost 直接登录。显然:
看起来您正试图从网络外部(即不在私有子网上)访问 BackupPC 页面。默认情况下,BackupPC 的配置会阻止远程访问,以尽量减少数据被广泛使用的安全风险,但在某些情况下,这可能不是所希望的
这是我的dhcpd.conf
adam@gondolin:~$ cat /etc/dhcp/dhcpd.conf
#
# Attention: If /etc/ltsp/dhcpd.conf exists, that will be used as
# configuration file instead of this file.
# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
authoritative;
log-facility local7;
default-lease-time 7200;
max-lease-time 86400;
option domain-name "localdomain";
option domain-name-servers 208.67.220.220, 208.67.222.222;
ignore client-updates;
update-static-leases on;
update-optimization off;
ddns-update-style none;
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.5 192.168.0.254;
option subnet-mask 255.255.255.0;
option routers 192.168.0.3;
}
这是我的笔记本电脑客户端的 LAN 和 wifi 接口的样子:
adam@erebor:~$ ifconfig -a
enxd45d645c12ed: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.31 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 fe80::cb6a:9e79:1777:e285 prefixlen 64 scopeid 0x20<link>
ether d4:5d:64:5c:12:ed txqueuelen 1000 (Ethernet)
RX packets 48070 bytes 37288002 (37.2 MB)
RX errors 0 dropped 5 overruns 0 frame 0
TX packets 43659 bytes 9716286 (9.7 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 1868 bytes 192244 (192.2 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1868 bytes 192244 (192.2 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wlp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.28 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 fe80::c5c5:4941:dff4:32f0 prefixlen 64 scopeid 0x20<link>
ether 34:e1:2d:c3:7c:51 txqueuelen 1000 (Ethernet)
RX packets 305 bytes 38927 (38.9 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 283 bytes 47749 (47.7 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
我预计这里有一个基本错误但我看不到它。
===============================
这是我混合的一些 IPv6 配置内容 - 我一直在文档中给出的地方添加 IPv6 配置,但它肯定不完整。
adam@gondolin:~$ cat /etc/dhcp/dhcpd6.conf
default-lease-time 2592000;
preferred-lifetime 604800;
option dhcp-renewal-time 3600;
option dhcp-rebinding-time 7200;
allow leasequery;
option dhcp6.name-servers 3ffe:501:ffff:100:200:ff:fe00:3f3e;
option dhcp6.domain-search "test.example.com","example.com";
option dhcp6.info-refresh-time 21600;
我现在意识到 DNS 是包中的默认设置。
我iptables6
也有一些配置,但看起来不错。