Cov txheej txheem:

Raspberry Pi4 Firewall: 12 Kauj Ruam
Raspberry Pi4 Firewall: 12 Kauj Ruam

Video: Raspberry Pi4 Firewall: 12 Kauj Ruam

Video: Raspberry Pi4 Firewall: 12 Kauj Ruam
Video: Firewall For Your Home Or Office - For Free! How To Set Up Ipfire On Raspberry Pi. ipfire vs pfsense 2024, Kaum ib hlis
Anonim
Raspberry Pi4 Firewall
Raspberry Pi4 Firewall

Nrog tus tshiab Raspbery Pi 4 (RPi4) nyuam qhuav tso tawm, Kuv txiav txim siab los ua kuv tus kheej lub tsev siv firewall. Tom qab dawm hauv Internet, Kuv pom ib tsab xov xwm zoo ntawm cov ncauj lus los ntawm Guillaume Kaddouch (https://networkfilter.blogspot.com/2012/08/building-your-piwall-gateway-firewall.html). Kab lus no zoo kawg, thiab koj yuav tsum nyeem nws ua ntej yuav mus tom ntej-nws yuav ua rau cov txheej txheem piav qhia ntawm no yooj yim dua. Qhov ntawd yog, kab lus ntawd tau sau xyoo 2012 thiab yog ua raws li ArchLinux distro. Tsis muaj dab tsi tawm tsam ArchLinux, tab sis kuv xav ua qhov no siv ntau yam Raspbian tsim. RPi4 tuaj yeem ua tiav kev ua tiav. Yog li, ua tsaug, Guillaume, rau qhov kev tshoov siab !! Cov lus qhia no yuav rov qab hais txog Guillaume's ("GK" rau luv luv) thawj kab ntawv, koj yuav zoo li xav tau ob nplooj ntawv qhib hauv koj tus browser.

Ob peb yam tseem ceeb txog kuv lub firewall:

  • Kuv muaj lub ethernet txuas (eth0) mus rau LAN
  • Tus ISP router nyob ntawm TRENDnet adapter (eth1)
  • Kuv tau nquag xiam lub wireless adapter (wlan0)
  • Qhov no tsis tau lees tias yuav tau txais koj 100% muaj… vam tias tsawg kawg 99%:) yog li thov muab tswv yim/lus pom
  • Nov yog kuv thawj qhov kev qhia. Thov txim rau txhua yam uas tsis ua raws li qhov tsim nyog tsim nyog.

Tam sim no, cia peb muaj kev lom zem…

Khoom siv

  • Raspberry Pi 4

    • Kuv siv 4GB version, xav tias dawb sim ua lwm yam
    • Case (Kuv nyiam FLIRC, tab sis qhov ntawd yog koj hu)
    • Hwj chim Adapter
  • MicroSD Card, 32GB lossis ntau dua (Kuv siv daim npav 64GB)
  • TRENDnet USB3.0 Gigabit Ethernet Dongle (Qauv: TU3-ETG)
  • Ob peb RJ45 network cable
  • USB Keyboard thiab Mouse
  • Micro-HDMI rau HDMI cable (uas txuas rau hauv HDMI saib)

Cov keyboard, video, thiab nas tuaj yeem tshem tawm ib zaug koj tuaj yeem tau txais SSH thiab VNC nce thiab khiav.

Kauj Ruam 1: Pib RPi Teeb

Thawj RPi Teeb
Thawj RPi Teeb

Thawj qhov uas yuav tsum tau ua yog ua kom koj RPi4 nce thiab ua haujlwm raws li lub kaw lus tshiab. Rub tawm thiab teeb tsa Raspbian tag nrho faib (Raspbian Buster nrog lub desktop thiab pom zoo software). Koj yuav tsum tau rov pib dua ob peb zaug kom nws tuaj yeem nthuav dav thiab ua kom zoo dua ntawm daim npav MicroSD tag nrho.

Raws li nws khau raj, koj yuav tsum tau teb cov lus nug txog thaj chaw, network, keyboard, thiab nas. Txuas rau lub network thiab tso cai rau nws hloov kho tshiab.

Cia kuj lees paub tias txhua yam hloov kho kom raug, thiab tau txais ob peb yam khoom siv uas yuav pab daws qhov teeb meem tom qab:

$ sudo apt-tau hloov tshiab

$ sudo apt-tau txais deb-upgrade $ sudo apt-tau nruab htop $ sudo apt-tau nruab tcpdump

Kuv tsis tau teeb tsa vim, tsis ua ib qho ntawm GK's qib 8 (teeb tsa vim). Kuv nyuam qhuav siv vi editor txij li nws muaj feem ntau ntawm cov yam no lawm. Qhov no kuj tau txuag qee lub sijhawm thiab kev rau siab.

Thaum qhov ntawd ua tiav, cia teeb tsa RPi4 kom peb tuaj yeem ntsaws qhov ntsuas kub. Kuv lub hom phiaj yog ua kom nws tsis muaj lub taub hau, tab sis yog tias kuv xav tau ntsaws rau hauv lub saib, nws yuav raug lees paub.

$ sudo vi /boot/config.txt

Hauv cov ntawv ntawd:

tsis pom zoo (tshem tawm pem hauv ntej #-simbol): hdmi_force_hotplug = 1

tsis pom zoo: hdmi_drive = 2

xaiv tau, ntxiv: enable_hdmi_sound

Kauj ruam 2: Networking

Kev sib tham
Kev sib tham
Kev sib tham
Kev sib tham

Yog tias koj ua raws ntawm GK lub xaib, qhov no yog qib 3. Tab sis nco ntsoov, Kuv tsis tau ua raws ntau ntawm nws thawj kauj ruam hauv kev txiav txim kom raug.

Thaum kuv xub pib qhov no, Kuv txuas RPi ncaj qha rau kuv tus ISP router ("ib sab ntawm kuv lub network uas twb muaj lawm"). Qhov no tso cai rau kuv ua si nrog kev teeb tsa yam tsis cuam tshuam rau lub network. Txuas RPi4 built-in RJ45 rau koj lub router (lossis wireless, yog tias koj xav tau). Nrog Raspbian, txoj hauv kev yooj yim tshaj plaws los ua qhov no yog siv GUI. Los ntawm lub desktop, nyem rau Raspberry Icon> Nyiam> Raspberry Pi Configuration. Nco ntsoov qhib SSH thiab VNC. Qhov no yuav teeb tsa tus neeg siv tiag-VNC server. Kuv pom tias yog koj sim txuas nrog Tight VNC cov neeg siv khoom, nws yuav pov haum thiab xav tau qee qhov kev teeb tsa ntxiv. Yog li, ntawm no taw tes teeb tsa Real-VNC cov neeg siv khoom ntawm koj thawj lub desktop/laptop (tsis yog koj RPi4).

SSH yuav tsis ua haujlwm tawm ntawm lub thawv (GK's qib 7). Peb yuav tsum hloov kho qee qhov kev teeb tsa. Ua ntej, cia hloov kho ssh teeb tsa cov ntaub ntawv. Nov yog cov kev hloov uas kuv tau ua. Nco ntsoov tias kuv tsis tau kawm txog qhov cuam tshuam ntawm txhua qhov kev hloov pauv ntawm no. Kuv tau ua raws li GK lub vev xaib qhia. Qee qhov kev hloov pauv no yuav TSIS xav tau.

$ sudo vi/etc/ssh/sshd_config

Hauv cov ntawv ntawd, tsis pom zoo cov kab hauv qab no:

HostKey/etc/ssh/ssh_host_rsa_keyHostKey/etc/ssh/ssh_host_ecdsa_keySyslogFacility AUTHLogLevel INFOStrictModes yesPubkeyAuthentication yesHostBasedAuthentication tsis

Tsis quav ntsej Rhosts yog

PrintMotd noPrintLastLog yesTCPKeepAlive yog

Thiab ntxiv cov kab hauv qab no:

Raws tu qauv 2UsePrivilegeSeparation yogKeyRegenerationInterval 3600ServerKeyBits 768RSAAuthentcation yesRhostsRSAAuthentication no

Thiab hloov cov kab hauv qab no:

Chaw nres nkoj 15507LoginGraceTime 60PermitRootLogin no

Wb tham sai sai txog qhov kev hloov kho thawj zaug… chaw nres nkoj 15507. SSH ib txwm ua haujlwm ntawm chaw nres nkoj 22. GK txav nws mus rau 15507-tsis paub vim li cas. Koj tuaj yeem mus rau ob txoj kev hloov kho nws lossis tsis yog … Yog tias koj xaiv hloov kho nws, koj yuav tsum ntxiv "-p 15507" rau ib qho lus txib SSH uas koj sim txuas nrog. Yog tias koj txiav txim siab hla nws, khaws qhov muag rau lwm qhov chaw uas 15507 tau hais hauv cov lus qhia no thiab tsis quav ntsej lawv, tshwj xeeb yog cov cai thaiv phab ntsa!

Thaum kawg rau cov kauj ruam no, cia tau txais RPi4 tus IP chaw nyob yog li peb paub yuav txuas dab tsi rau:

$ ipconfig -a

Nrhiav lub network txuas txuas (zoo li ntawm eth0 lossis wlan0) thiab sau tus IP chaw nyob ntawd. Tam sim no koj muaj yam koj xav tau los txuas rau RPi4. Cia peb rov pib dua ua ntej peb mus:

$ sudo rov pib dua

Kauj Ruam 3: Lwm Tus Neeg Siv

Lwm Tus Neeg Siv
Lwm Tus Neeg Siv

Nws yog qhov zoo tshaj plaws kom tsis txhob siv lub npe RPi lub npe (pi), thiab koj yeej yuav tsum hloov tus password. Txhawm rau kom muaj kev nyab xeeb, cia ntxiv lwm tus neeg siv nyiaj uas koj tuaj yeem siv txuas rau hauv thiab txuas nrog (GK's qib 6). Rov qab rau RPi, cia ntxiv tus neeg siv tshiab thiab teeb tsa kev tso cai rau tus neeg siv rau SSH thiab muab cov lus txib sudo:

$ sudo useradd -m -g cov neeg siv -G sudo, netdev -s /bin /bash [USERNAME]

$ sudo passwd [USERNAME]

Xav tias dawb rau kev tawm lossis rov pib dua thiab siv tus as khauj tshiab uas tau tsim los rau tom ntej.

Kauj ruam 4: Syctl File

Syctl Cov Ntaub Ntawv
Syctl Cov Ntaub Ntawv

Cov kauj ruam tom ntej yog hloov kho /etc/sysctl.conf cov ntaub ntawv (GK's qib 9). Cov ntaub ntawv no tau siv los hloov qee qhov chaw teeb tsa. Peb yuav ua raws nraim li GK hais kom ua. Nov yog cov txheej txheem yooj yim.

$ sudo vi /etc/sysctl.conf

Hauv cov ntawv ntawd, tsis pom zoo cov kab hauv qab no:

net.ipv4.conf.default.rp_filter = 1net.ipv4.conf.all.rp_filter = 1net.ipv4.tcp_syncookies = 1

net.ipv4.ip_forward = 1

net.ipv4.conf.all.accept_redirects = 0net.ipv4.conf.all.send_redirects = 0net.ipv4.conf.all.accept_source_route = 0net.ipv4.conf.all.log_martians = 1

Thiab ntxiv cov kab hauv qab no:

net.ipv4.icmp_echo_ignore_broadcasts = 1net.ipv4.icmp_ignore_bogus_error_responses = 1net.ipv4.conf.eth0.accept_redirects = 0vm.min_free_kbytes = 8192

Pib dua qhov kev pabcuam nrog cov teeb tsa tshiab no thiab rov pib dua:

$ sudo sysctl -p

$ sudo rov pib dua

Kauj Ruam 5: DHCP & DNS (ntu 1)

DHCP & DNS (ntu 1)
DHCP & DNS (ntu 1)

Rau kuv, muaj ob qhov mob rau qhov txheej txheem no … Teeb tsa DHCP & DNS, thiab teeb tsa txoj cai thaiv phab ntsa. Yog li, ntawm no peb mus nrog thawj ntu. Yog tias koj ua raws ntawm GK lub xaib, peb nyob rau qib 10.

Txhawm rau ua qhov no, koj yuav xav tau ob peb daim ntaub ntawv los ntawm koj tus ISP router (lossis cov firewall tam sim no):

  • Tus IP chaw nyob sab hauv ntawm tus router
  • Tus IP chaw nyob koj tuaj yeem siv rau RPi4 tus interface rau lub router
  • IPs rau lub npe sau npe (lossis ob)
  • Lub npe interface rau LAN txuas (piv txwv li, eth0 lossis eth1)
  • Lub npe interface rau ISP kev sib txuas (piv txwv li, txhua yam koj tsis tau siv rau LAN)

Koj kuj tseem yuav xav hloov kho lub router teeb tsa kom muab RPi4 tus IP chaw nyob zoo li qub (mos txwv 2, saum toj no). Tsawg kawg, qhov uas kuv tau ua.

Ua ntej, cia hloov kho cov ntaub ntawv dhcpcd.conf …

$ sudo vi /etc/dhcpcd.conf

Tsis pom zoo cov kab no:

persistentoption rapid_commitoption domain_name_servers, domain_name, domain_search, host_nameoption interface_mtu

Rau txhua lub network cuam tshuam, koj yuav tsum teeb tsa lub network cov ntsiab lus. Lawv yuav tsum saib tej yam zoo li no:

# Zoo li qub rau lub interface rau ISP

interface eth1 zoo li qub ip_address = 192.168.1.static routers = 192.168.1.254 zoo li qub domain_name_servers = 8.8.8.8 8.8.4.4 metric 100 # Static rau lub interface rau LAN interface eth0 zoo li qub ip_address = 10.210.212.static routers = 10.210.212.1 zoo li qub domain_name_servers = 8.8.8.8 8.8.4.4 #interface wlan0 #static ip_address = 10.210.212. #routers zoo li qub = 10.210.212.1 #static domain_name_servers = 8.8.8.8 #Tsis lees paub ntu no yog tias koj xav yuam kom tus IP chaw nyob ntawm lub cuab yeej. Lub npe tom qab 'tus tswv' #yog lub ntsiab lus rau lub kaw lus. Nkag mus rau MAC chaw nyob ntawm lub cuab yeej nrog rau qhov xav tau #IP chaw nyob. Nco ntsoov nws tawm ntawm dhcp ntau. Rov ua dua raws li qhov tsim nyog. #host [YUAV UA LI CAS] { # kho vajtse ethernet xx: xx: xx: xx: xx: xx: xx; # qhov chaw nyob ruaj khov 10.210.212.250; #}

Nco ntsoov siv tus lej uas ua haujlwm rau koj. IPs saum toj no yog rau kuv lub network, tshwj tsis yog lub npe servers uas yog Google. Daim ntawv ceeb toom tias kuv tseem teeb tsa qhov ntsuas rau ISP rau 100 kom yuam qhov ntawd los ua thawj zaug sim rau kev sib txuas hauv network. Kuv kuj tseem tsis tau ua dab tsi rau kuv lub wireless adapter (wlan0). Kuv npaj siab yuav ua kom tiav qhov kev cuam tshuam ntawd, yog li nws ua rau kuv nkag siab.

Tsis tas li, yog tias koj xav yuam tus IP chaw nyob ntawm lub cuab yeej (zoo li NAS), siv ntu hauv qab no. Muab tus tswv tsev lub npe uas muaj txiaj ntsig rau koj, tab sis paub tias nws tsis tau siv los ntawm ib yam dab tsi. Tsis txhob hnov qab lub semicolons.

Kauj Ruam 6: DHCP & DNS (ntu 2)

DHCP & DNS (ntu 2)
DHCP & DNS (ntu 2)

Cov kauj ruam tom ntej yog hloov kho dnsmasq.conf cov ntaub ntawv …

$ sudo vi /etc/dnsmasq.conf

Peb yuav tsum tsis pom zoo ob peb kab, thiab kho ob peb kab. Koj kuj tseem yuav tsum luam qee qhov teeb tsa los ntawm dhcpcd.conf cov ntaub ntawv. Ob lo lus nug ntxiv uas koj xav tau los teb rau koj tus kheej yog:

Puas yog LAN sab hauv (piv txwv li, eth0) xav tau DHCP thiab DNS? Koj xav tau ntau yam DHCP rau koj li LAN, thiab ntev npaum li cas txhua qhov kev xauj tsev yuav?

Pib los ntawm uncommenting ob peb kab:

bogus-privno-dhcp-interface = wlan0bind-interfacesdhcp-name-match = set: wpad-ignore, wpaddhcp-ignore-names = tag: wpad-tsis quav ntsej

Teem koj lub npe server. Saib rau kab uas pib 'server =' thiab ua rau nws zoo li 'server = 8.8.8.8'.

Teem koj qhov DHCP ntau. Muaj ntau txoj hauv kev los ua qhov no. Kuv xaiv muab ob qhov kawg IPs, daim npog ntsej muag, thiab qhov ntev ntawm daim ntawv xauj tsev. Kuv qhov ntau yog 10.210.212.20-10.210.212.240, nrog netmask ntawm 255.255.255.0, thiab lub sijhawm xaum 12 teev. Kuv pom zoo tias koj tso qee tus IPs rau saum thiab hauv qab ntawm koj li hauv qhov xwm txheej koj puas xav tau muab qee yam IP zoo li qub.

Teeb lub interface uas yuav tau txais DNS thiab DHCP (LAN) los ntawm kev hloov kho kab 'interface =' los ua ib yam zoo li 'interface = eth0). Daim ntawv ceeb toom tias kuv hais tshwj xeeb nws TSIS muab DHCP IP chaw nyob rau kuv lub wireless network. Ib zaug ntxiv, Kuv npaj siab ua kom tiav qhov kev sib txuas ntawd, yog li nws ua rau kuv zoo siab.

Kauj Ruam 7: DHCP & DNS (ntu 3)

DHCP & DNS (ntu 3)
DHCP & DNS (ntu 3)

Kev hloov pauv los ntawm GK cov lus qhia rau cov kauj ruam kawg no…

Thaum kuv rov pib dua kuv RPi ntawm qhov no, txheej txheem dnsmasq tsis ua haujlwm. Me ntsis poking ib puag ncig thiab kuv pom tias kuv eth0 thiab eth1 network cuam tshuam tsis yog ob qho ua haujlwm ua ntej dnsmasq tau pib, yog li dnsmasq yuav ua tsis tiav thaum pib. Kuv yuav tau txuas cov keyboard thiab nas rau RPi thiab rov pib dua tus kheej dnsmasq. Qhov no tsis zoo tagnrho nrog teeb tsa taub hau. Kuv nyeem ib pawg ntawm cov ntawv uas tau hais kom hloov pauv ntau qhov chaw (piv txwv li, lov tes taw khi-cuam tshuam) thiab lwm yam. Tsis muaj nws ua haujlwm. Thaum kawg, Kuv txiav txim siab yooj yim sau tsab ntawv plhaub uas yuav ua haujlwm txhua 2 feeb thiab txheeb xyuas qhov xwm txheej ntawm dnsmasq. Yog tias nws tsis tau khiav, pib nws. Kuv xav tias qhov xwm txheej no tsis txawv rau kuv. Yog li, ntawm no yog yam koj yuav tsum tau ua:

Ua cov cai hauv qab no rau hauv cov ntaub ntawv hu ua 'dns_masq_keepalive.sh' ntawm koj li RPi.

#!/bin/tsoo

# Cov ntaub ntawv: dns_masq_keepalive.sh # Lub Yim Hli 2019 # Siv qhov no nrog crontab -e (*/2 * * * * /etc/dns_masq_keepalive.sh) kom paub tseeb tias dnsmasq khiav. Qhov kev pabcuam yuav nres nws tus kheej yog # txhua qhov cuam tshuam uas tau hais hauv dhcpcd.conf tsis tau ua ntej nws pib. Qhov no kho qhov teeb meem. # Kab tom ntej no yuav rov qab txhua txoj haujlwm nquag nrog lo lus 'dnsmasq' hauv lawv. Yog li, tsis suav nrog 'dnsmasq' hauv # daim ntawv npe no, txwv tsis pub nws yuav rov qab los txhua lub sijhawm thiab koj yuav tsis rov pib dua. dns_running = $ (ps -e | grep dnsmasq) ncha $ dns_running yog [-z "$ dns_running"] ces #echo Tsis DNSMasq sudo /etc/init.d/dnsmasq restart #else #echo DNSMasq Khiav fi

Txiav-thiab-muab tshuaj txhuam nws yog tias koj xav tau. Txawm koj ua dab tsi, tsis suav nrog 'dnsmasq' hauv lub npe. Tsab ntawv saib rau lo lus 'dnsmasq' thiab yog tias tsab ntawv muaj nws lub npe, nws yuav xav tias qhov kev pabcuam tau ua haujlwm. Tsis tas li, hloov npe cov ntaub ntawv kom nws xaus nrog '.sh'. Intructables yuav tsis cia kuv upload ib '.sh' cov ntaub ntawv-uas yog qhov zoo. Cov lus qhia ntxiv xav tias cov ntaub ntawv muaj nyob ntawm: /etc/dns_masq_keepalive.sh.

Qhov thib ob, teeb tsa kev tso cai ntawm cov ntawv yog li nws tuaj yeem ua tiav:

$ sudo chmod u+x /etc/dns_masq_keepalive.sh

Tam sim no peb yuav siv cov kab ke crontab los ua kom qhov program ua haujlwm txhua 2 feeb ntawm txhua hnub. Pib crontab:

$ sudo crontab -e

Nws yuav tsum ua kom koj hloov kho siv vi lossis lwm yam. Txhua yam yuav ua haujlwm. Thaum koj tuaj yeem kho nws, ntxiv cov hauv qab no mus rau qhov kawg ntawm cov ntawv:

*/2 * * * * sudo /etc/dns_masq_keepalive.sh

Tsis muaj chaw nyob hauv '*/2', tab sis qhov chaw nruab nrab ntawm lub hnub qub. Txuag thiab tawm mus. Nws yuav tsum qhia koj tias txoj haujlwm tau teem tseg, lossis qee yam zoo li ntawd.

Kauj Ruam 8: Firewall

Firewall
Firewall

Cov txheej txheem mob tom ntej yog lub firewall (GK qib 11). Raspbian siv qhov system iptables uas paub zoo. GK's blog muab peb cov ntaub ntawv los pab koj mus txog ntawd… firewall.simple, firewall.advanced, thiab firewall.flows. Txhua tus hwm rau GK, tab sis ua kom yooj yim ntawm koj tus kheej thiab tsuas yog mus nrog firewall.simple. Kuv siv sijhawm ntau sim los txheeb xyuas cov iptables system thiab cov cai. Kuv zoo siab kuv tau ua, tab sis nws mob heev. Yog li, kuv muab ob daim ntawv txuas rau koj los pab koj… firewall.simple thiab firewall.clear. Luam ob qho ntawm cov ntaub ntawv no rau koj /lwm daim nplaub tshev thiab hloov kev tso cai los ua kom lawv ua tiav:

$ sudo chmod u+x /etc/firewall.simple

$ sudo chmod u+x /etc/firewall.clear

Ua ntej koj teeb tsa ib txoj cai firewall, ntsaws lub desktop/laptop rau hauv koj qhov RPi eth0 chaw nres nkoj thiab paub meej tias nws tau txais tus IP chaw nyob thiab muaj DNS khiav. Txoj hauv kev yooj yim tshaj plaws los ua qhov no yog sim thiab ping qhov chaw dav thiab tom qab ntawd paub tus IP chaw nyob. Kuj ping koj RPi thiab ISP router. Yog tias koj tau txais txiaj ntsig, tom qab ntawd txhua yam zoo thiab muaj teeb meem hauv network koj tam sim no ntsib yuav yog qhov tshwm sim ntawm teeb meem firewall.

Thawj cov ntaub ntawv muab thawj zaug pib ua GK's firewall.simple file (ua tsaug, dua, GK!). Kuv tau ua ntau qhov kev hloov pauv kom nws ua haujlwm rau cov kab ke no. Nws yuav tsum tso cai tsawg kawg HTTP, HTTPS, DNS, DHCP, ping, sab hauv SSH, sab hauv VNC, thiab plex. Plex yuav tsis muaj txhua qhov chaw nres nkoj qhib rau txhua lub cuab yeej ua tau, tab sis muaj cov pawg ntawm cov lus tshaj tawm los kho qhov ntawd. Nyob rau sab saud ntawm cov ntaub ntawv yog qhov txiaj ntsig uas koj yuav tsum tau hloov pauv rau koj li kev teeb tsa network.

Cov ntaub ntawv thib ob, firewall.clear, yog npaj los siv thaum koj sim koj cov cai firewall. Thaum koj khiav 'sudo /etc/firewall.clear' txhua txoj cai firewall yuav raug tshem tawm thiab lub kaw lus yuav tsum tau txuas nrog Is Taws Nem. Yog li, yog tias koj tsis tuaj yeem ua qhov kev pabcuam network (zoo li dns) ua haujlwm nrog firewall.simple cov cai hauv qhov chaw, tab sis nws pib ua haujlwm tom qab koj khiav firewall.clear, koj paub tias koj muaj teeb meem txoj cai. Qhov no yuav tsuas yog qhov tseem ceeb thaum ntsuas koj cov cai.

Yog li, peb muaj cov cai tiv thaiv hluav taws nyob ntawd, peb yuav tsum ua kom lawv pib thaum RPi pib. Txhawm rau ua qhov ntawd, peb yuav hloov kho /etc/rc.local cov ntaub ntawv:

$ sudo vi /etc/rc.local

Thaum sab hauv ntxiv cov hauv qab no mus rau qhov kawg ntawm cov ntawv:

ncha "Loading iptables cov cai" /etc/firewall.simple >>/dev/null

Yog tias koj xaiv ntxiv qhov snort intrusion detection system, koj yuav tsum tau hloov cov ntawv no dua. Txog tam sim no tsuas yog khaws nws, thiab rov pib dua.

$ sudo rov pib dua

Kauj ruam 9: Syslog

Syslog
Syslog

Ob kauj ruam tseem tshuav…

Nov yog ib qho yooj yim. Yog tias koj tseem nyob ntawd, thiab ua raws nrog GK's blog, qhov no yog kauj ruam 12. Koj yuav tsum ua raws nraim li nws hais txog qhov syslog file. Nov yog cov kauj ruam luv:

Khaws 2 lub hlis tus nqi ntawm syslog cov ntaub ntawv…

$ sudo vi /etc/logrotate.conf

Peb yuav tsum qhia nws kom siv 'ib lub lis piam' los ntsuas, thiab tom qab ntawd khaws 12 ntawm lawv. Koj xav tau ob kab hauv qab no hauv cov ntawv no. Kuv ntseeg tias koj yuav tsum tau hloov cov kab uas twb muaj lawm.

txhua lub lim tiam 12

Txuag nws.

Kauj Ruam 10: Kev Tshawb Fawb Pom Nrog Snort

Kev Tshawb Fawb Pom Nrog Snort
Kev Tshawb Fawb Pom Nrog Snort

Qhov kawg GK teeb tsa yog qhov ua pa. Kuv pom zoo qhov no ib yam. Koj tuaj yeem ua raws nws cov cai, thiab kuv yuav tsis theej tag nrho lawv ntawm no, nrog rau qee qhov kev hloov kho me me. Nws cov lus qhia yog rau ArchLinux distro. Nov yog ob peb qhov kev hloov pauv rau Raspbian faib peb siv ntawm no. Tus so ntawm cov lus qhia ua haujlwm tau zoo.

Ua ntej tshaj, tsis txhob siv sudo pacman -S snort txhawm rau rub tawm thiab teeb tsa snort. Ua cov hauv qab no:

$ sudo apt-tau nruab snort

Qhov thib ob, koj tsis tuaj yeem txheeb xyuas snort nrog sudo snort -version. Txheeb xyuas qhov teeb tsa nrog:

$ sudo snort -V

Thaum kawg, kom nws ua haujlwm thaum pib, tsis hloov kho cov ntaub ntawv rc.conf, kho cov ntaub ntawv rc.local (dua) …

$ sudo vi /etc/rc.local

Ntxiv cov kab hauv qab no mus rau qhov kawg ntawm cov ntawv:

ncha "Loading snort"

#/usr/sbin/snort -D -u snort -g snort -c /etc/snort/snort.conf -i eth0 -l/var/log/snort

Tam sim no, rov pib dua thiab nws yuav tsum txhua yam ua haujlwm zoo.

$ sudo rov pib dua

Kauj ruam 11: Txaus siab rau

Txaus siab rau
Txaus siab rau

Qhov ntawd yuav tsum yog nws!

Ua ntej tshaj plaws, Kuv tsis tuaj yeem ua tsaug Guillaume Kaddouch txaus! Nws tau tshoov siab qhov no.

Qhov thib ob, yog tias koj tseem tsis tau txuas koj cov keyboard, video, thiab nas, koj tuaj yeem ua tau. Siv SSH thiab VNC kom rov qab los, thaum xav tau.

Txhawm rau xaus, qhov no yuav tsis yog 100% zoo meej. Thov xa rov qab nrog kev hloov pauv/tswv yim/kev pom zoo. Kuv lub hom phiaj yuav yog qhov no yog qhov pib ntawm kev sib tham thiab ntau tus neeg nyiam!

Ua tsaug !!

PS… Daim duab yog RPi4 sab hauv rooj plaub FLIRC txhuas nrog Intel kiv cua qub hloov kho me ntsis thiab zip-khi rau saum. Muaj cua sov muab tso rau hauv qab lub kiv cua ib yam nkaus, tsuas yog thaum koj xav tsis thoob. Kuv pom qee yam zoo sib xws hauv Internet (https://www.reddit.com/r/raspberry_pi/comments/9bdgrr/it_turns_out_putting_a_heatsink_on_the_flirc_case/) thiab txiav txim siab sim nws kuv tus kheej.

Kauj ruam 12: Changelog

Raws li kev hloov pauv tau ua rau cov lus qhia no, Kuv yuav sau lawv ntawm no. Yog tias koj muaj teeb meem, kos rau ntawm no kom pom tias koj tau txais cov lus qhia qub lossis cov ntaub ntawv.

Cuaj hlis 25, 2019:

  • Txhim kho DHCP cov cai hauv firewall.simple
  • Txhim kho DHCP ntau hauv cov lus qhia (cov ntaub ntawv raug lawm)
  • Ntxiv cov haujlwm IP ruaj khov rau DHCP cov lus qhia

Lub Kaum Hli 13, 2019

  • Tsau ntau yam yuam kev
  • Tsim tus pi thib ob yog li kuv yuav tau sim SDcard los pauv, yog xav tau

Pom zoo: