oupson
/
projet-reseau-2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Initial Commit

This commit is contained in:
Aymeric SERRA 2023-01-03 08:30:24 +01:00
commit 89a5d6f9a2
Signed by: oupson
GPG Key ID: 814B1CC7103045D3
54 changed files with 1103 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
README Executable file
View File

@ -0,0 +1,42 @@
Devoir de TP de L3 Réseaux
L'objectif de ce devoir, à réaliser seul ou en binôme, est de configurer le réseau proposé pour qu'alice puisse accéder à la page web www.notascam.com : configuration des interfaces, des routes, DHCP, DNS, NAT, RIP.
== The big picture ==
Vous disposez d'un bloc d'adresses donné en paramètre que vous utiliserez pour le réseau sur lequel se trouvent alice et boxa, pour le réseau sur lequel se trouvent www, dnsnot, mailnot et boxb, et pour le réseau central où sont connectés rtw, rtx, rty et rtz.
Vous utiliserez comme paramètre (bloc d'adresses privées) le paramètre proposé sur celene pour l'un ou l'autre des membres du binôme.
Les 4 routeurs rtw, rtx, rty et rtz constituent le coeur du réseau et feront transiter l'ensemble des communications IP.
Il est interdit de modifier "lab.conf", la structure du réseau ne doit pas être modifiée !
== Ce qui est à configurer ==
Seuls sont à modifier les fichiers :
- boxa.startup et boxb.startup
- boxa/etc/dhcp/dhcpd.conf et boxb/etc/dhcp/dhcpd.conf
- rti.startup où rti peut valoir rtw, rtx, rty ou rtz
- rti/etc/frr/ripd.conf où rti peut valoir rtw, rtx, rty ou rtz
- dnsnot/etc/bind/file où file peut valoir named.conf ou db.com.notascam
Votre travail consiste à configurer les machines et services suivants :
- configuration IP des interfaces eth0 de boxa et boxb. On utilisera des adresses dans le bloc d'adresses pris comme paramètre.
- service DHCP sur boxa pour qu'alice obtienne les informations nécessaires. On proposera '20.30.40.50' comme résolveur DNS.
- service DHCP sur boxb pour que www, mailnot et dnsnot soient connectés, chacun avec une IP fixe. On proposera toujours '20.30.40.50' comme résolveur DNS et "notascam.com" comme nom de domaine.
- services de NAT sur boxa et boxb pour qu'alice puisse communiquer hors de son réseau privé, et pour que :
* les requêtes HTTP puissent arriver jusqu'à www
* les requêtes DNS puissent arriver jusqu'à dnsnot
* les connexions SMTP puissent atteindre mailnot.
- routage RIP sur rtw, rtx, rty et rtz pour que ces 4 routeurs obtiennent des routes vers tous les réseaux présents. On pourra soit configurer les interfaces en passant par zebra, soit le faire dans les fichiers .startup. On peut par exemple se connecter à rtw sur le port ripd par telnet depuis alice, sauvegarder la configuration choisie puis la copier dans les répertoires de rtx, rty et rtz.
ATTENTION à modifier les timers RIP : commande "timers basic 5 15 10" une fois connecté au démon ripd.
- service d'administration DNS de la zone notascam par la machine dnsnot. La base de données DNS de dnsnot doit contenir les adresses de www, mailnot et dnsnot, ainsi que des enregistrements de type NS (vers dnsnot) et MX (vers smtp.notascam.com).
== Modalités de retour du devoir ==
Le devoir est à traiter en binôme (ou monôme). La solution est à déposer sous la forme d'une archive nommée nom1.prenom1_nom2.prenom2.tar.gz sur la page Celene du cours avant le 8/1/23 à 23h59.
L'archive doit contenir :
- un rapport au format PDF qui reprend les noms des membres du binôme, le paramètre utilisé et qui explique très brièvement le travail effectué.
- le lab modifié par vos soins.

3
alice.startup Executable file
View File

@ -0,0 +1,3 @@
cd $HOME
mv pinerc .pinerc
dhclient

496
alice/root/pinerc Normal file
View File

@ -0,0 +1,496 @@
#
# Pine configuration file
#
# This file sets the configuration options used by Pine and PC-Pine. These
# options are usually set from within Pine or PC-Pine. There may be a
# system-wide configuration file which sets the defaults for some of the
# variables. On Unix, run pine -conf to see how system defaults have been set.
# For variables that accept multiple values, list elements are separated by
# commas. A line beginning with a space or tab is considered to be a
# continuation of the previous line. For a variable to be unset its value must
# be blank. To set a variable to the empty string its value should be "".
# You can override system defaults by setting a variable to the empty string.
# Lines beginning with "#" are comments, and ignored by Pine.
# Over-rides your full name from Unix password file. Required for PC-Pine.
personal-name=alice
# Sets domain part of From: and local addresses in outgoing mail.
user-domain=sillymail.com
# List of SMTP servers for sending mail. If blank: Unix Pine uses sendmail.
smtp-server=smtp.sillymail.com
# NNTP server for posting news. Also sets news-collections for news reading.
nntp-server=
# Path of (local or remote) INBOX, e.g. ={mail.somewhere.edu}inbox
# Normal Unix default is the local INBOX (usually /usr/spool/mail/$USER).
inbox-path={imap.sillymail.com/user=alice}inbox
# List of folder pairs; the first indicates a folder to archive, and the
# second indicates the folder read messages in the first should
# be moved to.
incoming-archive-folders=
# List of folders, assumed to be in first folder collection,
# offered for pruning each month. For example: mumble
pruned-folders=
# Over-rides default path for sent-mail folder, e.g. =old-mail (using first
# folder collection dir) or ={host2}sent-mail or ="" (to suppress saving).
# Default: sent-mail (Unix) or SENTMAIL.MTX (PC) in default folder collection.
default-fcc=
# Over-rides default path for saved-msg folder, e.g. =saved-messages (using 1st
# folder collection dir) or ={host2}saved-mail or ="" (to suppress saving).
# Default: saved-messages (Unix) or SAVEMAIL.MTX (PC) in default collection.
default-saved-msg-folder=
# Over-rides default path for postponed messages folder, e.g. =pm (which uses
# first folder collection dir) or ={host4}pm (using home dir on host4).
# Default: postponed-msgs (Unix) or POSTPOND.MTX (PC) in default fldr coltn.
postponed-folder=
# If set, specifies where already-read messages will be moved upon quitting.
read-message-folder=
# If set, specifies where form letters should be stored.
form-letter-folder=
# Contains the actual signature contents as opposed to the signature filename.
# If defined, this overrides the signature-file. Default is undefined.
literal-signature=
# Over-rides default path for signature file. Default is ~/.signature
signature-file=
# List of features; see Pine's Setup/options menu for the current set.
# e.g. feature-list= select-without-confirm, signature-at-bottom
# Default condition for all of the features is no-.
feature-list=enable-full-header-cmd
# Pine executes these keys upon startup (e.g. to view msg 13: i,j,1,3,CR,v)
initial-keystroke-list=
# Only show these headers (by default) when composing messages
default-composer-hdrs=
# Add these customized headers (and possible default values) when composing
customized-hdrs=
# When viewing messages, include this list of headers
viewer-hdrs=
# When viewing messages, number of blank spaces between left display edge and text
viewer-margin-left=
# When viewing messages, number of blank spaces between right display edge and text
viewer-margin-right=
# When viewing messages, number of lines of quote displayed before suppressing
quote-suppression-threshold=
# Determines default folder name for Saves...
# Choices: default-folder, by-sender, by-from, by-recipient, last-folder-used.
# Default: "default-folder", i.e. "saved-messages" (Unix) or "SAVEMAIL" (PC).
saved-msg-name-rule=
# Determines default name for Fcc...
# Choices: default-fcc, by-recipient, last-fcc-used.
# Default: "default-fcc" (see also "default-fcc=" variable.)
fcc-name-rule=
# Sets presentation order of messages in Index. Choices:
# Subject, From, Arrival, Date, Size, To, Cc, OrderedSubj, Score, and Thread.
# Order may be reversed by appending /Reverse. Default: "Arrival".
sort-key=
# Sets presentation order of address book entries. Choices: dont-sort,
# fullname-with-lists-last, fullname, nickname-with-lists-last, nickname
# Default: "fullname-with-lists-last".
addrbook-sort-rule=
# Sets presentation order of folder list entries. Choices: alphabetical,
# alpha-with-dirs-last, alpha-with-dirs-first.
# Default: "alpha-with-directories-last".
folder-sort-rule=
# Sets the default folder and collectionoffered at the Goto Command's prompt.
goto-default-rule=
# Sets message which cursor begins on. Choices: first-unseen, first-recent,
# first-important, first-important-or-unseen, first-important-or-recent,
# first, last. Default: "first-unseen".
incoming-startup-rule=
# Allows a default answer for the prune folder questions. Choices: yes-ask,
# yes-no, no-ask, no-no, ask-ask, ask-no. Default: "ask-ask".
pruning-rule=
# Controls behavior when reopening an already open folder.
folder-reopen-rule=
# Style that MESSAGE INDEX is displayed in when threading.
threading-display-style=
# Style of THREAD INDEX or default MESSAGE INDEX when threading.
threading-index-style=
# When threading, character used to indicate collapsed messages underneath.
threading-indicator-character=
# When threading, character used to indicate expanded messages underneath.
threading-expanded-character=
# When threading, character used to indicate this is the last reply
# to the parent of this message.
threading-lastreply-character=
# Reflects capabilities of the display you have. Default: US-ASCII.
# Typical alternatives include ISO-8859-x, (x is a number between 1 and 9).
character-set=
# Specifies the program invoked by ^_ in the Composer,
# or the "enable-alternate-editor-implicitly" feature.
editor=
# Specifies the program invoked by ^T in the Composer.
speller=
# Specifies the column of the screen where the composer should wrap.
composer-wrap-column=
# Specifies the string to insert when replying to a message.
reply-indent-string=
# Specifies the introduction to insert when replying to a message.
reply-leadin=
# Specifies the string to replace quotes with when viewing a message.
quote-replace-string=
# Specifies the string to use when sending a message with no to or cc.
empty-header-message=
# Program to view images (e.g. GIF or TIFF attachments).
image-viewer=
# If "user-domain" not set, strips hostname in FROM address. (Unix only)
use-only-domain-name=
# This variable takes a list of programs that message text is piped into
# after MIME decoding, prior to display.
display-filters=
# This defines a program that message text is piped into before MIME
# encoding, prior to sending
sending-filters=
# A list of alternate addresses the user is known by
alt-addresses=
# A list of keywords for use in categorizing messages
keywords=
# Characters which surround keywords in SUBJKEY token.
# Default is "{" "} "
keyword-surrounding-chars=
# This is a list of formats for address books. Each entry in the list is made
# up of space-delimited tokens telling which fields are displayed and in
# which order. See help text
addressbook-formats=
# This gives a format for displaying the index. It is made
# up of space-delimited tokens telling which fields are displayed and in
# which order. See help text
index-format=
# The number of lines of overlap when scrolling through message text
viewer-overlap=
# Number of lines from top and bottom of screen where single
# line scrolling occurs.
scroll-margin=
# The number of seconds to sleep after writing a status message
status-message-delay=
# The approximate number of seconds between checks for new mail
mail-check-interval=
# The approximate number of seconds between checks for new mail in folders
# other than the current folder and inbox.
# Default is same as mail-check-interval
mail-check-interval-noncurrent=
# The minimum number of seconds between checks for new mail in a Mail Drop.
# This is always effectively at least as large as the mail-check-interval
maildrop-check-minimum=
# For newsgroups accessed using NNTP, only messages numbered in the range
# lastmsg-range+1 to lastmsg will be considered
nntp-range=
# Full path and name of NEWSRC file
newsrc-path=
# Path and filename of news configuration's active file.
# The default is typically "/usr/lib/news/active".
news-active-file-path=
# Directory containing system's news data.
# The default is typically "/usr/spool/news"
news-spool-directory=
# Path and filename of the program used to upload text from your terminal
# emulator's into Pine's composer.
upload-command=
# Text sent to terminal emulator prior to invoking the program defined by
# the upload-command variable.
# Note: _FILE_ will be replaced with the temporary file used in the upload.
upload-command-prefix=
# Path and filename of the program used to download text via your terminal
# emulator from Pine's export and save commands.
download-command=
# Text sent to terminal emulator prior to invoking the program defined by
# the download-command variable.
# Note: _FILE_ will be replaced with the temporary file used in the downlaod.
download-command-prefix=
# Sets the search path for the mailcap configuration file.
# NOTE: colon delimited under UNIX, semi-colon delimited under DOS/Windows/OS2.
mailcap-search-path=
# Sets the search path for the mimetypes configuration file.
# NOTE: colon delimited under UNIX, semi-colon delimited under DOS/Windows/OS2.
mimetype-search-path=
# List of programs to open Internet URLs (e.g. http or ftp references).
url-viewers=
# The maximum number of non-stayopen remote connections that pine will use
max-remote-connections=
# A list of folders that should be left open once opened (INBOX is implicit)
stay-open-folders=
# Specifies the number of dead letter files to keep when canceling.
dead-letter-files=
# Sets the filename for the newmail fifo (named pipe). Unix only.
newmail-fifo-path=
# Sets the width for the NewMail screen.
newmail-window-width=
# List of incoming msg folders besides INBOX, e.g. ={host2}inbox, {host3}inbox
# Syntax: optnl-label {optnl-imap-host-name}folder-path
incoming-folders=
# List of directories where saved-message folders may be. First one is
# the default for Saves. Example: Main {host1}mail/[], Desktop mail\[]
# Syntax: optnl-label {optnl-imap-hostname}optnl-directory-path[]
folder-collections=
# List, only needed if nntp-server not set, or news is on a different host
# than used for NNTP posting. Examples: News *[] or News *{host3/nntp}[]
# Syntax: optnl-label *{news-host/protocol}[]
news-collections=
# List of file or path names for personal addressbook(s).
# Default: ~/.addressbook (Unix) or \PINE\ADDRBOOK (PC)
# Syntax: optnl-label path-name
address-book=
# List of file or path names for global/shared addressbook(s).
# Default: none
# Syntax: optnl-label path-name
global-address-book=
# Set by Pine; controls beginning-of-month sent-mail pruning.
last-time-prune-questioned=113.9
# Set by Pine; controls display of "new version" message.
last-version-used=4.64
# This names the path to an alternative program, and any necessary arguments,
# to be used in posting mail messages. Example:
# /usr/lib/sendmail -oem -t -oi
# or,
# /usr/local/bin/sendit.sh
# The latter a script found in Pine distribution's contrib/util directory.
# NOTE: The program MUST read the message to be posted on standard input,
# AND operate in the style of sendmail's "-t" option.
sendmail-path=
# This names the root of the tree to which the user is restricted when reading
# and writing folders and files. For example, on Unix ~/work confines the
# user to the subtree beginning with their work subdirectory.
# (Note: this alone is not sufficient for preventing access. You will also
# need to restrict shell access and so on, see Pine Technical Notes.)
# Default: not set (so no restriction)
operating-dir=
# If no user input for this many hours, Pine will exit if in an idle loop
# waiting for a new command. If set to zero (the default), then there will
# be no timeout.
user-input-timeout=
# Sets the time in seconds that Pine will attempt to open a network
# connection. The default is 30, the minimum is 5, and the maximum is
# system defined (typically 75).
tcp-open-timeout=
# Network read warning timeout. The default is 15, the minimum is 5, and the
# maximum is 1000.
tcp-read-warning-timeout=
# Network write warning timeout. The default is 0 (unset), the minimum
# is 5 (if not 0), and the maximum is 1000.
tcp-write-warning-timeout=
# If this much time has elapsed at the time of a tcp read or write
# timeout, pine will ask if you want to break the connection.
# Default is 60 seconds, minimum is 5, maximum is 1000.
tcp-query-timeout=
# Sets the format of the command used to open a UNIX remote
# shell connection. The default is "%s %s -l %s exec /etc/r%sd"
# NOTE: the 4 (four) "%s" entries MUST exist in the provided command
# where the first is for the command's path, the second is for the
# host to connect to, the third is for the user to connect as, and the
# fourth is for the connection method (typically "imap")
rsh-command=
# Sets the name of the command used to open a UNIX remote shell connection.
# The default is typically /usr/ucb/rsh.
rsh-path=
# Sets the time in seconds that Pine will attempt to open a UNIX remote
# shell connection. The default is 15, min is 5, and max is unlimited.
# Zero disables rsh altogether.
rsh-open-timeout=
# Sets the format of the command used to open a UNIX secure
# shell connection. The default is "%s %s -l %s exec /etc/r%sd"
# NOTE: the 4 (four) "%s" entries MUST exist in the provided command
# where the first is for the command's path, the second is for the
# host to connect to, the third is for the user to connect as, and the
# fourth is for the connection method (typically "imap")
ssh-command=
# Sets the name of the command used to open a UNIX secure shell connection.
# Typically this is /usr/bin/ssh.
ssh-path=
# Sets the time in seconds that Pine will attempt to open a UNIX secure
# shell connection. The default is 15, min is 5, and max is unlimited.
# Zero disables ssh altogether.
ssh-open-timeout=
# Sets the version number Pine will use as a threshold for offering
# its new version message on startup.
new-version-threshold=
# List of mail drivers to disable.
disable-these-drivers=
# List of SASL authenticators to disable.
disable-these-authenticators=
# Set by Pine; contains data for caching remote address books.
remote-abook-metafile=
# How many extra copies of remote address book should be kept. Default: 3
remote-abook-history=
# Minimum number of minutes between checks for remote address book changes.
# 0 means never check except when opening a remote address book.
# -1 means never check. Default: 5
remote-abook-validity=
# Your default printer selection
printer=
# List of special print commands
personal-print-command=
# Which category default print command is in
personal-print-category=
# Patterns and their actions are stored here.
patterns-roles=LIT:pattern="/NICK=alice/FLDTYPE=ANY" action="/ROLE=1/FROM=Alice Liddell <alice@sillymail.com>/RTYPE=NC/FTYPE=NC/CTYPE=NC"
# Patterns and their actions are stored here.
patterns-filters2=
# Patterns and their actions are stored here.
patterns-scores2=
# Patterns and their actions are stored here.
patterns-indexcolors=
# Patterns and their actions are stored here.
patterns-other=
# Controls display of color
color-style=
# Controls display of color for current index line
current-indexline-style=
# Controls display of color for the titlebar at top of screen
titlebar-color-style=
# Choose: black, blue, green, cyan, red, magenta, yellow, or white.
normal-foreground-color=
normal-background-color=
reverse-foreground-color=
reverse-background-color=
title-foreground-color=
title-background-color=
status-foreground-color=
status-background-color=
keylabel-foreground-color=
keylabel-background-color=
keyname-foreground-color=
keyname-background-color=
selectable-item-foreground-color=
selectable-item-background-color=
quote1-foreground-color=
quote1-background-color=
quote2-foreground-color=
quote2-background-color=
quote3-foreground-color=
quote3-background-color=
signature-foreground-color=
signature-background-color=
prompt-foreground-color=
prompt-background-color=
index-to-me-foreground-color=
index-to-me-background-color=
index-important-foreground-color=
index-important-background-color=
index-deleted-foreground-color=
index-deleted-background-color=
index-answered-foreground-color=
index-answered-background-color=
index-new-foreground-color=
index-new-background-color=
index-recent-foreground-color=
index-recent-background-color=
index-unseen-foreground-color=
index-unseen-background-color=
index-arrow-foreground-color=
index-arrow-background-color=
# When viewing messages, these are the header colors
viewer-hdr-colors=
# Colors used to display keywords in the index
keyword-colors=

6
boxa.startup Normal file
View File

@ -0,0 +1,6 @@
ip addr add 19.0.0.2/24 dev eth1
ip addr add 192.168.173.1/28 dev eth0
ip route add default via 19.0.0.1
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
touch /var/lib/dhcp/dhcpd.leases
dhcpd

6
boxa/etc/dhcp/dhcpd.conf Executable file
View File

@ -0,0 +1,6 @@
subnet 192.168.173.0 netmask 255.255.255.240 {
range 192.168.173.2 192.168.173.14;
option domain-name-servers 20.30.40.50;
option routers 192.168.173.1;
}

12
boxb.startup Normal file
View File

@ -0,0 +1,12 @@
ip addr add 81.82.83.2/24 dev eth1
ip addr add 192.168.173.1/28 dev eth0
ip route add default via 81.82.83.1
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to 192.168.173.2:80
iptables -t nat -A PREROUTING -i eth1 -p udp --dport 53 -j DNAT --to 192.168.173.3:53
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 53 -j DNAT --to 192.168.173.3:53
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 25 -j DNAT --to 192.168.173.4:25
touch /var/lib/dhcp/dhcpd.leases
dhcpd

22
boxb/etc/dhcp/dhcpd.conf Executable file
View File

@ -0,0 +1,22 @@
subnet 192.168.173.0 netmask 255.255.255.240 {
range 192.168.173.5 192.168.173.14;
option domain-name-servers 20.30.40.50;
option routers 192.168.173.1;
option domain-name "notascam.com";
option domain-search "notascam.com";
host www {
hardware ethernet 06:89:ee:98:59:a0;
fixed-address 192.168.173.2;
}
host dnsnot {
hardware ethernet 46:7f:d3:f5:04:8a;
fixed-address 192.168.173.3;
}
host mailnot {
hardware ethernet e2:6d:f5:69:bf:3c;
fixed-address 192.168.173.4;
}
}

3
dnscom.startup Executable file
View File

@ -0,0 +1,3 @@
ip addr add 30.40.50.253/24 dev eth0
ip route add default via 30.40.50.1
/etc/init.d/bind start

12
dnscom/etc/bind/db.30.40.50 Executable file
View File

@ -0,0 +1,12 @@
$TTL 60000
@ IN SOA 50.40.30.in-addr.arpa. nobody.nowhere. (
1 ; serial
28 ; refresh
14 ; retry
3600000 ; expire
0 ; negative cache ttl
)
@ IN NS 253.50.40.30.in-addr.arpa.
253.50.40.30.in-addr.arpa. IN A 30.40.50.253
253 PTR dnscom.com.

16
dnscom/etc/bind/db.com Executable file
View File

@ -0,0 +1,16 @@
$TTL 60000
@ IN SOA dnscom.com. root.dnscom.com. (
1 ; serial
28 ; refresh
14 ; retry
3600000 ; expire
60000 ; negative cache ttl
)
@ IN NS dnscom.com.
dnscom IN A 30.40.50.253
notascam IN NS dnsnot.com.
dnsnot IN A 81.82.83.2
sillymail IN NS dnsres.sillymail.com
dnsres.sillymail IN A 20.30.40.50

2
dnscom/etc/bind/db.root Executable file
View File

@ -0,0 +1,2 @@
. IN NS ROOT-SERVER.
ROOT-SERVER. IN A 30.40.50.254

45
dnscom/etc/bind/named.conf Executable file
View File

@ -0,0 +1,45 @@
options {
query-source address 30.40.50.253;
directory "/var/cache/bind";
min-roots 1;
};
logging {
category lame-servers { null; };
};
zone "." {
type hint;
file "/etc/bind/db.root";
};
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
zone "com" {
type master;
file "/etc/bind/db.com";
};
zone "30.40.50.in-addr.arpa" {
type master;
file "/etc/bind/db.30.40.50";
};

3
dnsnot.startup Executable file
View File

@ -0,0 +1,3 @@
dhclient
/etc/init.d/bind start

12
dnsnot/etc/bind/db.81.82.83 Executable file
View File

@ -0,0 +1,12 @@
$TTL 60000
@ IN SOA 83.82.81.in-addr.arpa. nobody.nowhere. (
1 ; serial
28 ; refresh
14 ; retry
3600000 ; expire
0 ; negative cache ttl
)
@ IN NS 2.83.82.81.in-addr.arpa.
2.83.82.81.in-addr.arpa. IN A 81.82.83.2
2 PTR www.notascam.com.

15
dnsnot/etc/bind/db.com.notascam Executable file
View File

@ -0,0 +1,15 @@
$TTL 60000
@ IN SOA dnsnot.notascam.com. root.dnsnot.dnsnot.com. (
1 ; serial
28 ; refresh
14 ; retry
3600000 ; expire
60000 ; negative cache ttl
)
@ IN NS dnsnot.notascam.com.
@ IN MX 5 smtp.notascam.com.
dnsnot IN A 81.82.83.2
www IN A 81.82.83.2
smtp IN A 81.82.83.2

2
dnsnot/etc/bind/db.root Executable file
View File

@ -0,0 +1,2 @@
. IN NS ROOT-SERVER.
ROOT-SERVER. IN A 30.40.50.254

45
dnsnot/etc/bind/named.conf Executable file
View File

@ -0,0 +1,45 @@
options {
query-source address 192.168.173.3;
directory "/var/cache/bind";
min-roots 1;
};
logging {
category lame-servers { null; };
};
zone "." {
type hint;
file "/etc/bind/db.root";
};
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
zone "notascam.com" {
type master;
file "/etc/bind/db.com.notascam";
};
zone "83.82.81.in-addr.arpa" {
type master;
file "/etc/bind/db.81.82.83";
};

3
dnsroot.startup Executable file
View File

@ -0,0 +1,3 @@
ip addr add 30.40.50.254/24 dev eth0
ip route add default via 30.40.50.1
/etc/init.d/bind start

12
dnsroot/etc/bind/db.30.40.50 Executable file
View File

@ -0,0 +1,12 @@
$TTL 60000
@ IN SOA 254.50.40.30.in-addr.arpa. nobody.nowhere. (
1 ; serial
28 ; refresh
14 ; retry
3600000 ; expire
0 ; negative cache ttl
)
@ IN NS 254.50.40.30.in-addr.arpa.
254.50.40.30.in-addr.arpa. IN A 30.40.50.254
10 PTR dnsroot.

13
dnsroot/etc/bind/db.root Executable file
View File

@ -0,0 +1,13 @@
$TTL 60000
@ IN SOA dnsroot. root.dnsroot. (
1 ; serial
28 ; refresh
14 ; retry
3600000 ; expire
60000 ; negative cache ttl
)
@ IN NS dnsroot.
dnsroot. IN A 30.40.50.254
com. IN NS dnscom.com.
dnscom.com. IN A 30.40.50.253

24
dnsroot/etc/bind/named.conf Executable file
View File

@ -0,0 +1,24 @@
options {
query-source address 30.40.50.254;
directory "/var/cache/bind";
};
logging {
category lame-servers { null; };
};
zone "." {
type master;
file "/etc/bind/db.root";
};
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "230.203.192.in-addr.arpa" {
type master;
file "/etc/bind/db.30.40.50";
};

71
lab.conf Executable file
View File

@ -0,0 +1,71 @@
LAB_DESCRIPTION="Lab à compléter"
LAB_VERSION=1
LAB_AUTHOR="Martin Delacourt"
LAB_EMAIL="martin.delacourt@univ-orleans.fr"
alice[0]="A"
alice[image]="nopid/3ia:latest"
boxa[0]="A"
boxa[1]="collA"
boxa[image]="nopid/3ia:latest"
www[0]="B"
www[image]="nopid/3ia:latest"
www[image]="nopid/3ia:latest"
dnsnot[0]="B"
dnsnot[image]="nopid/3ia:latest"
dnsnot[image]="nopid/3ia:latest"
mailnot[0]="B"
mailnot[image]="nopid/3ia:latest"
mailnot[image]="nopid/3ia:latest"
boxb[0]="B"
boxb[1]="collB"
boxb[image]="nopid/3ia:latest"
resdns[0]="C"
resdns[image]="nopid/3ia:latest"
resdns[image]="nopid/3ia:latest"
sillymail[0]="C"
sillymail[image]="nopid/3ia:latest"
sillymail[image]="nopid/3ia:latest"
dnscom[0]="D"
dnscom[image]="nopid/3ia:latest"
dnscom[num_terms]=0
dnsroot[0]="D"
dnsroot[image]="nopid/3ia:latest"
dnsroot[num_terms]=0
rtw[0]="collA"
rtw[1]="wx"
rtw[2]="wz"
rtw[image]="nopid/3ia:latest"
rtw[num_terms]=0
rtx[0]="collB"
rtx[1]="wx"
rtx[2]="xy"
rtx[image]="nopid/3ia:latest"
rtx[num_terms]=0
rty[0]="C"
rty[1]="xy"
rty[2]="yz"
rty[image]="nopid/3ia:latest"
rty[num_terms]=0
rtz[0]="D"
rtz[1]="wz"
rtz[2]="yz"
rtz[image]="nopid/3ia:latest"
rtz[num_terms]=0

8
lab.dep Executable file
View File

@ -0,0 +1,8 @@
alice: boxa
boxa: rtw
www: boxb
dnsnot: boxb
boxb: rtx
resdns: rty
dnsroot: rtz
dnscom: rtz

4
mailnot.startup Executable file
View File

@ -0,0 +1,4 @@
useradd -ms /bin/bash -p $(openssl passwd -6 sosecure) sosecure
dhclient
/etc/init.d/postfix start
/etc/init.d/dovecot start

2
mailnot/etc/dovecot/conf.d/10-ssl.conf Normal file
View File

@ -0,0 +1,2 @@
ssl=no
disable_plaintext_auth=no

9
mailnot/etc/postfix/main.cf Normal file
View File

@ -0,0 +1,9 @@
myhostname = smtp.notascam.com
myorigin = $mydomain
smtpd_use_tls = no
mydestination = $mydomain
relay_domains = no
inet_interfaces = all
inet_protocols = all
compatibility_level = 2
mail_spool_directory = /var/mail

3
resdns.startup Executable file
View File

@ -0,0 +1,3 @@
ip addr add 20.30.40.50/24 dev eth0
ip route add default via 20.30.40.1
/etc/init.d/bind start

13
resdns/etc/bind/db.20.30.40 Normal file
View File

@ -0,0 +1,13 @@
$TTL 60000
@ IN SOA 40.30.20.in-addr.arpa. nobody.nowhere. (
1 ; serial
28 ; refresh
14 ; retry
3600000 ; expire
0 ; negative cache ttl
)
@ IN NS 50.40.30.20.in-addr.arpa.
50.40.30.20.in-addr.arpa. IN A 20.30.40.50
50 PTR resdns.sillymail.com.

15
resdns/etc/bind/db.com.sillymail Normal file
View File

@ -0,0 +1,15 @@
$TTL 60000
@ IN SOA resdns.sillymail.com. root.resdns.sillymail.com. (
1 ; serial
28 ; refresh
14 ; retry
3600000 ; expire
60000 ; negative cache ttl
)
@ IN NS resdns.sillymail.com.
@ IN MX 5 smtp.sillymail.com.
resdns IN A 20.30.40.50
smtp IN A 20.30.40.60
imap IN A 20.30.40.60

2
resdns/etc/bind/db.root Executable file
View File

@ -0,0 +1,2 @@
. IN NS ROOT-SERVER.
ROOT-SERVER. IN A 30.40.50.254

48
resdns/etc/bind/named.conf Normal file
View File

@ -0,0 +1,48 @@
options {
query-source address 20.30.40.50;
directory "/var/cache/bind";
min-roots 1;
allow-recursion {any;};
allow-query {any;};
allow-query-cache {any;};
};
logging {
category lame-servers { null; };
};
zone "." {
type hint;
file "/etc/bind/db.root";
};
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
zone "sillymail.com" {
type master;
file "/etc/bind/db.com.sillymail";
};
zone "40.30.20.in-addr.arpa" {
type master;
file "/etc/bind/db.20.30.40";
};

6
rtw.startup Executable file
View File

@ -0,0 +1,6 @@
ip addr add 19.0.0.1/24 dev eth0
ip addr add 192.168.173.1/30 dev eth1
ip addr add 192.168.173.13/30 dev eth2
/etc/init.d/ssh start
source /shared/rezotrick

9
rtw/etc/frr/ripd.conf Normal file
View File

@ -0,0 +1,9 @@
hostname ripd
password zebra
!
router rip
network 192.168.173.0/28
network eth0
passive-interface eth0
!

3
rtw/etc/frr/zebra.conf Executable file
View File

@ -0,0 +1,3 @@
hostname Router
password zebra
enable password zebra

6
rtx.startup Executable file
View File

@ -0,0 +1,6 @@
ip addr add 81.82.83.1/24 dev eth0
ip addr add 192.168.173.2/30 dev eth1
ip addr add 192.168.173.5/30 dev eth2
/etc/init.d/ssh start
source /shared/rezotrick

9
rtx/etc/frr/ripd.conf Normal file
View File

@ -0,0 +1,9 @@
hostname ripd
password zebra
!
router rip
network 192.168.173.0/28
network eth0
passive-interface eth0
!

3
rtx/etc/frr/zebra.conf Executable file
View File

@ -0,0 +1,3 @@
hostname Router
password zebra
enable password zebra

9
rty.startup Executable file
View File

@ -0,0 +1,9 @@
ip addr add 20.30.40.1/24 dev eth0
ip addr add 192.168.173.6/30 dev eth1
ip addr add 192.168.173.9/30 dev eth2
/etc/init.d/ssh start
source /shared/rezotrick

9
rty/etc/frr/ripd.conf Normal file
View File

@ -0,0 +1,9 @@
hostname ripd
password zebra
!
router rip
network 192.168.173.0/28
network eth0
passive-interface eth0
!

3
rty/etc/frr/zebra.conf Executable file
View File

@ -0,0 +1,3 @@
hostname Router
password zebra
enable password zebra

9
rtz.startup Executable file
View File

@ -0,0 +1,9 @@
ip addr add 30.40.50.1/24 dev eth0
ip addr add 192.168.173.14/30 dev eth1
ip addr add 192.168.173.10/30 dev eth2
/etc/init.d/ssh start
source /shared/rezotrick

9
rtz/etc/frr/ripd.conf Normal file
View File

@ -0,0 +1,9 @@
hostname ripd
password zebra
!
router rip
network 192.168.173.0/28
network eth0
passive-interface eth0
!

3
rtz/etc/frr/zebra.conf Executable file
View File

@ -0,0 +1,3 @@
hostname Router
password zebra
enable password zebra

1
shared.startup Executable file
View File

@ -0,0 +1 @@
bash shared/mojo/mojo

2
shared/etc/frr/daemons Executable file
View File

@ -0,0 +1,2 @@
zebra=yes
ripd=yes

12
shared/mojo/macaddr Executable file
View File

@ -0,0 +1,12 @@
#!/usr/bin/env python3
from hashlib import sha1
from sys import argv
m = sha1()
m.update(argv[1].encode())
m.update(b"-")
m.update(argv[2].encode())
d = m.digest()
addr = [ (d[i]+d[i+6]) % 256 for i in range(6) ]
addr[0] &= 0xfe
addr[0] |= 0x02
print(':'.join(map(lambda x : ("00"+hex(x)[2:])[-2:],addr)))

16
shared/mojo/mojo Executable file
View File

@ -0,0 +1,16 @@
chown -R frr:frr /etc/frr
list=()
while IFS= read -r line
do list+=("$line")
done < /etc/resolv.conf
umount /etc/resolv.conf
for line in "${list[@]}"
do echo $line >> /etc/resolv.conf
done
umount /etc/services
echo "staticd 2616/tcp" >> /etc/services
umount /etc/hosts
cp /shared/etc/hosts /etc/hosts
for eth in $(ip -br a | grep '^eth' | cut -d@ -f1); do
ip link set $eth address $(/shared/mojo/macaddr $HOSTNAME $eth)
done

2
shared/rezotrick Executable file
View File

@ -0,0 +1,2 @@
cp /shared/etc/frr/* /etc/frr/
/etc/init.d/frr start

5
sillymail.startup Executable file
View File

@ -0,0 +1,5 @@
useradd -ms /bin/bash -p $(openssl passwd -6 alice) alice
ip addr add 20.30.40.60/24 dev eth0
ip route add default via 20.30.40.1
/etc/init.d/postfix start
/etc/init.d/dovecot start

2
sillymail/etc/dovecot/conf.d/10-ssl.conf Normal file
View File

@ -0,0 +1,2 @@
ssl=no
disable_plaintext_auth=no

9
sillymail/etc/postfix/main.cf Normal file
View File

@ -0,0 +1,9 @@
myhostname = smtp.sillymail.com
myorigin = $mydomain
smtpd_use_tls = no
mydestination = $mydomain
relay_domains = notascam.com
inet_interfaces = all
inet_protocols = all
compatibility_level = 2
mail_spool_directory = /var/mail

3
sillymail/etc/resolv.conf Normal file
View File

@ -0,0 +1,3 @@
domain sillymail.com
search sillymail.com
nameserver 20.30.40.50

3
www.startup Executable file
View File

@ -0,0 +1,3 @@
a2dismod -f deflate
apache2ctl start
dhclient

1
www/var/www/html/index.html Executable file
View File

@ -0,0 +1 @@
<html><head><title>Rest assured this is not a scam</title></head><body><h1>Rest assured this is not a scam</h1><strong><pre>Please write to sosecure@notascam.com to let us know your name and credit dard details.</pre></strong></body></html>