Nouveau fichier : sisr1/tp03/srv-admin-ge/hostname

Nouveau fichier : sisr1/tp03/srv-admin-ge/hosts
	Nouveau fichier : sisr1/tp03/srv-admin-ge/interfaces
	Nouveau fichier : sisr1/tp03/srv-admin-ge/nat.sh
	Nouveau fichier : sisr1/tp03/srv-dns2-ge/db.monlabo.lan
	Nouveau fichier : sisr1/tp03/srv-dns2-ge/db.monlabo.lan.rev
	Nouveau fichier : sisr1/tp03/srv-dns2-ge/hostname
	Nouveau fichier : sisr1/tp03/srv-dns2-ge/hosts
	Nouveau fichier : sisr1/tp03/srv-dns2-ge/named.conf
	Nouveau fichier : sisr1/tp03/srv-dns2-ge/named.conf.local
	Nouveau fichier : sisr1/tp03/srv-dns2-ge/named.conf.options
	Nouveau fichier : sisr1/tp03/srv-service-ge/db.monlabo.lan
	Nouveau fichier : sisr1/tp03/srv-service-ge/db.monlabo.lan.rev
	Nouveau fichier : sisr1/tp03/srv-service-ge/dhclient.conf
	Nouveau fichier : sisr1/tp03/srv-service-ge/dhcpd.conf
	Nouveau fichier : sisr1/tp03/srv-service-ge/hostname
	Nouveau fichier : sisr1/tp03/srv-service-ge/hosts
	Nouveau fichier : sisr1/tp03/srv-service-ge/interfaces
	Nouveau fichier : sisr1/tp03/srv-service-ge/named.conf
	Nouveau fichier : sisr1/tp03/srv-service-ge/named.conf.local
	Nouveau fichier : sisr1/tp03/srv-service-ge/named.conf.options

sisr1/tp03/srv-admin-ge/hostname

@@ -0,0 +1 @@
+srv-admin-ge

sisr1/tp03/srv-admin-ge/hosts

@@ -0,0 +1,7 @@
+127.0.0.1	localhost
+127.0.1.1	srv-admin-ge.sio.lan	srv-admin-ge
+
+# The following lines are desirable for IPv6 capable hosts
+::1     localhost ip6-localhost ip6-loopback
+ff02::1 ip6-allnodes
+ff02::2 ip6-allrouters

sisr1/tp03/srv-admin-ge/interfaces

@@ -0,0 +1,18 @@
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The primary network interface
+allow-hotplug enp0s3
+iface enp0s3 inet static
+	address 192.168.0.120/24
+	gateway 192.168.0.1
+
+# The secondary (internal) network interface
+allow-hotplug enp0s8
+iface enp0s8 inet dhcp

sisr1/tp03/srv-admin-ge/nat.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+echo "1" > /proc/sys/net/ipv4/ip_forward
+nft add table basic_nat_table
+nft add chain basic_nat_table prerouting {type nat hook prerouting priority 0 \; }
+nft add chain basic_nat_table postrouting {type nat hook postrouting priority 0 \; }
+nft add rule basic_nat_table postrouting masquerade

sisr1/tp03/srv-dns2-ge/db.monlabo.lan

@@ -0,0 +1,36 @@
+;
+; BIND data file for local loopback interface
+;
+$TTL	604800
+@	IN	SOA	srv-service-ge.monlabo.lan. root.monlabo.lan. (
+			  2635478965	; Serial
+			    216		; Refresh
+			   3600		; Retry
+			2419200		; Expire
+			 86400 )	; Negative Cache TTL
+
+		IN	NS	srv-service-ge.monlabo.lan.
+		IN	NS	srv-dns2-ge.monlabo.lan.
+
+		IN	A	172.16.0.1
+		IN	A	172.16.0.2
+		IN	A	172.16.0.254
+		IN	A	172.16.0.100
+	
+srv-service-ge	IN	A	172.16.0.1
+srv-dns2-ge	IN	A	172.16.0.2
+srv-admin-ge	IN	A	172.16.0.254
+pc-cli-ge	IN	A	172.16.0.100
+
+srvdns		IN	CNAME	srv-service-ge
+dns		IN	CNAME	srv-service-ge
+dns1		IN	CNAME	srv-service-ge
+srvdhcp		IN	CNAME	srv-service-ge
+dhcp		IN	CNAME	srv-service-ge
+srvadmin	IN	CNAME	srv-admin-ge
+router		IN	CNAME	srv-admin-ge
+pc		IN	CNAME	pc-cli-ge
+client		IN	CNAME	pc-cli-ge
+pccli		IN	CNAME	pc-cli-ge
+srvdns2		IN	CNAME	srv-dns2-ge
+dns2		IN	CNAME	srv-dns2-ge

sisr1/tp03/srv-dns2-ge/db.monlabo.lan.rev

@@ -0,0 +1,29 @@
+;
+; BIND data file for local loopback interface
+;
+$TTL    604800
+@       IN      SOA     srv-service-ge.monlabo.lan. root.monlabo.lan. (
+              2635478965         ; Serial
+                     216	 ; Refresh
+                    3600         ; Retry
+                 2419200         ; Expire
+                  86400 )        ; Negative Cache TTL
+
+		        IN      NS      srv-service-ge.monlabo.lan.
+			IN	NS	srv-dns2-ge.monlabo.lan.
+
+			IN	A	172.16.0.1
+			IN	A	172.16.0.2
+			IN	A	172.16.0.254
+			IN	A	172.16.0.100
+
+srv-service-ge		IN      A       172.16.0.1
+srv-dns2-ge		IN	A	172.16.0.2
+srv-admin-ge		IN      A       172.16.0.254
+pc-cli-ge		IN	A	172.16.0.100
+
+
+1	IN	PTR	srv-service-ge.monlabo.lan.
+2	IN	PTR	srv-dns2-ge.monlabo.lan.
+100	IN	PTR	pc-cli-ge.monlabo.lan.
+254	IN	PTR	srv-admin-ge.monlabo.lan.

sisr1/tp03/srv-dns2-ge/hostname

@@ -0,0 +1 @@
+srv-dns2-ge

sisr1/tp03/srv-dns2-ge/hosts

@@ -0,0 +1,7 @@
+127.0.0.1	localhost
+127.0.1.1	srv-dns2-ge.sio.lan	srv-dns2-ge
+
+# The following lines are desirable for IPv6 capable hosts
+::1     localhost ip6-localhost ip6-loopback
+ff02::1 ip6-allnodes
+ff02::2 ip6-allrouters

sisr1/tp03/srv-dns2-ge/named.conf

@@ -0,0 +1,11 @@
+// This is the primary configuration file for the BIND DNS server named.
+//
+// Please read /usr/share/doc/bind9/README.Debian for information on the
+// structure of BIND configuration files in Debian, *BEFORE* you customize
+// this configuration file.
+//
+// If you are just adding zones, please do that in /etc/bind/named.conf.local
+
+include "/etc/bind/named.conf.options";
+include "/etc/bind/named.conf.local";
+include "/etc/bind/named.conf.default-zones";

sisr1/tp03/srv-dns2-ge/named.conf.local

@@ -0,0 +1,21 @@
+//
+// Do any local configuration here
+//
+
+// zone directe
+zone "monlabo.lan" {
+	type master;
+	file "/etc/bind/db.monlabo.lan";
+};
+
+// zone inverse
+zone "0.16.172.in-addr.arpa" {
+	type master;
+	notify no;
+	file "/etc/bind/db.monlabo.lan.rev";
+};
+
+// Consider adding the 1918 zones here, if they are not used in your
+// organization
+//include "/etc/bind/zones.rfc1918";
+

sisr1/tp03/srv-dns2-ge/named.conf.options

@@ -0,0 +1,25 @@
+options {
+	directory "/var/cache/bind";
+
+	// If there is a firewall between you and nameservers you want
+	// to talk to, you may need to fix the firewall to allow multiple
+	// ports to talk.  See http://www.kb.cert.org/vuls/id/800113
+
+	// If your ISP provided one or more IP addresses for stable 
+	// nameservers, you probably want to use them as forwarders.  
+	// Uncomment the following block, and insert the addresses replacing 
+	// the all-0's placeholder.
+
+	 forwarders {
+		10.121.38.7;
+		10.121.38.8;
+	 };
+
+	//========================================================================
+	// If BIND logs error messages about the root key being expired,
+	// you will need to update your keys.  See https://www.isc.org/bind-keys
+	//========================================================================
+	dnssec-validation no;
+
+	listen-on-v6 { any; };
+};

sisr1/tp03/srv-service-ge/db.monlabo.lan

@@ -0,0 +1,36 @@
+;
+; BIND data file for local loopback interface
+;
+$TTL	604800
+@	IN	SOA	srv-service-ge.monlabo.lan. root.monlabo.lan. (
+			  2635478965	; Serial
+			    216		; Refresh
+			   3600		; Retry
+			2419200		; Expire
+			 86400 )	; Negative Cache TTL
+
+		IN	NS	srv-service-ge.monlabo.lan.
+		IN	NS	srv-dns2-ge.monlabo.lan.
+
+		IN	A	172.16.0.1
+		IN	A	172.16.0.2
+		IN	A	172.16.0.254
+		IN	A	172.16.0.100
+	
+srv-service-ge	IN	A	172.16.0.1
+srv-dns2-ge	IN	A	172.16.0.2
+srv-admin-ge	IN	A	172.16.0.254
+pc-cli-ge	IN	A	172.16.0.100
+
+srvdns		IN	CNAME	srv-service-ge
+dns		IN	CNAME	srv-service-ge
+dns1		IN	CNAME	srv-service-ge
+srvdhcp		IN	CNAME	srv-service-ge
+dhcp		IN	CNAME	srv-service-ge
+srvadmin	IN	CNAME	srv-admin-ge
+router		IN	CNAME	srv-admin-ge
+pc		IN	CNAME	pc-cli-ge
+client		IN	CNAME	pc-cli-ge
+pccli		IN	CNAME	pc-cli-ge
+srvdns2		IN	CNAME	srv-dns2-ge
+dns2		IN	CNAME	srv-dns2-ge

sisr1/tp03/srv-service-ge/db.monlabo.lan.rev

@@ -0,0 +1,29 @@
+;
+; BIND data file for local loopback interface
+;
+$TTL    604800
+@       IN      SOA     srv-service-ge.monlabo.lan. root.monlabo.lan. (
+              2635478965         ; Serial
+                     216	 ; Refresh
+                    3600         ; Retry
+                 2419200         ; Expire
+                  86400 )        ; Negative Cache TTL
+
+		        IN      NS      srv-service-ge.monlabo.lan.
+			IN	NS	srv-dns2-ge.monlabo.lan.
+
+			IN	A	172.16.0.1
+			IN	A	172.16.0.2
+			IN	A	172.16.0.254
+			IN	A	172.16.0.100
+
+srv-service-ge		IN      A       172.16.0.1
+srv-dns2-ge		IN	A	172.16.0.2
+srv-admin-ge		IN      A       172.16.0.254
+pc-cli-ge		IN	A	172.16.0.100
+
+
+1	IN	PTR	srv-service-ge.monlabo.lan.
+2	IN	PTR	srv-dns2-ge.monlabo.lan.
+100	IN	PTR	pc-cli-ge.monlabo.lan.
+254	IN	PTR	srv-admin-ge.monlabo.lan.

sisr1/tp03/srv-service-ge/dhclient.conf

@@ -0,0 +1,55 @@
+# Configuration file for /sbin/dhclient.
+#
+# This is a sample configuration file for dhclient. See dhclient.conf's
+#	man page for more information about the syntax of this file
+#	and a more comprehensive list of the parameters understood by
+#	dhclient.
+#
+# Normally, if the DHCP server provides reasonable information and does
+#	not leave anything out (like the domain name, for example), then
+#	few changes must be made to this file, if any.
+#
+
+option rfc3442-classless-static-routes code 121 = array of unsigned integer 8;
+
+send host-name = gethostname();
+request subnet-mask, broadcast-address, time-offset, routers,
+	domain-name, domain-name-servers, domain-search, host-name,
+	dhcp6.name-servers, dhcp6.domain-search, dhcp6.fqdn, dhcp6.sntp-servers,
+	netbios-name-servers, netbios-scope, interface-mtu,
+	rfc3442-classless-static-routes, ntp-servers;
+
+#send dhcp-client-identifier 1:0:a0:24:ab:fb:9c;
+#send dhcp-lease-time 3600;
+#supersede domain-name "fugue.com home.vix.com";
+#prepend domain-name-servers 127.0.0.1;
+#prepend domain-name-servers 172.16.0.2;
+#require subnet-mask, domain-name-servers;
+#timeout 60;
+#retry 60;
+#reboot 10;
+#select-timeout 5;
+#initial-interval 2;
+#script "/sbin/dhclient-script";
+#media "-link0 -link1 -link2", "link0 link1";
+#reject 192.33.137.209;
+
+#alias {
+#  interface "eth0";
+#  fixed-address 192.5.5.213;
+#  option subnet-mask 255.255.255.255;
+#}
+
+#lease {
+#  interface "eth0";
+#  fixed-address 192.33.137.200;
+#  medium "link0 link1";
+#  option host-name "andare.swiftmedia.com";
+#  option subnet-mask 255.255.255.0;
+#  option broadcast-address 192.33.137.255;
+#  option routers 192.33.137.250;
+#  option domain-name-servers 127.0.0.1;
+#  renew 2 2000/1/12 00:00:01;
+#  rebind 2 2000/1/12 00:00:01;
+#  expire 2 2000/1/12 00:00:01;
+#}

sisr1/tp03/srv-service-ge/dhcpd.conf

@@ -0,0 +1,110 @@
+# dhcpd.conf
+#
+# Sample configuration file for ISC dhcpd
+#
+
+# option definitions common to all supported networks...
+default-lease-time 600;
+max-lease-time 7200;
+
+# The ddns-updates-style parameter controls whether or not the server will
+# attempt to do a DNS update when a lease is confirmed. We default to the
+# behavior of the version 2 packages ('none', since DHCP v2 didn't
+# have support for DDNS.)
+ddns-update-style none;
+
+# If this DHCP server is the official DHCP server for the local
+# network, the authoritative directive should be uncommented.
+#authoritative;
+
+# Use this to send dhcp log messages to a different log file (you also
+# have to hack syslog.conf to complete the redirection).
+#log-facility local7;
+
+# No service will be given on this subnet, but declaring it helps the 
+# DHCP server to understand the network topology.
+
+#subnet 10.152.187.0 netmask 255.255.255.0 {
+#}
+
+# This is a very basic subnet declaration.
+
+subnet 172.16.0.0 netmask 255.255.255.0 {
+  range 172.16.0.100 172.16.0.200;
+  option routers 172.16.0.254;
+  option domain-name "monlabo.lan";
+  option domain-name-servers 127.0.0.1;
+  option domain-name-servers 172.16.0.2;
+}
+
+# This declaration allows BOOTP clients to get dynamic addresses,
+# which we don't really recommend.
+
+#subnet 10.254.239.32 netmask 255.255.255.224 {
+#  range dynamic-bootp 10.254.239.40 10.254.239.60;
+#  option broadcast-address 10.254.239.31;
+#  option routers rtr-239-32-1.example.org;
+#}
+
+# A slightly different configuration for an internal subnet.
+#subnet 10.5.5.0 netmask 255.255.255.224 {
+#  range 10.5.5.26 10.5.5.30;
+#  option domain-name-servers ns1.internal.example.org;
+#  option domain-name "internal.example.org";
+#  option routers 10.5.5.1;
+#  option broadcast-address 10.5.5.31;
+#  default-lease-time 600;
+#  max-lease-time 7200;
+#}
+
+# Hosts which require special configuration options can be listed in
+# host statements.   If no address is specified, the address will be
+# allocated dynamically (if possible), but the host-specific information
+# will still come from the host declaration.
+
+host srv-admin-ge {
+  hardware ethernet 08:00:27:6e:32:49;
+  fixed-address 172.16.0.254;
+}
+
+host srv-dns2-ge {
+  hardware ethernet 08:00:27:8e:f7:39;
+  fixed-address 172.16.0.2;
+}
+# Fixed IP addresses can also be specified for hosts.   These addresses
+# should not also be listed as being available for dynamic assignment.
+# Hosts for which fixed IP addresses have been specified can boot using
+# BOOTP or DHCP.   Hosts for which no fixed address is specified can only
+# be booted with DHCP, unless there is an address range on the subnet
+# to which a BOOTP client is connected which has the dynamic-bootp flag
+# set.
+#host fantasia {
+#  hardware ethernet 08:00:07:26:c0:a5;
+#  fixed-address fantasia.example.com;
+#}
+
+# You can declare a class of clients and then do address allocation
+# based on that.   The example below shows a case where all clients
+# in a certain class get addresses on the 10.17.224/24 subnet, and all
+# other clients get addresses on the 10.0.29/24 subnet.
+
+#class "foo" {
+#  match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
+#}
+
+#shared-network 224-29 {
+#  subnet 10.17.224.0 netmask 255.255.255.0 {
+#    option routers rtr-224.example.org;
+#  }
+#  subnet 10.0.29.0 netmask 255.255.255.0 {
+#    option routers rtr-29.example.org;
+#  }
+#  pool {
+#    allow members of "foo";
+#    range 10.17.224.10 10.17.224.250;
+#  }
+#  pool {
+#    deny members of "foo";
+#    range 10.0.29.10 10.0.29.230;
+#  }
+#}

sisr1/tp03/srv-service-ge/hostname

@@ -0,0 +1 @@
+srv-service-ge

sisr1/tp03/srv-service-ge/hosts

@@ -0,0 +1,7 @@
+127.0.0.1	localhost
+127.0.1.1	srv-service-ge.sio.lan	srv-service-ge
+
+# The following lines are desirable for IPv6 capable hosts
+::1     localhost ip6-localhost ip6-loopback
+ff02::1 ip6-allnodes
+ff02::2 ip6-allrouters

sisr1/tp03/srv-service-ge/interfaces

@@ -0,0 +1,14 @@
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The primary network interface
+allow-hotplug enp0s3
+iface enp0s3 inet static
+	address 172.16.0.1/24
+	gateway 172.16.0.254

sisr1/tp03/srv-service-ge/named.conf

@@ -0,0 +1,11 @@
+// This is the primary configuration file for the BIND DNS server named.
+//
+// Please read /usr/share/doc/bind9/README.Debian for information on the
+// structure of BIND configuration files in Debian, *BEFORE* you customize
+// this configuration file.
+//
+// If you are just adding zones, please do that in /etc/bind/named.conf.local
+
+include "/etc/bind/named.conf.options";
+include "/etc/bind/named.conf.local";
+include "/etc/bind/named.conf.default-zones";

sisr1/tp03/srv-service-ge/named.conf.local

@@ -0,0 +1,21 @@
+//
+// Do any local configuration here
+//
+
+// zone directe
+zone "monlabo.lan" {
+	type master;
+	file "/etc/bind/db.monlabo.lan";
+};
+
+// zone inverse
+zone "0.16.172.in-addr.arpa" {
+	type master;
+	notify no;
+	file "/etc/bind/db.monlabo.lan.rev";
+};
+
+// Consider adding the 1918 zones here, if they are not used in your
+// organization
+//include "/etc/bind/zones.rfc1918";
+

sisr1/tp03/srv-service-ge/named.conf.options

@@ -0,0 +1,25 @@
+options {
+	directory "/var/cache/bind";
+
+	// If there is a firewall between you and nameservers you want
+	// to talk to, you may need to fix the firewall to allow multiple
+	// ports to talk.  See http://www.kb.cert.org/vuls/id/800113
+
+	// If your ISP provided one or more IP addresses for stable 
+	// nameservers, you probably want to use them as forwarders.  
+	// Uncomment the following block, and insert the addresses replacing 
+	// the all-0's placeholder.
+
+	 forwarders {
+		10.121.38.7;
+		10.121.38.8;
+	 };
+
+	//========================================================================
+	// If BIND logs error messages about the root key being expired,
+	// you will need to update your keys.  See https://www.isc.org/bind-keys
+	//========================================================================
+	dnssec-validation no;
+
+	listen-on-v6 { any; };
+};