Ajout du repertoire BTS blanc

README.md

@@ -2,4 +2,6 @@
 
 Dépôt de suivi des fichiers de configuration réalisés au cours du BTS SIO
 
-**sisr1** : enseignement SISR, première année
+**sisr1** : enseignement SISR, première année
+
+Ma plage d'adresse disponible pour mes machine 192.168.0.120 à 192.168.0.139

sisr1/README.md

@@ -9,4 +9,10 @@ Travaux pratiques de première année : option SISR
 **- tp02-dns** : 
   * configuration de serveurs DNS primaires et secondaires 
   * configuration du service DHCP pour utiliser ces DNS
-  * automatisation du lancement du script NAT
+  * automatisation du lancement du script NAT
+
+  **- tp03-reseau-prive** :
+  * Construction d'un reséaux interne virtuelle
+  * Configuration de serveurs DNS Primaires et secondaires
+  * automatisation du lacement du script NAT
+  * Configuration du service DHCP pour utiliser ces DNS 

sisr1/TP04-Bases-d'administration/README.md

@@ -0,0 +1 @@
+# Droit d'acces appliquée au dossier

sisr1/TP04-Bases-d'administration/Users.csv

@@ -0,0 +1,30 @@
+Ermengarde,Berthelmot,eberthelmot0@webmd.com,Female,Accountant,
+Kassi,Bunker,kbunker1@xinhuanet.com,Female,Production,
+Moises,McCallum,mmccallum2@i2i.jp,Male,Production,
+Patrizio,Lune,plune3@upenn.edu,Male,Accountant,
+Blanch,Everix,beverix4@php.net,Female,Accountant,
+Stafani,Kibbel,skibbel5@marriott.com,Female,Production,
+Ignacius,Mosdell,imosdell6@cloudflare.com,Male,Management,
+Jeana,Waller-Bridge,jwallerbridge7@mapy.cz,Female,Management,
+Elroy,Dressel,edressel8@opera.com,Male,Production,
+Thea,Strettell,tstrettell9@nature.com,Female,Production,
+Solomon,Insoll,sinsolla@utexas.edu,Male,Accountant,
+Carri,Feedome,cfeedomeb@ask.com,Female,Accountant,
+Padraic,Chetwind,pchetwindc@last.fm,Male,Management,
+Solly,D'Ugo,sdugod@uiuc.edu,Male,Production,
+Konstanze,MacCostigan,kmaccostigane@seattletimes.com,Female,Accountant,
+Roxane,Powlesland,rpowleslandf@pcworld.com,Female,Management,
+Orelle,Kennealy,okennealyg@arstechnica.com,Female,Production,
+Sukey,Soitoux,ssoitouxh@shinystat.com,Female,Production,
+Nelli,Syce,nsycei@blogger.com,Female,Production,
+Clarisse,Shillam,cshillamj@dailymotion.com,Female,Production,
+Carin,Gueny,cguenyk@naver.com,Female,Management,
+Donny,Riepel,driepell@addtoany.com,Male,Production,
+Daniella,Ralfe,dralfem@wunderground.com,Female,Production,
+Lexy,Clynmans,lclynmansn@furl.net,Female,Production,
+Gardiner,Adamthwaite,gadamthwaiteo@spotify.com,Male,Production,
+Woodman,Lippett,wlippettp@purevolume.com,Male,Production,
+Nadya,Munnion,nmunnionq@flavors.me,Female,Production,
+Llewellyn,Habershon,lhabershonr@alibaba.com,Male,Production,
+Isaak,Greatrex,igreatrexs@seesaa.net,Male,Production,
+Darill,Frostdyke,dfrostdyket@cafepress.com,Male,Production,

sisr1/TP04-Bases-d'administration/createGroups.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+
+fichier=Users.csv
+
+while read ligne # définit la varaible "ligne" comme contenue de la ligne du fichier en cours de lecture
+do
+    metier=$(echo $ligne | cut -d "," -f5) #A chhaque utilisateur itération, stocker le métier
+    echo $metier
+    if [[ $(grep $metier /etc/group) == "" ]] ; then
+        groupadd $metier
+    fi
+done < $fichier

sisr1/TP04-Bases-d'administration/createLogins.sh

@@ -0,0 +1,24 @@
+#!/bin/bash
+fichier=Users.csv
+fichier_a_ecrire=./login.csv
+rm $fichier_a_ecrire 2> /dev/null
+touch $fichier_a_ecrire
+
+while read ligne
+do
+  aecrie=""
+  last_name=$(echo $ligne | cut -d "," -f2) # récupération du nom a chaque ligne
+  first_name=$(echo $ligne | cut -d "," -f1) # récupération du prénom a chaque ligne
+  group=$(echo $ligne | cut -d "," -f5) # recupération du groupe a chaque ligne
+  login=$(echo $first_name | cut -c1)$last_name # creation d'un login
+  login=$(echo $login | tr [:upper:] [:lower:]) #passage de toute les lettre du nom et prenom en minuscule
+  login=$(echo $login | tr -dc [:alnum:]) #Prise en compte des caractere uniquement alphabéticonumérique
+  password=$(echo $RANDOM | md5sum | head -c8) #creation d'un mot de passe 
+
+  aecrie="$login;$password;$first_name;$last_name;$group"
+
+  echo $aecrie >> $fichier_a_ecrire
+
+done < $fichier
+
+echo "le fichier login.csv a bien été créer"

sisr1/TP04-Bases-d'administration/createUsers.sh

@@ -0,0 +1,20 @@
+file=./login.csv
+
+
+while read ligne
+do  
+    username=$(echo $ligne | cut -d ";" -f1)
+    useradd -m -s "/bin/bash" $username
+
+    group=$(echo $ligne | cut -d ";" -f5)
+    usermod -aG $group $username
+
+    password=$(echo $ligne | cut -d ";" -f2)
+    
+    echo $username:$password | chpasswd
+
+    chown $username:$username /home/$username
+
+done <$file
+
+

sisr1/TP04-Bases-d'administration/deployUsers.sh

@@ -0,0 +1,18 @@
+#!/bin/bash
+
+ip=$1
+user=root
+workdir=/$user/deploy
+
+ssh $user@$ip "mkdir $workdir" 2> /dev/null
+
+#copie des  scripts et fichier
+scp createGroups.sh $user@$ip:$workdir
+scp createUsers.sh $user@$ip:$workdir
+scp login.csv $user@$ip:$workdir
+scp Users.csv $user@$ip:$workdir
+
+#execution des scripts
+ssh $user@$ip "cd $workdir ; bash createGroups.sh ; bash createUsers.sh"
+
+ssh $user@$ip "rm -R $workdir" #suppression

sisr1/TP04-Bases-d'administration/gitpush.sh

@@ -0,0 +1,16 @@
+#!/bin/bash
+
+if [ -z "$1" ] ; then
+    read -p "Erreur: Ecrivez un message " $message
+else 
+    message=$1
+fi
+
+# Ajout des fichiers modifiers
+git add .
+
+# Commit avec le message
+git commit -m "$message"
+
+# Push  vers le dépot
+git push https://redouane.assani@gitea.lyc-lecastel.fr/redouane.assani/siotp.git

sisr1/TP04-Bases-d'administration/login.csv

@@ -0,0 +1,30 @@
+eberthelmot;b67e86f8;Ermengarde;Berthelmot;Accountant
+kbunker;c96ce0e8;Kassi;Bunker;Production
+mmccallum;8d3df113;Moises;McCallum;Production
+plune;719198af;Patrizio;Lune;Accountant
+beverix;c914708a;Blanch;Everix;Accountant
+skibbel;5eab5ab7;Stafani;Kibbel;Production
+imosdell;f6c73e14;Ignacius;Mosdell;Management
+jwallerbridge;aeca1ecf;Jeana;Waller-Bridge;Management
+edressel;5679fb79;Elroy;Dressel;Production
+tstrettell;0b218424;Thea;Strettell;Production
+sinsoll;02b743ca;Solomon;Insoll;Accountant
+cfeedome;32405639;Carri;Feedome;Accountant
+pchetwind;a75beebe;Padraic;Chetwind;Management
+sdugo;4b4f98e3;Solly;D'Ugo;Production
+kmaccostigan;0db1473c;Konstanze;MacCostigan;Accountant
+rpowlesland;c0e9b6c6;Roxane;Powlesland;Management
+okennealy;155f3674;Orelle;Kennealy;Production
+ssoitoux;323f6ff8;Sukey;Soitoux;Production
+nsyce;82c0f357;Nelli;Syce;Production
+cshillam;0575710e;Clarisse;Shillam;Production
+cgueny;fad38e18;Carin;Gueny;Management
+driepel;c7482c14;Donny;Riepel;Production
+dralfe;a053e245;Daniella;Ralfe;Production
+lclynmans;5865f85c;Lexy;Clynmans;Production
+gadamthwaite;5d8660f7;Gardiner;Adamthwaite;Production
+wlippett;7d65808a;Woodman;Lippett;Production
+nmunnion;d353774c;Nadya;Munnion;Production
+lhabershon;1594623a;Llewellyn;Habershon;Production
+igreatrex;f6ed5356;Isaak;Greatrex;Production
+dfrostdyke;d8eb0743;Darill;Frostdyke;Production

sisr1/TP05-installation-proxy/gitpush.sh

@@ -0,0 +1,16 @@
+#!/bin/bash
+
+if [ -z "$1" ] ; then
+    read -p "Erreur: Ecrivez un message " $message
+else 
+    message=$1
+fi
+
+# Ajout des fichiers modifiers
+git add .
+
+# Commit avec le message
+git commit -m "$message"
+
+# Push  vers le dépot
+git push https://redouane.assani@gitea.lyc-lecastel.fr/redouane.assani/siotp.git

sisr1/TP05-installation-proxy/nat/dnsfwd.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+echo "1" > /proc/sys/net/ipv4/ip_forward
+nft add table dnsfwd
+nft add chain dnsfwd prerouting {type nat hook prerouting priority 0 \; }
+nft add chain dnsfwd postrouting {type nat hook postrouting priority 0 \; }
+nft add rule dnsfwd postrouting tcp dport 53 masquerade
+nft add rule dnsfwd postrouting udp dport 53 masquerade
+nft add rule dnsfwd prerouting tcp dport 53 masquerade
+nft add rule dnsfwd prerouting udp dport 53 masquerade
+nft add rule dnsfwd prerouting ct state established,related accept
+nft add rule dnsfwd postrouting ct state established,related accept

sisr1/TP05-installation-proxy/squid/majservice.sh

@@ -0,0 +1,16 @@
+#Script destiné a être paramétré et exécuté depuis un repertoire de votre depots git
+#contenant un fichier de coinfiguration d'un service
+filename=squid.conf # nom du fichier config
+filepath=/etc/squid # emplacement systeme du fichier config
+servicename=squid.service #nom du service 
+
+git pull # mise a jour du fichier de config du dépôt
+
+sudo cp $filepath/$filename $filepath/$filename.old
+#sauvegarde fichier précédente
+
+sudo cp ./$filename $filepath/$filename
+#copie du fichier de config mis a jour a son emplacement
+
+sudo systemctl restart $servicename
+#redemarage du service associé

sisr1/tp02-dns/dhcp/dhcpd.conf

@@ -0,0 +1,109 @@
+# dhcpd.conf
+#
+# Sample configuration file for ISC dhcpd
+#
+
+# option definitions common to all supported networks...
+option domain-name "example.org";
+option domain-name-servers ns1.example.org, ns2.example.org;
+
+default-lease-time 3600;
+max-lease-time 604800;
+
+# The ddns-updates-style parameter controls whether or not the server will
+# attempt to do a DNS update when a lease is confirmed. We default to the
+# behavior of the version 2 packages ('none', since DHCP v2 didn't
+# have support for DDNS.)
+ddns-update-style none;
+
+# If this DHCP server is the official DHCP server for the local
+# network, the authoritative directive should be uncommented.
+#authoritative;
+
+# Use this to send dhcp log messages to a different log file (you also
+# have to hack syslog.conf to complete the redirection).
+#log-facility local7;
+
+# No service will be given on this subnet, but declaring it helps the 
+# DHCP server to understand the network topology.
+
+#subnet 10.152.187.0 netmask 255.255.255.0 {
+#}
+
+# This is a very basic subnet declaration.
+
+subnet 192.168.2.0 netmask 255.255.255.0 {
+	range 192.168.2.10 192.168.2.100;
+	option domain-name "sio-ra.lan";
+	option routers 192.168.2.1;
+	option domain-name-servers 192.168.0.121;
+}
+
+# This declaration allows BOOTP clients to get dynamic addresses,
+# which we don't really recommend.
+
+#subnet 10.254.239.32 netmask 255.255.255.224 {
+#  range dynamic-bootp 10.254.239.40 10.254.239.60;
+#  option broadcast-address 10.254.239.31;
+#  option routers rtr-239-32-1.example.org;
+#}
+
+# A slightly different configuration for an internal subnet.
+#subnet 10.5.5.0 netmask 255.255.255.224 {
+#  range 10.5.5.26 10.5.5.30;
+#  option domain-name-servers ns1.internal.example.org;
+#  option domain-name "internal.example.org";
+#  option routers 10.5.5.1;
+#  option broadcast-address 10.5.5.31;
+#  default-lease-time 600;
+#  max-lease-time 7200;
+#}
+
+# Hosts which require special configuration options can be listed in
+# host statements.   If no address is specified, the address will be
+# allocated dynamically (if possible), but the host-specific information
+# will still come from the host declaration.
+
+#host passacaglia {
+#  hardware ethernet 0:0:c0:5d:bd:95;
+#  filename "vmunix.passacaglia";
+#  server-name "toccata.example.com";
+#}
+
+# Fixed IP addresses can also be specified for hosts.   These addresses
+# should not also be listed as being available for dynamic assignment.
+# Hosts for which fixed IP addresses have been specified can boot using
+# BOOTP or DHCP.   Hosts for which no fixed address is specified can only
+# be booted with DHCP, unless there is an address range on the subnet
+# to which a BOOTP client is connected which has the dynamic-bootp flag
+# set.
+host XP {
+  hardware ethernet 08:00:27:77:70:0D;
+  fixed-address 192.168.2.105;
+}
+
+# You can declare a class of clients and then do address allocation
+# based on that.   The example below shows a case where all clients
+# in a certain class get addresses on the 10.17.224/24 subnet, and all
+# other clients get addresses on the 10.0.29/24 subnet.
+
+#class "foo" {
+#  match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
+#}
+
+#shared-network 224-29 {
+#  subnet 10.17.224.0 netmask 255.255.255.0 {
+#    option routers rtr-224.example.org;
+#  }
+#  subnet 10.0.29.0 netmask 255.255.255.0 {
+#    option routers rtr-29.example.org;
+#  }
+#  pool {
+#    allow members of "foo";
+#    range 10.17.224.10 10.17.224.250;
+#  }
+#  pool {
+#    deny members of "foo";
+#    range 10.0.29.10 10.0.29.230;
+#  }
+#}

sisr1/tp02-dns/dns1/db.sio-ra.lan

@@ -0,0 +1,22 @@
+;
+; BIND data file for local loopback interface
+;
+$TTL	604800
+@	IN	SOA	dns1-ra.sio-ra.lan.  root.dns1-ra.sio-ra.lan. (
+			      2		; Serial
+			 604800		; Refresh
+			  86400		; Retry
+			2419200		; Expire
+			 604800 )	; Negative Cache TTL	
+;
+@	IN	NS      dns1-ra.sio-ra.lan.
+@	IN	NS	dns2-ra.sio-ra.lan.
+dns1-ra.sio-ra.lan. IN  A 192.168.0.121
+dns2-ra.sio-ra.lan. IN  A 192.168.0.122 
+@	IN	A	127.0.0.1
+0.168.192.in-addr.arpa IN PTR dns1-ra.sio.lan.
+deb-dhcp-ra IN A 192.168.0.120
+;@	IN	AAAA	::1
+dhcp cname deb-dhcp-ra
+dns1 cname dns1-ra
+dns2 cname dns2-ra

sisr1/tp02-dns/dns1/db.sio-ra.lan.rev

@@ -0,0 +1,19 @@
+; BIND data file for local loopback interface
+;
+$TTL    604800
+@       IN      SOA     dns1-ra.sio-ra.lan.  root.dns1-ra.sio-ra.lan. (
+                              2         ; Serial
+                         604800         ; Refresh
+                          86400         ; Retry
+                        2419200         ; Expire
+                         604800 )       ; Negative Cache TTL    
+;
+@       IN      NS      dns1-ra.sio-ra.lan.
+@       IN      A       127.0.0.1
+121 IN PTR dns1-ra.sio-ra.lan.
+120 IN PTR deb-dhcp-ra.sio-ra.lan.
+121 IN PTR dns2-ra.sio-ra.lan
+;
+dhcp cname deb-dhcp-ra
+dns1 cname dns1-ra
+dns2 cname dns2-ra

sisr1/tp02-dns/dns1/named.conf.local

@@ -0,0 +1,20 @@
+//
+// Do any local configuration here
+// zone directe
+zone "sio-ra.lan" {
+	type master;
+        file "/etc/bind/db.sio-ra.lan";
+};
+
+// zone inverse 
+zone "0.168.192.in-addr.arpa" {
+	type master;
+        notify no;
+        file "/etc/bind/db.sio-ra.lan.rev";
+};
+
+// Consider adding the 1918 zones here, if they are not used in your
+// organization
+//include "/etc/bind/zones.rfc1918";
+
+

sisr1/tp02-dns/dns1/resolv.conf

@@ -0,0 +1,4 @@
+domain sio-ra.lan
+search sio-ra.lan
+nameserver 127.0.0.1
+nameserver 10.121.38.8

sisr1/tp02-dns/dns2/db.sio-ra.lan

@@ -0,0 +1,20 @@
+$ORIGIN .
+$TTL 604800	; 1 week
+sio-ra.lan		IN SOA	dns1-ra.sio-ra.lan. root.dns1-ra.sio-ra.lan. (
+				2          ; serial
+				604800     ; refresh (1 week)
+				86400      ; retry (1 day)
+				2419200    ; expire (4 weeks)
+				604800     ; minimum (1 week)
+				)
+			NS	dns1-ra.sio-ra.lan.
+			NS	dns2-ra.sio-ra.lan.
+			A	127.0.0.1
+$ORIGIN sio-ra.lan.
+0.168.192.in-addr.arpa	PTR	dns1-ra.sio.lan.
+deb-dhcp-ra		A	192.168.0.120
+dhcp			CNAME	deb-dhcp-ra
+dns1			CNAME	dns1-ra
+dns1-ra			A	192.168.0.121
+dns2			CNAME	dns2-ra
+dns2-ra			A	192.168.0.122

sisr1/tp02-dns/dns2/named.conf

@@ -0,0 +1,11 @@
+// This is the primary configuration file for the BIND DNS server named.
+//
+// Please read /usr/share/doc/bind9/README.Debian for information on the
+// structure of BIND configuration files in Debian, *BEFORE* you customize
+// this configuration file.
+//
+// If you are just adding zones, please do that in /etc/bind/named.conf.local
+
+include "/etc/bind/named.conf.options";
+include "/etc/bind/named.conf.local";
+include "/etc/bind/named.conf.default-zones";

sisr1/tp02-dns/dns2/named.conf.local

@@ -0,0 +1,23 @@
+//
+// Do any local configuration here
+// zone directe
+zone "sio-ra.lan" {
+	type slave;
+        file "/etc/bind/db.sio-ra.lan";
+	masters { 192.168.0.121; };
+	masterfile-format text;
+};
+
+// zone inverse 
+zone "0.168.192.in-addr.arpa" {
+	type slave;
+        notify no;
+        file "/etc/bind/db.sio-ra.lan.rev";
+	masters { 192.168.0.121; };
+};
+
+// Consider adding the 1918 zones here, if they are not used in your
+// organization
+//include "/etc/bind/zones.rfc1918";
+
+

sisr1/tp02-dns/dns2/resolv.conf

@@ -0,0 +1,4 @@
+domain sio-ra.lan
+search sio-ra.lan
+nameserver 127.0.0.1
+nameserver 10.121.38.8

sisr1/tp03-reseau-prive/README.md

@@ -0,0 +1,6 @@
+# tp03-reseau-prive
+
+* Construction d'un reséaux interne virtuelle
+* Configuration de serveurs DNS Primaires et secondaires
+* automatisation du lacement du script NAT
+* Configuration du service DHCP pour utiliser ces DNS

sisr1/tp03-reseau-prive/srv-admin/cartes-reseau/interfaces

@@ -0,0 +1,24 @@
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The primary network interface
+#allow-hotplug enp0s3
+#iface enp0s3 inet dhcp
+
+#premiere interface - adr. statique
+auto enp0s3
+iface enp0s3 inet static
+	address 192.168.0.120/24 
+	gateway 192.168.0.1
+
+#deuxieme interface -adr. statique
+auto enp0s8
+iface enp0s8 inet dhcp
+
+

sisr1/tp03-reseau-prive/srv-admin/nat/nat.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+echo "1" > /proc/sys/net/ipv4/ip_forward
+nft add table basic_nat_table
+nft add chain basic_nat_table prerouting {type nat hook prerouting priority 0 \; }
+nft add chain basic_nat_table postrouting {type nat hook postrouting priority 0 \; }
+nft add rule basic_nat_table postrouting masquerade

sisr1/tp03-reseau-prive/srv-dns2/carte_reseau/interfaces

@@ -0,0 +1,17 @@
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The primary network interface
+#allow-hotplug enp0s3
+#iface enp0s3 inet dhcp
+
+#premiere interface - adr. statique
+auto enp0s3
+iface enp0s3 inet dhcp
+

sisr1/tp03-reseau-prive/srv-dns2/dns/named.conf.local

@@ -0,0 +1,23 @@
+//
+// Do any local configuration here
+// zone directe
+zone "monlabo.lan" {
+	type slave;
+        file "/etc/bind/db.monlabo.lan";
+	masters { 172.16.0.1; };
+	masterfile-format text;
+};
+
+// zone inverse 
+zone "0.16.172.in-addr.arpa" {
+	type slave;
+        notify no;
+        file "/etc/bind/db.monlabo.lan.rev";
+	masters { 172.16.0.1; };
+};
+
+
+// Consider adding the 1918 zones here, if they are not used in your
+// organization
+//include "/etc/bind/zones.rfc1918";
+

sisr1/tp03-reseau-prive/srv-service/cartes_reseau/interfaces

@@ -0,0 +1,19 @@
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The primary network interface
+#allow-hotplug enp0s3
+#iface enp0s3 inet dhcp
+
+#premiere interface - adr. statique
+auto enp0s3
+iface enp0s3 inet static
+	address 172.16.0.1/24 
+	gateway 172.16.0.254
+

sisr1/tp03-reseau-prive/srv-service/dhcp/dhcpd.conf

@@ -0,0 +1,114 @@
+# dhcpd.conf
+#
+# Sample configuration file for ISC dhcpd
+#
+
+# option definitions common to all supported networks...
+#option domain-name "example.org";
+#option domain-name-servers ns1.example.org, ns2.example.org;
+
+default-lease-time 600;
+max-lease-time 7200;
+
+# The ddns-updates-style parameter controls whether or not the server will
+# attempt to do a DNS update when a lease is confirmed. We default to the
+# behavior of the version 2 packages ('none', since DHCP v2 didn't
+# have support for DDNS.)
+ddns-update-style none;
+
+# If this DHCP server is the official DHCP server for the local
+# network, the authoritative directive should be uncommented.
+#authoritative;
+
+# Use this to send dhcp log messages to a different log file (you also
+# have to hack syslog.conf to complete the redirection).
+#log-facility local7;
+
+# No service will be given on this subnet, but declaring it helps the 
+# DHCP server to understand the network topology.
+
+#subnet 10.152.187.0 netmask 255.255.255.0 {
+#}
+
+# This is a very basic subnet declaration.
+
+subnet 172.16.0.0 netmask 255.255.255.0 {
+	range 172.16.0.20 172.16.0.119;
+	option routers 172.16.0.254;
+	option domain-name "monlabo.lan";
+	option domain-name-servers 172.16.0.1, 172.16.0.2;
+}
+
+# This declaration allows BOOTP clients to get dynamic addresses,
+# which we don't really recommend.
+
+#subnet 10.254.239.32 netmask 255.255.255.224 {
+#  range dynamic-bootp 10.254.239.40 10.254.239.60;
+#  option broadcast-address 10.254.239.31;
+#  option routers rtr-239-32-1.example.org;
+#}
+
+# A slightly different configuration for an internal subnet.
+#subnet 10.5.5.0 netmask 255.255.255.224 {
+#  range 10.5.5.26 10.5.5.30;
+#  option domain-name-servers ns1.internal.example.org;
+#  option domain-name "internal.example.org";
+#  option routers 10.5.5.1;
+#  option broadcast-address 10.5.5.31;
+#  default-lease-time 600;
+#  max-lease-time 7200;
+#}
+
+# Hosts which require special configuration options can be listed in
+# host statements.   If no address is specified, the address will be
+# allocated dynamically (if possible), but the host-specific information
+# will still come from the host declaration.
+
+#host passacaglia {
+#  hardware ethernet 0:0:c0:5d:bd:95;
+#  filename "vmunix.passacaglia";
+#  server-name "toccata.example.com";
+#}
+
+# Fixed IP addresses can also be specified for hosts.   These addresses
+# should not also be listed as being available for dynamic assignment.
+# Hosts for which fixed IP addresses have been specified can boot using
+# BOOTP or DHCP.   Hosts for which no fixed address is specified can only
+# be booted with DHCP, unless there is an address range on the subnet
+# to which a BOOTP client is connected which has the dynamic-bootp flag
+# set.
+host svr-admin-ra {
+  hardware ethernet 08:00:27:87:c3:bd;
+  fixed-address 172.16.0.254;
+}
+
+host srv-dns2 {
+  hardware ethernet 08:00:27:0a:28:ab;
+  fixed-address 172.16.0.2;
+}
+
+# You can declare a class of clients and then do address allocation
+# based on that.   The example below shows a case where all clients
+# in a certain class get addresses on the 10.17.224/24 subnet, and all
+# other clients get addresses on the 10.0.29/24 subnet.
+
+#class "foo" {
+#  match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
+#}
+
+#shared-network 224-29 {
+#  subnet 10.17.224.0 netmask 255.255.255.0 {
+#    option routers rtr-224.example.org;
+#  }
+#  subnet 10.0.29.0 netmask 255.255.255.0 {
+#    option routers rtr-29.example.org;
+#  }
+#  pool {
+#    allow members of "foo";
+#    range 10.17.224.10 10.17.224.250;
+#  }
+#  pool {
+#    deny members of "foo";
+#    range 10.0.29.10 10.0.29.230;
+#  }
+#}

sisr1/tp03-reseau-prive/srv-service/dhcp/isc-dhcp-server

@@ -0,0 +1,18 @@
+# Defaults for isc-dhcp-server (sourced by /etc/init.d/isc-dhcp-server)
+
+# Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf).
+#DHCPDv4_CONF=/etc/dhcp/dhcpd.conf
+#DHCPDv6_CONF=/etc/dhcp/dhcpd6.conf
+
+# Path to dhcpd's PID file (default: /var/run/dhcpd.pid).
+#DHCPDv4_PID=/var/run/dhcpd.pid
+#DHCPDv6_PID=/var/run/dhcpd6.pid
+
+# Additional options to start dhcpd with.
+#	Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead
+#OPTIONS=""
+
+# On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
+#	Separate multiple interfaces with spaces, e.g. "eth0 eth1".
+INTERFACESv4="enp0s3"
+INTERFACESv6=""

sisr1/tp03-reseau-prive/srv-service/dns/db.monlabo.lan

@@ -0,0 +1,34 @@
+;
+; BIND data file for local loopback interface
+;
+$TTL	604800
+@	IN	SOA	srv-service.monlabo.lan. root.srv-service.monlabo.lan. (
+			      2		; Serial
+			 604800		; Refresh
+			  86400		; Retry
+			2419200		; Expire
+			 604800 )	; Negative Cache TTL
+;
+@	IN	NS	srv-service.monlabo.lan.
+@	IN	NS	srv-dns2.monlabo.lan.
+@	IN	A	127.0.0.1
+
+srv-service.monlabo.lan.	IN	A	172.16.0.1
+srv-dns2.monlabo.lan.		IN	A	172.16.0.2
+srv-admin-ra.monlabo.lan.	IN	A	172.16.0.254
+
+0.16.172.in-addr.arpa	PTR	srv-service.monlabo.lan.
+
+srvdns	cname	srv-service.monlabo.lan.
+srvdns1	cname	srv-service.monlabo.lan.
+dns	cname	srv-service.monlabo.lan.
+dns1	cname	srv-service.monlabo.lan.
+srvdhcp	cname	srv-service.monlabo.lan.
+dhcp	cname	srv-service.monlabo.lan.
+
+srvadmin cname	srv-admin-ra.monlabo.lan.
+router	cname	srv-admin-ra.monlabo.lan.
+gateway cname	srv-admin-ra.monlabo.lan.
+
+dns2	cname	srv-dns2.monlabo.lan.
+svrdns2	cname	srv-dns2.monlabo.lan.

sisr1/tp03-reseau-prive/srv-service/dns/db.monlabo.lan.rev

@@ -0,0 +1,20 @@
+;
+; BIND data file for local loopback interface
+;
+$TTL	604800
+@	IN	SOA	srv-service.monlabo.lan. root.srv-service.monlabo.lan. (
+			      2		; Serial
+			 604800		; Refresh
+			  86400		; Retry
+			2419200		; Expire
+			 604800 )	; Negative Cache TTL
+;
+@	IN	NS	srv-service.monlabo.lan.
+		NS	srv-dns2.monlabo.lan.
+@	IN	A	127.0.0.1
+
+;
+1 IN PTR srv-service.monlabo.lan.
+2 IN PTR srv-dns2.monlabo.lan.
+254 IN PTR srv-admin-ra.monlabo.lan.
+;

sisr1/tp03-reseau-prive/srv-service/dns/named.conf.local

@@ -0,0 +1,19 @@
+//
+// Do any local configuration here
+//zone direct
+zone "monlabo.lan" {
+	type master;
+	file "/etc/bind/db.monlabo.lan";
+};
+
+//zone inverse
+zone "0.16.172.in-addr.arpa" {
+	type master;
+	notify no;
+	file "/etc/bind/db.monlabo.lan.rev";
+};
+
+// Consider adding the 1918 zones here, if they are not used in your
+// organization
+//include "/etc/bind/zones.rfc1918";
+

sisr1/tp03-reseau-prive/srv-service/dns/resolv.conf

@@ -0,0 +1,4 @@
+domain monlabo.lan
+search monlabo.lan
+nameserver 127.0.0.1
+nameserver 10.121.38.8