Moxa Technologies DA-681 Series Manual Download Page 43 | Manualshive

Page: 43 / 65

background image

DA-681 Linux

Managing Communications

3-13

--sport: Source port number.

-d: Destination address.

--dport: Destination port number.

-j: Jump target. Specifies the target of the rules; i.e., how to handle matched packets.

For example, ACCEPT the packet, DROP the packet, or LOG the packet.

Examples:

Example 1: Accept all packets from the lo interface.

# iptables –A INPUT –i lo –j ACCEPT

Example 2: Accept TCP packets from 192.168.0.1.

# iptables –A INPUT –i eth0 –p tcp –s 192.168.0.1 –j ACCEPT

Example 3: Accept TCP packets from Class C network 192.168.1.0/24.

# iptables –A INPUT –i eth0 –p tcp –s 192.168.1.0/24 –j ACCEPT

Example 4: Drop TCP packets from 192.168.1.25.

# iptables –A INPUT –i eth0 –p tcp –s 192.168.1.25 –j DROP

Example 5: Drop TCP packets addressed for port 21.

# iptables –A INPUT –i eth0 –p tcp --dport 21 –j DROP

Example 6: Accept TCP packets from 192.168.0.24 to DA-681-I-LX’s port 137, 138, 139

# iptables –A INPUT –i eth0 –p tcp –s 192.168.0.24 --dport 137:139 –j ACCEPT

Example 7: Log TCP packets that visit DA-681-I-LX’s port 25.

# iptables –A INPUT –i eth0 –p tcp --dport 25 –j LOG

Example 8: Drop all packets from MAC address 01:02:03:04:05:06.

# iptables –A INPUT –i eth0 –p all –m mac --mac-source 01:02:03:04:05:06 –j DROP

ATTENTION

In Example 8, remember to issue the command # modprobe ipt_mac first to load the module ipt_mac.

NAT (Network Address Translation)

The NAT (Network Address Translation) protocol translates IP addresses used on one network into IP addresses
used on a connecting network. One network is designated the inside network and the other is the outside
network. Typically, the DA-681-LX connects several devices on a network and maps local inside network
addresses to one or more global outside IP addresses, and un-maps the global IP addresses on incoming
packets back into local IP addresses.

ATTENTION
Click on the following links for more information about NAT.

•

http://www.netfilter.org/documentation/HOWTO//packet-filtering-HOWTO.html

«
...
41
42
43
44
45
...
»

Summary of Contents for DA-681 Series

Page 1: ...DA 681 Series Linux Manual Fourth Edition August 2012 www moxa com product 2012 Moxa Inc All rights reserved ...

Page 2: ...ovements and or changes to this manual or to the products and or the programs described in this manual at any time Information provided in this manual is intended to be accurate and reliable However Moxa assumes no responsibility for its use or for any infringements on the rights of third parties that may result from its use This product might include unintentional technical or typographical error...

Page 3: ...ses with ifconfig 3 3 Telnet Server 3 3 Enabling the Telnet Server 3 3 Disabling the Telnet Server 3 4 FTP Server 3 4 Enabling the FTP Server 3 4 Disabling the FTP Server 3 4 DNS Client 3 4 etc hostname 3 5 etc resolv conf 3 5 etc nsswitch conf 3 5 Apache Web Server 3 6 Default Homepage 3 6 Saving Web Pages to a USB Storage Device 3 7 IPTABLES 3 8 IPTABLES Hierarchy 3 10 IPTABLES Modules 3 11 Obse...

Page 4: ...evices Software written for desktop PCs can be easily ported to the embedded computer with a GNU cross compiler and a minimum of source code modifications A typical Linux based device is designed for a specific use and is often not connected to other computers or a number of such devices connect to a centralized front end host Examples include enterprise tools such as industrial controllers commun...

Page 5: ...Intel Celeron M 1 GHz processor with 400 MHz FSB Intel 910GMLE ICH6M chipset 200 pin DDR2 SODIMM socket supporting DDR2 400 up to 1 GB built in 512 MB 6 Ethernet ports for network redundancy 1 CompactFlash socket 1 SATA connector for storage expansion 4 RS 232 and 8 RS 485 serial ports supports most nonstandard baudrates in this range 2 USB 2 0 ports for high speed peripherals 19 inch rackmount 1U...

Page 6: ...nt Version Description acpid 1 0 4 5 Utilities for using ACPI power management adduser 3 102 Add and remove users and groups apache2 2 2 3 4 etch6 Next generation scalable extendable web server apache2 mpm prefork 2 2 3 4 etch6 Traditional model for Apache HTTPD 2 1 apache2 utils 2 2 3 4 etch6 Utility programs for webservers apache2 2 common 2 2 3 4 etch6 Next generation scalable extendable web se...

Page 7: ...r Debian dselect 1 13 25 User tool to manage Debian packages e2fslibs 1 39 1 40 WIP 2006 11 14 dfsg 2etch1 ext2 filesystem libraries e2fsprogs 1 39 1 40 WIP 2006 11 14 dfsg 2etch1 ext2 file system utilities and libraries findutils 4 2 28 1etch1 Utilities for finding files find xargs an ftp 0 17 16 The FTP client g 4 1 1 15 The GNU C compiler g 4 1 4 1 1 21 The GNU C compiler gcc 4 1 1 15 The GNU C...

Page 8: ...gc1c2 6 8 1 Conservative garbage collector for C and C libgcc1 4 1 1 21 GCC support library libgcrypt11 1 2 3 2 LGPL Crypto library runtime library libgdbm3 1 8 3 3 GNU dbm database routines runtime version libgnutls13 1 4 4 3 The GNU TLS library runtime library libgpg error0 1 4 1 Library for common error values and messages libgpmg1 1 19 6 25 General Purpose Mouse shared library libgssapi2 0 10 ...

Page 9: ...sors libsepol1 1 14 2 Security Enhanced Linux policy library for changing policy binaries libsigc 2 0 0c2a 2 0 17 2 Type safe Signal Framework for C runtime libslang2 2 0 6 4 The S Lang programming library runtime version libslp1 1 2 1 6 2 OpenSLP libraries libsnmp base 5 2 3 7etch2 NET SNMP Simple Network Management Protocol MIBs and Docs libsnmp9 5 2 3 7etch2 NET SNMP Simple Network Management P...

Page 10: ...nt and server openbsd inetd 0 20050402 6 The OpenBSD Internet Superserver openssh client 4 3p2 9 Secure shell client an rlogin rsh rcp replacement openssh server 4 3p2 9 Secure shell server an rshd replacement openssl 0 9 8c 4etch3 Secure Socket Layer SSL binary and related cryptographic tools openvpn 2 0 9 4etch1 Virtual Private Network daemon passwd 4 0 18 1 7 Change and administer password and ...

Page 11: ...s to config files udev 0 105 4 dev and hotplug management daemon update inetd 4 27 0 5 inetd conf updater usbmount 0 0 14 1 Automatically mount and unmount USB mass storage devices usbutils 0 72 7 USB console utilities util linux 2 12r 19etch1 Miscellaneous system utilities vim 7 0 122 1etch3 Vi IMproved enhanced vi editor vim common 7 0 122 1etch3 Vi IMproved Common files vim runtime 7 0 122 1etc...

Page 12: ...n the next chapter Managing Communications The following topics are covered in this chapter Starting from a VGA Console Connecting from a Telnet Console Connecting from an SSH Console Windows Users Linux Users Adjusting the System Time Setting the Time Manually NTP Client Updating the Time Automatically Enabling and Disabling Daemons Setting the Run Level Cron Daemon for Executing Scheduled Comman...

Page 13: ...Console The DA 681 LX computer comes with 6 10 100 Mbps Ethernet ports named LAN1 to LAN6 The default IP addresses and netmasks of the network interfaces are as follows Default IP Address Netmask LAN 1 192 168 3 127 255 255 255 0 LAN 2 192 168 4 127 255 255 255 0 LAN 3 192 168 5 127 255 255 255 0 LAN 4 192 168 6 127 255 255 255 0 LAN 5 192 168 5 127 255 255 255 0 LAN 6 192 168 6 127 255 255 255 0 ...

Page 14: ...t to the target computer After a connection has been established type the login name and password as requested to log on to the computer The default values are both root Login root Password root ATTENTION If you cannot get connected on the first try re check the IP address and netmask settings and then unplug and re plug the DA 681 LX s power cord Connecting from an SSH Console The DA 681 LX compu...

Page 15: ...n the connection root bee_notebook root ssh 192 168 3 127 The authenticity of host 192 168 3 127 192 168 3 127 can t be established RSA key fingerprint is 8b ee ff 84 41 25 fc cd 2a f2 92 8f cb 1f 6b 2f Are you sure you want to continue connection yes no yes_ Adjusting the System Time The DA 681 LX has two time settings One is the system time and the other is provided by an RTC Real Time Clock bui...

Page 16: ...rotocol client that is used to initialize a time request to a remote NTP server Use ntpdate to update the system time ntpdate time stdtime gov tw hwclock w Visit http www ntp org for more information about NTP and NTP server addresses Moxa date hwclock Sat Jan 1 00 00 36 CST 2000 Sat Jan 1 00 00 37 2000 0 772941 seconds Moxa Moxa ntpdate time stdtime gov tw 9 Dec 10 58 53 ntpdate 207 step time ser...

Page 17: ...Save the shell script using any file name For example fixtime How to run the shell script automatically when the kernel boots up Because the root file system is mounted in Read only mode we need to re mount it using writable permission mount o remount rw dev hda1 Copy the example shell script fixtime to directory etc init d and then use chmod 755 fixtime to change the shell script mode chmod 755 f...

Page 18: ...6 0 Feb18 00 00 00 pdflush root 145 6 0 Feb18 00 00 00 kswapd0 root 146 6 0 Feb18 00 00 00 aio 01 root 622 6 0 Feb18 00 00 00 khubd root 763 6 0 Feb18 00 00 00 scsi_eh_0 root 765 6 0 Feb18 00 00 00 usb storage root 1119 1 0 Feb18 00 00 00 udevd daemon root 1527 6 0 Feb18 00 00 00 kpsmoused root 1754 6 0 Feb18 00 00 00 kmirrord daemon 2094 1 0 Feb18 00 00 00 sbin portmap root 2311 1 0 Feb18 00 00 0...

Page 19: ...Feb18 00 00 00 kswapd0 root 146 6 0 Feb18 00 00 00 aio 01 root 622 6 0 Feb18 00 00 00 khubd root 763 6 0 Feb18 00 00 00 scsi_eh_0 root 765 6 0 Feb18 00 00 00 usb storage root 1119 1 0 Feb18 00 00 00 udevd daemon root 1527 6 0 Feb18 00 00 00 kpsmoused root 1754 6 0 Feb18 00 00 00 kmirrord daemon 2094 1 0 Feb18 00 00 00 sbin portmap root 2311 1 0 Feb18 00 00 00 usr sbin acpid c etc acpi evemts s var...

Page 20: ...lowing command rm f etc rc2 d S60tcps2 After you finish writing or modifying the code remember to execute umount to change the root directory back to Read only mode MOXA umount Cron Daemon for Executing Scheduled Commands The Cron daemon will search etc crontab for crontab files which are named after accounts in etc passwd Cron wakes up every minute and checks each command to see if it should be r...

Page 21: ... type sysfs rw none on proc type proc rw udev on dev type tmpfs rw dev hdal on type ext2 ro dev hdal on dev static dev type ext2 ro tmpfs on dev shm type tmpfs rw nosuid nodev devpts on dev pts type devpts rw nosuid noexec none on temp type tmpfs rw dev mtdblock0 on home type jffs2 rw Moxa mount 0 remount rw dev hda1 Moxa mount rootfs on type rootfs rw none on sys type sysfs rw none on proc type p...

Page 22: ...A hard drive simply reverse the above procedures Inserting a USB Storage Device into the Computer Since mounting USB storage devices manually can be difficult a program named usbmount to mount the USB drivers automatically usbmount is a small application that relies on udev to mount USB storage devices automatically at certain mount points The USB storage devices will be mounted on media usb0 medi...

Page 23: ... support the CompactFlash hot swap function You must remove the power source first before inserting or removing the CompactFlash card If you do not shut down the power source you could damage your CompactFlash card Moxa mount o remount rw dev hda1 Moxa vi etc fstab etc fstab static file system information file system mount point type options dump pass Proc proc proc defaults 0 0 dev hda1 ext2 ro d...

Page 24: ...ian security etch updates main contrib deb src http archive debian org debian security etch updates main contrib 3 Update the source list after you configure it MOXA apt get update MOXA 4 Once you indicate which package you want to install openswan for example type MOXA apt get install openswan MOXA 5 Use one of the following commands to remove a package a For a simple package removal MOXA apt get...

Page 25: ...ystem will reboot You can set the ack time from a minimum of 1 sec to a maximum of 60 seconds 2 How the WDT works The watchdog is enabled when the system boots up The kernel will auto ack it The user application can also enable ack When users do not ack it will let the system reboot 3 The user IO control commands The user application can program the watchdog via below IO control commands Enable th...

Page 26: ... must ack the sWatchDog before timeout If you do not ack the system will be reboot automatically The minimal time is 50 msec the maximum time is 60 seconds The time unit is msec Output OK will be zero The other has some error to get the error code from errno int swtd_disable int fd Description Disable the application to ack sWatchDog And the kernel will be auto ack it User does not to do it at per...

Page 27: ...from swtd_open return value Output OK will be zero The other has some error to get error code from errno Special Note When you kill the application with 9 or kill without option or Ctrl c the kernel will change to auto ack the sWatchDog When your application enables the sWatchDog and does not ack your application may have a logical error or your application has made a core dump The kernel will not...

Page 28: ...int swtd_disable int fd return ioctl fd IOCTL_SWATCHDOG_DISABLE NULL int swtd_get int fd int mode unsigned long time struct int mode unsigned long time nowset int ret ret ioctl fd IOCTL_SWATCHDOG_GET nowset mode nowset mode time nowset time return ret int swtd_ack int fd return ioctl fd IOCTL_SWATCHDOG_ACK NULL int swtd_close int fd return close fd The makefile is shown below all gcc xxxx c libswt...

Page 29: ...og swtdfd swtd_open if swtdfd 0 printf Open sWatchDog device fail n exit 1 if sonpid fork 0 do_swatchdog do user application main function end user application kill sonpid SIGUSR1 swtd_close swtdfd exit 1 The convenient watchdog API libswtd c include stdio h include stdlib h include fcntl h following for sWatchDog implement define IOCTL_SWATCHDOG_ENABLE 1 define IOCTL_SWATCHDOG_DISABLE 2 define IO...

Page 30: ...e unsigned long time struct int mode unsigned long time nowset int ret ret ioctl fd IOCTL_SWATCHDOG_GET nowset mode nowset mode time nowset time return ret int swtd_ack int fd return ioctl fd IOCTL_SWATCHDOG_ACK NULL int swtd_close int fd return close fd The makefile is shown below all gcc xxxx c libswtd c o xxxx ...

Page 31: ...sabling the FTP Server DNS Client etc hostname etc resolv conf etc nsswitch conf Apache Web Server Default Homepage Saving Web Pages to a USB Storage Device IPTABLES IPTABLES Hierarchy IPTABLES Modules Observe and Erase Chain Rules Define Policy for Chain Rules Append or Delete Rules NAT Network Address Translation NAT Example Enabling NAT at Bootup PPP Point to Point Protocol Connecting to a PPP ...

Page 32: ...the ifconfig command Changing the interfaces Configuration File 1 Type cd etc network to change directory MOXA cd etc network 2 Type vi interfaces to edit the network configuration file with vi editor You can configure the DA 681 LX s Ethernet ports for static or dynamic DHCP IP addresses MOXA etc network vi interfaces Static IP Address As shown in the example shown below the default static IP add...

Page 33: ...etwork interfaces For example type the command ifconfig eth1 192 168 1 1 to change the IP address of LAN1 to 192 168 1 1 MOXA ifconfig eth1 192 168 1 1 MOXA Telnet Server In addition to supporting Telnet client server the DA 681 LX also supports SSH and sftp client server To enable or disable the Telnet server you need to edit the file etc inetd conf 1 Mount the root file system with write permiss...

Page 34: ...P Server service Enabling the FTP Server Use the following command to enable the FTP server Moxa etc init d proftpd start Starting ftp server proftpd Use the following command to confirm if the FTP has been started Moxa ps aux grep proftp If profptd string has appeared the FTP server has been started Disabling the FTP Server Use the following command to disable the FTP server Moxa etc init d proft...

Page 35: ...e Ask your network administrator which DNS server address you should use The DNS server s IP address is specified with the nameserver command For example add the following line to etc resolv conf assuming the DNS server s IP address is 168 95 1 1 nameserver 168 95 1 1 MOXA etc cat resolv conf resolv conf This file is the resolver configuration file See resolver 5 nameserver 192 168 1 16 nameserver...

Page 36: ...ng directory var www apache2 default cgi bin Add a main page file under cgi bin directory For example you may add a file called index cgi at var www apache2 default cgi bin bin sh var www apache2 default cgi bin index cgi disable filename globbing set f echo Content type text plain charset iso 8859 1 echo echo CGI 1 0 test script report echo echo argc is argv is echo echo SERVER_SOFTWARE SERVER_SO...

Page 37: ...ages to the USB mass storage device and then configure the Apache web server s DocumentRoot to open these pages The files used in this example can be downloaded from Moxa s website 1 Prepare the web pages and then save the pages to the USB storage device Click on the following link to download the web page test suite http www w3 org MarkUp Test HTML401 zip 2 Uncompress the zip file to your desktop...

Page 38: ...ser s address box 8 After finishing modification or writing remember to execute umount to change the root directory back to Read only mode MOXA umount 9 Re start the apache server MOXA etc init d apache2 restart ATTENTION Visit the Apache website at http httpd apache org docs for more information about setting up Apache servers IPTABLES IPTABLES is an administrative tool for setting up maintaining...

Page 39: ...bles Source NAT SNAT changes the first source packet IP address Destination NAT DNAT changes the first destination packet IP address MASQUERADE a special form for SNAT If one host can connect to the Internet then the other computers that connect to this host can connect to the Internet when the computer does not have an actual IP address REDIRECT a special form of DNAT that re sends packets to a l...

Page 40: ...OUTING Chain NAT Table PREROUTING Chain NAT Table POSTROUTING Chain Outgoing Packets Other Host Packets Mangle Table FORWARD Chain Filter Table FORWARD Chain Mangle Table POSTROUTING Chain Local Host Packets Mangle Table INPUT Chain Filter Table INPUT Chain Local Process Mangle Table OUTPUT Chain NAT Table OUTPUT Chain Filter Table OUTPUT Chain ...

Page 41: ..._tables modprobe iptable_filter Use lsmod to check if the ip_tables module has already been loaded in the DA 681 LX Use modprobe to insert and enable the module Use the following command to load the modules iptable_filter iptable_mangle iptable_nat modprobe iptable_filter Use iptables iptables restore iptables save to maintain the database ATTENTION IPTABLES plays the role of packet filtering or N...

Page 42: ...ckets routed out through the DA 681 I LX PREROUTING To alter packets as soon as they come in POSTROUTING To alter packets as they are about to be sent out Examples iptables P INPUT DROP iptables P OUTPUT ACCEPT iptables P FORWARD ACCEPT iptables t nat P PREROUTING ACCEPT iptables t nat P OUTPUT ACCEPT iptables t nat P POSTROUTING ACCEPT In this example the policy accepts outgoing packets and denie...

Page 43: ...37 138 139 iptables A INPUT i eth0 p tcp s 192 168 0 24 dport 137 139 j ACCEPT Example 7 Log TCP packets that visit DA 681 I LX s port 25 iptables A INPUT i eth0 p tcp dport 25 j LOG Example 8 Drop all packets from MAC address 01 02 03 04 05 06 iptables A INPUT i eth0 p all m mac mac source 01 02 03 04 05 06 j DROP ATTENTION In Example 8 remember to issue the command modprobe ipt_mac first to load...

Page 44: ...ome nat sh Edit the rc local file to make this shell startup automatically vi etc rc local Add a line in the end of rc local home nat sh EXIF eth0 This is an external interface for setting up a valid IP address EXNET 192 168 4 0 24 This is an internal network address Step 1 Insert modules Here 2 dev null means the standard error messages will be dump to null device modprobe ip_tables 2 dev null mo...

Page 45: ...ting to a PPP Server over a Simple Dial up Connection The following command is used to connect to a PPP server by modem Use this command for old ppp servers that prompt for a login name replace username with the correct name and password replace password with the correct password Note that debug crtscts and defaultroute 192 1 1 17 are optional pppd connect chat v ATDT5551212 CONNECT ogin username ...

Page 46: ...uired use the following command note that noipdefault is optional pppd connect chat v noipdefault dev ttyM0 19200 crtscts If a username and password is required use the following command note that noipdefault is optional and root is both the username and password pppd connect chat v user root password root noipdefault dev ttyM0 19200 crtscts Checking the Connection Once you have set up a PPP conne...

Page 47: ...faultroute option At this point you can try using Telnet ftp or finger bearing in mind that you will have to use numeric IP addresses unless you have configured etc resolv conf correctly Setting up a Machine for Incoming PPP Connections Method 1 pppd dial in with pppd commands This first example applies to using a modem and requiring authorization with a username and password pppd dev ttyM0 115200...

Page 48: ...dial in service in etc inittab MOXA mount o remount rw dev hda1 MOXA echo p0 2345 respawn pppd call dialin etc inittab MOXA umount PPPoE The following procedure is for setting up PPPoE 1 Connect the DA 681 LX s LAN port to an ADSL modem with a cross over cable HUB or switch 2 Log in to the DA 681 LX as the root user 3 Edit the file etc ppp chap secrets and add the following username hinet net pass...

Page 49: ...ne plugin rp pppoe received Note it is not advisable to use this option with the persist option without the demand option If the active filter option is given data packets which are rejected by the specified activity filter also count as the link being idle idle n Specifies how many seconds to wait before re initiating the link after it terminates This option only has any effect if the persist or ...

Page 50: ...nameserver 140 115 1 31 nameserver 140 115 236 10 MOXA etc 8 Use the following command to create a pppoe connection pppd eth0 The ADSL modem is connected to the LAN1 port which is named eth0 If the ADSL modem is connected to LAN2 use eth1 etc 9 Type ifconfig ppp0 to check if the connection is OK If the connection is OK you should see the IP address of ppp0 Use ping to test the IP address ppp0 Link...

Page 51: ...on the host site SNMP QUERY STARTED root jaredRH90 root snmpwalk v 1 c public 192 168 30 128 more SNMPv2 MIB sysDescr 0 STRING Linux Moxa 2 6 18 5 686 1 SMP Mon Dec 24 16 41 07 UTC 2007 i686 SNMPv2 MIB sysObjectID 0 OID SNMPv2 SMI enterprises 8691 12 680 SNMPv2 MIB sysUpTime 0 Timeticks 134544 0 22 25 44 SNMPv2 MIB sysContact 0 STRING Moxa Inc SNMPv2 MIB sysName 0 STRING Moxa SNMPv2 MIB sysLocatio...

Page 52: ...et Tunnels An Ethernet bridge is used to connect different Ethernet networks together The Ethernets are bundled into one bigger logical Ethernet Each Ethernet corresponds to one physical interface or port that is connected to the bridge On each OpenVPN machine you should carry out configurations in the etc openvpn directory where script files and key files reside Once established all operations wi...

Page 53: ...y cipher DES EDE3 CBC auth MD5 tun mtu 1500 tun mtu extra 64 ping 40 up etc openvpn tap0 br sh comp lzo 5 Next modify the routing table in the etc openvpn tap0 br sh script file Start bin sh value after net is the subnet behind the remote peer route add net 192 168 4 0 netmask 255 255 255 0 dev br0 end And then configure the bridge interface in etc openvpn bridge bin bash Create global variables D...

Page 54: ... Bridge Interface br br0 Define list of TAP interfaces to be bridged for example tap tap0 tap1 tap2 tap tap0 Define physical ethernet interface to be bridged with TAP interface s above eth eth1 eth_ip 192 168 8 174 eth_netmask 255 255 255 0 eth_broadcast 192 168 8 255 gw 192 168 8 173 Start the bridge script file to configure the bridge interface etc openvpn bridge restart ATTENTION Select cipher ...

Page 55: ...un sits on top of tap0 This ensures that all traffic coming to this bridge from internal networks connected to interface eth1 write to the TAP TUN device that the OpenVPN program monitors Once the OpenVPN program detects traffic on the virtual device it sends the traffic to its peer 10 To create an indirect connection to Host B from Host A you need to add the following routing item route add net 1...

Page 56: ...evious example The only difference is that you will need to comment out the parameter up in etc openvpn tap0 br conf of OpenVPN A and etc openvpn tap0 br conf of OpenVPN B point to the peer remote 192 168 8 174 dev tap0 secret etc openvpn secrouter key cipher DES EDE3 CBC auth MD5 tun mtu 1500 tun mtu extra 64 ping 40 up etc openvpn tap0 br sh comp lzo Routed IP 1 Set up four machines as shown in ...

Page 57: ...Start bin sh value after net is the subnet behind the remote peer route add net 192 168 2 0 netmask 255 255 255 0 gw 5 end 4 On machine OpenVPN B modify the remote address in configuration file etc openvpn tun conf point to the peer remote 192 168 8 173 dev tun secret etc openvpn secrouter key cipher DES EDE3 CBC auth MD5 tun mtu 1500 tun mtu extra 64 ping 40 ifconfig 192 168 4 174 192 168 2 173 u...

Page 58: ...rogram passes to the script file Its value is the second argument of ifconfig in the configuration file 5 Check the routing table after you run the OpenVPN programs by typing the command route Destination Gateway Genmsk Flags Metric Ref Use Iface 192 168 4 174 255 255 255 255 UH 0 0 0 tun0 192 168 4 0 192 168 4 174 255 255 255 0 UG 0 0 0 tun0 192 168 2 0 255 255 255 0 U 0 0 0 eth1 192 168 8 0 255 ...

Page 59: ...mpactFlash card shipped with the DA 681 LX computer Although it happens rarely you may find on occasion that operating system files and or the disk file system are damaged This chapter describes how to recover the Linux operating system The following topics are covered in this chapter Recovery Environment Recovery Procedure ...

Page 60: ...NTION The HP USB Disk Storage Format Tool can be downloaded from many web sites Do a search on HP USB Disk Storage Format Tool from any search engine to locate the tool 2 Create a Linux Bootable USB Disk a You can find the firmware directory in the Recovery CD shipped with the DA 681 LX computer b Configure Windows Explorer to show hidden files including protected operating system files c Copy all...

Page 61: ...hen press Enter d From the setup menu use or to select the USB device e Press to move the selection up to the first priority and press Esc to exit the setup menu f Make sure the first boot device is Hard Disk If not press Enter to change it g Select Exit Save Exit Setup and then press Enter h Choose Y to save to the CMOS and then exit ...

Page 62: ...of your hard disk and to restore your hard disk from such an image Please be aware that if you choose to restore your hard disk All the data contained on this computer might be lost during the restoration You man choose to abort now by stopping the computer now OK b Choose OK to go to the next step c Choose shut down the DA 680 LX when the restoration is finished PING Partition Image Is Not Ghost ...

Page 63: ...backup Note that you cannot restore a partition to itself So every partition but one the destination can be checked Use SPACE to SELECT an entry Choose THIS if you want a restoration hda1 Linux lost found home etc media cdrom usr hda2 Linux sda1 OK Cancel f Choose the restoration source device sda1 Choose the partition where to store the back where to the backup is stored hda1 Linux lost found hom...

Page 64: ...tions Choose Backup_Local_Hard_Driver if prefer a zip archive DA680_V1 0_Build_08031316 Create_New_Image Backup_Local_Hard_Driver OK Cancel i Choose Yes to start the restoration After the restoration is finished the system will halt and you will need to reboot to restart the restored system BIOS setting has been recorded on your image Do you want them to be restored Yes No OK Cancel When operation...

Page 65: ... press Enter c From the setup menu use or to select the DOM or CompactFlash device d Press to move the selection up to the first priority and press Esc to exit the setup menu e Select Exit Save Exit Setup and then press Enter f Choose Y to save to the CMOS and then exit g Wait a few minutes for the system to boot When the recovery process is finished you will again be able to see the Linux desktop...

Reviews:

No comments

Related manuals for DA-681 Series

Brand: IBM Pages: 2

Brand: IBM Pages: 121

Dynapro ET 3200 Series

Brand: 3M Pages: 23

Brand: Acer Pages: 43

Brand: Everex Pages: 47

SST-GD02B Grandia Sereis GD02

Brand: SilverStone Pages: 14

Brand: Hatteland Pages: 52

Open Frame 2 Post Rack

Brand: NavePoint Pages: 2

Brand: Shuttle Pages: 35

Brand: Pelsue Pages: 24

Brand: X3i Pages: 19

Brand: Faytech Pages: 2

Brand: IBASE Technology Pages: 85

Brand: Xerox Pages: 194

Brand: IBM Pages: 110

GATEKEEPER PICO

Brand: YOGGIE Pages: 71

Brand: Tangent Pages: 32

Brand: HANNspree Pages: 57

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands