Configure MXL interfaces in bulk (in ranges)

Note the spaces when using the “range” command:
FTOS(conf)#interface range Tengigabitethernet 0/1 – 32
FTOS(conf-if-range-te-0/1-32)#
FTOS(conf-if-range-te-0/1-32)#

For VLAN configuration there are no spaces …. :
FTOS(conf)#interface vlan 900
FTOS(conf-if-vl-900)#untagged Tengigabitethernet 0/52-56
FTOS(conf-if-vl-900)#end

 

List permissions for all directories in a path

root@wintermute:~# namei -m /root/XenBackup/Xen_PXE_Install/webroot/
f: /root/XenBackup/Xen_PXE_Install/webroot/
drwxr-xr-x /
drwx—— root
drwxrwxrwx XenBackup
drwxrwxrwx Xen_PXE_Install
drwxrwxrwx webroot

Very useful to troubleshoot Apache2 403 permission errors when the document root has been changed from the default

Use Ubuntu as a router with NAT

Setup two interfaces – one on each network
ETH0 is the outside / internet side
ETH1 is the inside / private network side (which needs internet access)

Static rule example:
root@ubuntu01:~# cat /etc/network/interfaces
# The loopback network interface
auto lo
iface lo inet loopback

# The External network interface
auto eth0
#iface eth0 inet dhcp
iface eth0 inet static
address 10.6.26.67
netmask 255.255.255.0
gateway 10.6.26.254
dns-nameservers 10.6.26.61

# The Internal network interface
auto eth1
#iface eth1 inet dhcp
iface eth1 inet static
address 192.168.0.254
netmask 255.255.255.0

Enable the inside IF
ifup eth1
ifconfig

Enable forwarding in current session:
echo “1” > /proc/sys/net/ipv4/ip_forward

Uncomment the section on forwarding to get permanent use of the NAT (even after rebooting):
vi /etc/sysctl.conf

Uncomment and save:
net.ipv4.ip_forward=1

Restart networking (don’t do this over SSH – the connection will be cut):
/etc/init.d/procps restart
/etc/init.d/networking restart

Setup the actual forwarding rules in iptables:
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables -A FORWARD -i eth0 -o eth1 -m state –state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT

Save the rules so they’re not lost at reboot:
iptables-save > /etc/iptables.rules