Landoflinux
There are many files on a Linux system that allow you to configure your network settings. Below are some of the main files that you will come across when working on a Linux system.
/etc/resolv.conf
This file is used for configuring the DNS (Domain Name System) resolver library. The resolv.conf configuration file contains information parameters used by the DNS resolver. The DNS resolver allows for the operating system to translate domain names into IP addresses. The process is known as resolving. The path for this file is «/etc/resolv.conf«.
Normally a resolv.conf file will contain a search order of domains which is used for fully qualified domain name completion when no domain suffix is used in a query. You will also find a list of name servers that will be used for DNS lookup. Normally there will be at least two nameservers supplied, one for primary and a secondary for redundancy.
Example of a resolv.conf configuration file:
#/etc/resolv.conf search mydomain.com mydomain.net nameserver 8.8.8.8 nameserver 8.8.4.4
The search list is normally determined from the local domain name. By default it only contains the local domain name. To change this you can pass the desired name search path after the search keyword. Currently a maximum of six domains may be listed.
A nameserver is specified by its IP address. If there is more than one entry for the parameter nameserver, then the resolver library will query these in the order they are found. Currently a maximum of three servers may be specified.
/etc/hosts
The hosts file is a static lookup table for the mapping of hostnames to ip addresses. It is possible to configure your system to first look at the entries in the hosts file before consulting DNS. This preference is configured by a file located at «/etc/nsswitch.conf«. Normally DNS is consulted first on most systems.
The format of the hosts file is:
IP-Address Full-Qualified-Hostname Short-Hostname
The fields within this file are separated by tabs or blanks. The hostname field may only contain alpha numeric characters, minus signs «-» and periods «.». The short-hostname or alias name is used for a shortened name or nickname.
Example of a hosts file:
127.0.0.1 localhost 192.168.1.10 foo.mydomain.org foo 192.168.1.13 bar.mydomain.org bar 146.82.138.7 master.debian.org master 209.237.226.90 www.opensource.org
/etc/nsswitch.conf
The «/etc/nsswitch.conf» file contains your settings as to how various system lookups are carried out. Here you can configure your system to use the «/etc/hosts«, «/etc/passwd» files locally or use a «NIS» server or «DNS» server. One of the main functions of the «nsswitch.conf is to control how your network is resolved. In the examples below taken from an Ubuntu system and a CentOS system, we can see that «files» is specified first in the search order. This means that the hosts file is looked at first before going to a nameserver. In most cases the «nsswitch.conf» file supersedes the «/etc/host.conf» file. (see below).
Ubuntu/Mint System
# /etc/nsswitch.conf # # Example configuration of GNU Name Service Switch functionality. # If you have the `glibc-doc-reference' and `info' packages installed, try: # `info libc "Name Service Switch"' for information about this file. passwd: files systemd group: files systemd shadow: files gshadow: files hosts: files mdns4_minimal [NOTFOUND=return] dns myhostname mymachines networks: files protocols: db files services: db files ethers: db files rpc: db files netgroup: nis
Note the below message:
# If you want to make changes to nsswitch.conf please modify # /etc/authselect/user-nsswitch.conf and run 'authselect apply-changes'.
On RHEL 8 and CentOS 8, you need to amend the file «/etc/authselect/user-nsswitch.conf«.
# cat /etc/authselect/user-nsswitch.conf # # /etc/nsswitch.conf # # Name Service Switch config file. This file should be # sorted with the most-used services at the beginning. # # Valid databases are: aliases, ethers, group, gshadow, hosts, # initgroups, netgroup, networks, passwd, protocols, publickey, # rpc, services, and shadow. # # Valid service provider entries include (in alphabetical order): # # compat Use /etc files plus *_compat pseudo-db # db Use the pre-processed /var/db files # dns Use DNS (Domain Name Service) # files Use the local files in /etc # hesiod Use Hesiod (DNS) for user lookups # nis Use NIS (NIS version 2), also called YP # nisplus Use NIS+ (NIS version 3) # # See `info libc 'NSS Basics'` for more information. # # Commonly used alternative service providers (may need installation): # # ldap Use LDAP directory server # myhostname Use systemd host names # mymachines Use systemd machine names # mdns*, mdns*_minimal Use Avahi mDNS/DNS-SD # resolve Use systemd resolved resolver # sss Use System Security Services Daemon (sssd) # systemd Use systemd for dynamic user option # winbind Use Samba winbind support # wins Use Samba wins support # wrapper Use wrapper module for testing # # Notes: # # 'sssd' performs its own 'files'-based caching, so it should generally # come before 'files'. # # WARNING: Running nscd with a secondary caching service like sssd may # lead to unexpected behaviour, especially with how long # entries are cached. # # Installation instructions: # # To use 'db', install the appropriate package(s) (provide 'makedb' and # libnss_db.so.*), and place the 'db' in front of 'files' for entries # you want to be looked up first in the databases, like this: # # passwd: db files # shadow: db files # group: db files # In order of likelihood of use to accelerate lookup. passwd: sss files systemd shadow: files sss group: sss files systemd hosts: files dns myhostname services: files sss netgroup: sss automount: files sss aliases: files ethers: files gshadow: files # Allow initgroups to default to the setting for group. # initgroups: files networks: files dns protocols: files publickey: files rpc: files
/etc/networks
This file is used to describe networks. Each valid entry should end with a «0».
# cat /etc/networks default 0.0.0.0 loopback 127.0.0.0 link-local 169.254.0.0
/etc/hostname
Hostname is a program that is used to set or display the current hostname. The hostname file is generally read once at system boot time. If the hostname routine is executed with no arguments, then the current hostname is displayed. You may pass any of the options below to the «hostname» :
The hostname command is generally not used to configure a hostname. This has been replaced by the «hostnamectl» command.
$ cat /etc/hostname mint01a
Below are some of the available options that can be passed to the hostname command:
OPTIONS -a, --alias Display the alias name of the host (if used). -d, --domain Display the name of the DNS domain. Don't use the command domainname to get the DNS domain name because it will show the NIS domain name and not the DNS domain name. Use dnsdomainname instead. -F, --file filename Read the host name from the specified file. Comments (lines starting with a `#') are ignored. -f, --fqdn, --long Display the FQDN (Fully Qualified Domain Name). A FQDN consists of a short host name and the DNS domain name. Unless you are using bind or NIS for host lookups you can change the FQDN and the DNS domain name (which is part of the FQDN) in the /etc/hosts file. -h, --help Print a usage message and exit. -i, --ip-address Display the IP address(es) of the host. -n, --node Display the DECnet node name. If a parameter is given (or --file name ) the root can also set a new node name. -s, --short Display the short host name. This is the host name cut at the first dot. -V, --version Print version information on standard output and exit success- fully. -v, --verbose Be verbose and tell what's going on.
/etc/sysconfig/network-scripts
The above location is generally used by interface and routing configuration files on Red Hat Enterprise Linux servers
Interface files are generally have the following naming convention: «ifcfg-name«
The «name» part is the actual interface name that you can see when you issue the command «ip a s«. The name of your interface is generally created based on the type of hardware/networking cards that you have on your system.
# pwd /etc/sysconfig/network-scripts # ls -l ifcfg-* -rw-r--r--. 1 root root 282 Apr 7 20:48 ifcfg-enp1s0
Any routing files in this location would have the following naming convention. «route-name«. Whereby the «name» matches the interface name. For example, if I were to add a route to my interface «enp1s0«, the routing file would, be called: «route-enp1s0«.
/etc/netplan
The above location is used by the latest ubuntu and Mint based Linux systems for storing network interface configurations.
Below is an example of an Ubuntu 20.04 LTS server using a DHCP configuration
# pwd /etc/netplan # ls -l total 4 -rw-r--r-- 1 root root 117 Apr 6 18:42 00-installer-config.yaml # cat 00-installer-config.yaml # This is the network config written by 'subiquity' network: ethernets: enp1s0: dhcp4: true version: 2
From the above configuration, we can see that interface «enp1s0» is using DHCP to obtain an IP address.
/etc/hosts.allow — /etc/hosts.deny
The above file contains a list of hosts that are allowed to access your system. When this file is used, it is generally used in conjunction with a file called «/etc/hosts.deny«.
The access list is generally known as a «TCP Wrapper Access Control List«.
Work precedence:
/etc/hosts.allow
If allow will not check deny file.
If not found then go to deny file
/etc/hosts.deny
if not found allow access.
You can have only one rule per service in hosts.allow and hosts.deny file. Any changes to hosts.allow and hosts.deny file takes immediate effect. The last line in the files hosts.allow and hosts.deny must be a new line character, or the rule will fail.
Rule Syntax
The syntax for both hosts.allow and hosts.deny file takes the following form:
daemon : client [:option1:option2:]
Allow SSH for xyz.com and deny access to all the others.
And in the hosts.deny file I include the rule:
Deny FTP access to all in abc.com domain and hosts in the 192.168.1.0 network.
/etc/hosts.deny
You can use wildcards in the client section of the rule to broadly classify a set of hosts. These are the valid wildcards that can be used.
ALL Matches everything.
LOCAL Matches any host that does not contain a dot (.) like localhost.
KNOWN Matches any host where the hostname and host addresses are known or where the user is known.
UNKNOWN Matches any host where the hostname or host address are unknown or where the user is unknown.
PARANOID Matches any host where the hostname does not match the host address.
ALL : 123.12.
Matches all the hosts in the 123.12.0.0 network. Note the dot (.) in the end of the rule.
ALL : 192.168.0.1/255.255.255.0
IP address/Netmask can be used in the rule.
sshd : /etc/sshd.deny
If the client list begins with a slash (/), it is treated as a filename. In the above rule, TCP wrappers looks up the file sshd.deny for all SSH connections.
sshd : ALL EXCEPT 192.168.0.15
will allow ssh connection for only the machine with the IP address 192.168.0.15 and block all other connections.
You can use the options allow or deny to allow or restrict on a per client basis in either of the files hosts.allow and hosts.deny.
in.telnetd : 192.168.5.5 : deny
in.telnetd : 192.168.5.6 : allow