Configuring your TEA5 box.


This section should help you make changes to you TEA5 box. Some things you use to do on the old QoS boxes is the same, some has changed and there are some new things.

Arp - There three different ways in which you may use ARP and each has it's own configuration file.
  1. /etc/sysconfig/arplist : This file takes a list of external IP address ( 142.227.x.x ) with a carriage return after each. It is used when you have machines inside your TEA5 box that have real world IP address and you want the box to be available to the outside world.
  2. /etc/sysconfig/static-arps : This takes a list of IP addresses and their corresponding MAC address. The IP and MAC address should be separated by a space. Use this file when adding arp's for Novell Servers as they only respond properly when the MAC address is included.
  3. /etc/sysconfig/outside-arps : This file takes a list of external IP address ( 142.227.x.x ) with a carriage return after each. It is used when you have machines outside your TEA5 box with an external IP address that you want machines on the inside to be able to access. By default, boxes inside your TEA5 box will look inside for machines with on your external subnet.
The correct way to make changes to the arp service is to top the service with the command service arp stop , make your changes to the appropriate arp file then start the arp service with the command service arp start. If you simply edit the files and type service arp restart, you will get various errors and your arp configuration may or may not change the way you want it to.

IPTables and Blockall - When you created you TEA5 box, you had the option to choose blockall rules. Choosing this option severely tightens security on your TEA5 box by blocking all but the most common ports. If you chose this option, your TEA5 box will run the service blockall on start up , otherwise, it will run the service rules on start up. You must have one and only one of these services starting when your machine boots. If you want to use the blockall rules during the school year and the regular rules during the summer, you can stop one set permanently and start the other by doing the following.
  1. Stop the current rule set : service blockall stop
  2. disable the current rule set : chkconfig blockall off
  3. enable the new rule set : chkconfig rules on
  4. start the new rule set : service rules start
Blockweb & Unblockweb - If you chose the squidguard option when you built the TEA5 box, you can add and remove websites from the list of blocked sites. If you want to add a site, you can use the following command blockweb badsite.com you should also block the ip address of the site blockweb.1.2.3.4 . You don't new to include the www or any other prefix. To unblock a site type unblockweb goodsite.com. If the site still does not work, try unblocking the IP as well.



Powered by Linux
Linux Logo