This section should
help you make changes to you TEA5 box. Some things you use to do on the
old QoS boxes is the same, some has changed and there are some new
things.
Arp - There three different ways in which you may use ARP and each has it's
own configuration file.
/etc/sysconfig/arplist : This file takes a list of external IP
address ( 142.227.x.x ) with a carriage return after each. It is used
when you have machines inside your TEA5 box that have real world IP
address and you want the box to be available to the outside world.
/etc/sysconfig/static-arps : This takes a list of IP addresses
and their corresponding MAC address. The IP and MAC address should be
separated by a space. Use this file when adding arp's for Novell
Servers as they only respond properly when the MAC address is included.
/etc/sysconfig/outside-arps : This file takes a list of external
IP address ( 142.227.x.x ) with a
carriage return after each. It is used when you have machines outside
your TEA5 box with an external IP address that you want machines on the
inside to be able to access. By default, boxes inside your TEA5 box will
look inside for machines with on your external subnet.
The
correct way to make changes to the arp service is to top the service
with the command service arp stop
, make your changes to the appropriate arp file then start the arp
service with the command service arp
start. If you simply edit the files and type service arp restart, you will get
various errors and your arp configuration may or may not change the way
you want it to.
IPTables and Blockall - When you
created you TEA5 box, you had the option to choose blockall rules.
Choosing this option severely tightens security on your TEA5 box by
blocking all but the most common ports. If you chose this option, your
TEA5 box will run the service blockall on start up , otherwise, it will
run the service rules on start up. You must have one and only one of
these services starting when your machine boots. If you want to use the
blockall rules during the school year and the regular rules during the
summer, you can stop one set permanently and start the other by doing
the following.
Stop the current rule set : service blockall stop
disable the current rule set : chkconfig blockall off
enable the new rule set : chkconfig rules on
start the new rule set : service rules start
Blockweb & Unblockweb - If
you chose the squidguard option when you built the TEA5 box, you can
add and remove websites from the list of blocked sites. If you want to
add a site, you can use the following command blockweb badsite.com you should
also block the ip address of the site blockweb.1.2.3.4 . You don't new
to include the www or any other prefix. To unblock a site type unblockweb goodsite.com. If the
site still does not work, try unblocking the IP as well.