On Mon, March 5, 2007 5:45 pm, mrs borhtej said: > I sent this to openbsd misc but someone suggested this list.... I realize > I may get flamed or ignored here, but I need help.
We occasionally ignore people, but we make an effort not to flame them. That's the difference between us and [EMAIL PROTECTED] ;) > I hope someone will have the compassion to point me in the right > direction. My husband passed away, and left this great LAN setup using > OpenBSD. I LOVE using OpenBSD, but I thought we would have more time > together for him to teach me, like he wanted to. Unfortunately, I didn't > have him show me what's what while he was still able, and I have only > used this OS as a desktop user. I CANNOT go back to Windows. He unplugged > his mail and webservers before he passed away, and I need to know how in > the world do I figure out what's what with this LAN? Even if I sign in as > him I do not know what to look at to figure this stuff out. I am > determined to teach myself this stuff, just like he did. I will be > moving soon and I don't even know what files to configure with the new > IPs once I get moved. I have a basic understanding of UNIX and VI. I > know I can figure this stuff out but I just have to know where to start. > Can anyone give me a clue? I have watched him do this stuff for years, > and I know I can learn it, but I just do not know where to start. Please > be nice... :( Let this be a lesson to all of us: _Document your networks!_ Ok, so let's start at the top. You want to know how your LAN is set up. That breaks down to knowing three things: 1) What services are set up. 2) What machines the services are running on. 3) How those services are configured. I'm going to assume you have root-level access to all the machines. If not, tell us and we can tell you how to get it. (With access to the machines, you _can_ get it.) We know that mail and web were set up, but are on machines not running. Since he was running OpenBSD, I'll assume he's running a firewall/packet filter. Two other common services are also going to be helpful, assuming he set them up: DNS and DHCP. These are all places where _every_ machine is going to need to connect to do something or other. I would start by going to the firewall and running 'pfctl -s all', and piping that to a file. You are going to want to refer to that file: It lists _every_ machine on your lan that is visible from the external internet, by service, probably in two/three sections: The 'nat' section (assuming you are doing nat), the 'rules' section, and if there are any active connections at the time you run it in the 'state' section. Cross-compare this to the /etc/pf.conf file from that same machine: It will have the same nat and rules, but using different wording. Between the two of these you will be able to work out how the network looks to the outside, and which machines _those_ services are running on. Check to see if your husband used names or IP addresses to refer to things on the local network, and see what is on what machines. Something to look for in this is to see if any proxyies are set up: they would be redirects of external connections to the firewall itself, most likely. Something else to run on every machine at some point is the command 'ps -aux'. This will list every process running on that machine, as well as what user it is running as. (I'd recommend reading the documentation pages on most of them. Most home servers don't have too long of a list, and this is a good place to see what _is_ running.) Ok, my next stop would be the DNS machine, assuming you have one. It's not needed, but it makes setup and reconfig a bit easier. Find the machine that has 'named' running on it, and look in /var/named/etc/ for the config files. Read through them, and see if your husband left any clues to what ran on what in what he named things. If he was nice, he probably has service aliases set up: mail.*, www.*, etc. That will help immensely, as they are direct pieces of info that you need. Hopefully, at this point, you have a an idea of the general _outside_ setup of this network, and a scetchy view of how the _inside_ network is set up to support that. NAT would _very_ good: then you only need to change the external IP address of the firewall, and (possibly) the lines that refer to it in the pf.conf. You also have a list of what is running where, and with that and some (ok, _lots_) of reading, you can figure out where config files are and how things are configured. Ok, that's a start at least. Let's see if anyone else can tell me where I'm being stupid. ;) Daniel T. Staal --------------------------------------------------------------- This email copyright the author. Unless otherwise noted, you are expressly allowed to retransmit, quote, or otherwise use the contents for non-commercial purposes. This copyright will expire 5 years after the author's death, or in 30 years, whichever is longer, unless such a period is in excess of local copyright law. --------------------------------------------------------------- _______________________________________________ Openbsd-newbies mailing list [email protected] http://mailman.theapt.org/listinfo/openbsd-newbies
