I've done this enough times that I thought I'd write it up. I'm surprised
it's not in the FAQ (or at least I couldn't find it). If there's a better
way to turn this into a FAQ item, please let me know.
George
Eight easy steps to change the default IP address of a Bering firewall:
(using 172.17.17.254 as an example)
A. Modify /etc/interfaces as follows:
1 ) Network configuration
1) interfaces
#=====================================================================
# Step 2: configure internal interface
# Default: eth1 / fixed IP = 192.168.1.254
auto eth1
iface eth1 inet static
address 172.17.17.254
masklen 24
broadcast 172.17.17.255
#=====================================================================
B. Modify /etc/hosts as follows:
1 ) Network configuration
2) hosts IP addresses
#=====================================================================
127.0.0.1 localhost
172.17.17.254 firewall
#=====================================================================
C. Modify /etc/resolv.conf:
1 ) Network configuration
4) resolv.conf
#=====================================================================
nameserver 127.0.0.1
nameserver 172.17.17.254
#=====================================================================
D. Modify /etc/hosts.allow
1 ) Network configuration
6) hosts.allow
#=====================================================================
# Allow anything from the local net
ALL: 172.17.17.0/255.255.255.0
#=====================================================================
E. Modify dnscache package internal IP address
3 ) Packages configuration
7) dnscache
1) LRP box internal IP (default: 192.168.1.254)
[/etc/dnscache/env/IP]
#=====================================================================
172.17.17.254
#=====================================================================
F. Modify dnscache package to allow queries from local network
3 ) Packages configuration
2) Querying hosts IP's (default: 192.168)
[/etc/dnscache/env/IPQUERY]
<I like to tighten up the network scope on this, I don't know if it's
necessary, or if CIDR addressing works (as in 172.17.17/24). I bet it
would.>
#=====================================================================
172.17.17
#=====================================================================
G. Modify dhcpd package scope to match.
[/etc/dhcpd.conf]
3 ) Packages configuration
7) dhcpd
1) dhcpd daemon config
#=====================================================================
subnet 172.17.17.0 netmask 255.255.255.0 {
option routers 172.17.17.254;
option domain-name "private.network";
option domain-name-servers 172.17.17.254;
range 172.17.17.1 172.17.17.199;
}
#=====================================================================
H: Modify weblet server name and address
[/etc/sh-httpd.conf]
3 ) Packages configuration
8) weblet
1) shell-script web server configuration
#=====================================================================
# Who are we - used for CGI scripts
#SERVER_NAME=192.168.1.254
#SERVER_ADDR=192.168.1.254
SERVER_PORT=80
SERVER_NAME=172.17.17.254
SERVER_ADDR=172.17.17.254
# Who can access the server?
#CLIENT_ADDRS="192.168.1."
#=====================================================================
This shell script will print all uncommented lines containing 192.168.
#! /bin/sh
find /etc -type d -print | while read i
do
grep '^[^#]*192.168' $i/*
done
# something like sed 's/^[^#]*192.168.1/172.17.17/g' $i > $i.tmp && mv
$i.tmp $i #(inside the while-do loop)
# would probably do the replace for you, but you'd have to do a second pass
with just two octets--
# but I haven't tested it. And don't change shorewall's rfc1918 file!!
-------------------------------------------------------
This sf.net email is sponsored by: Influence the future
of Java(TM) technology. Join the Java Community
Process(SM) (JCP(SM)) program now.
http://ads.sourceforge.net/cgi-bin/redirect.pl?sunm0004en
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
