Litlhahlobo tsa likhokahano tsa marang-rang ho EDGE virtual router

Maemong a mang, mathata a ka 'na a hlaha ha u theha router ea sebele. Ka mohlala, port forwarding (NAT) ha e sebetse mme/kapa ho na le bothata ba ho theha melao ea Firewall ka bobona. Kapa u hloka feela ho fumana li-log tsa router, hlahloba ts'ebetso ea mocha, 'me u etse tlhahlobo ea marang-rang. Mofani oa Cloud4Y o hlalosa hore na sena se etsoa joang.

Ho sebetsa le router ea sebele

Pele ho tsohle, re hloka ho lokisa phihlello ea router ea sebele - EDGE. Ho etsa sena, re kenya lits'ebeletso tsa eona ebe re ea tab e nepahetseng - Litlhophiso tsa EDGE. Ha re le moo re nolofalletsa Boemo ba SSH, beha phasewete, 'me u be bonnete ba hore u boloka liphetoho.

Haeba re sebelisa melao e thata ea Firewall, ha ntho e 'ngoe le e' ngoe e thibetsoe ka ho sa feleng, joale re eketsa melao e lumellang likhokahano ho router ka boeona ka sekepe sa SSH:

Ebe re hokahana le moreki ofe kapa ofe oa SSH, mohlala PuTTY, 'me u fihle ho console.

Ho console, re fumana litaelo, lethathamo la tsona le ka bonoang ho sebelisoa:
siyo lenaneng

Ke litaelo life tse ka re tsoelang molemo? Mona ke lethathamo la tse molemo ka ho fetisisa:

• bonts'a sebopeho - e tla bonts'a li-interfaces tse fumanehang le liaterese tsa IP tse kentsoeng ho tsona
• bontša log - e tla bontša li-router logs
• bonts'a log follow - e tla u thusa ho shebella logi ka nako ea 'nete ka lintlafatso tse sa feleng. Molao o mong le o mong, ebang ke NAT kapa Firewall, o na le khetho ea Noble regging, ha e nolofalitsoe, liketsahalo li tla tlalehoa ka har'a log, e tla lumella ho hlahlojoa.
• show flowtable - e tla bonts'a tafole eohle ea likhokahano tse thehiloeng le liparamente tsa tsona
  Mohlala:1: tcp 6 21599 ESTABLISHED src=9Х.107.69.ХХХ dst=178.170.172.XXX sport=59365 dport=22 pkts=293 bytes=22496 src=178.170.172.ХХХ dst=91.107.69.173 sport=22 dport=59365 pkts=206 bytes=83569 [ASSURED] mark=0 rid=133427 use=1
• bontša flowtable topN 10 - e o lumella ho bonts'a palo e hlokahalang ea mela, mohlaleng ona oa 10
• bontša flowtable topN 10 hlopha ka pkts - e tla thusa ho hlophisa likhokahano ka palo ea lipakete ho tloha ho tse nyane ho isa ho tse kholo
• bontša flowtable topN 10 hlopha ka li-byte - e tla thusa ho hlophisa likhokahano ka palo ea li-byte tse fetisitsoeng ho tloha ho tse nyane ho isa ho tse kholo
• e bonts'a ID ea ID ea melao-motheo e holimoN 10 - e tla thusa ho bonts'a likhokahano ka ID e hlokahalang ea molao
• bonts'a flowtable flowspec SPEC - bakeng sa khetho e feto-fetohang ea likhokahano, moo SPEC - e behang melao e hlokahalang ea ho sefa, mohlala proto=tcp:srcIP=9Х.107.69.ХХХ:sport=59365, bakeng sa khetho e sebelisang protocol ea TCP le aterese ea IP ea mohloli 9Х.107.69. XX ho tloha boema-kepe ba motho ea romelang 59365
  Mohlala:> show flowtable flowspec proto=tcp:srcip=90.107.69.171:sport=59365
1: tcp 6 21599 ESTABLISHED src=9Х.107.69.XX dst=178.170.172.xxx sport=59365 dport=22 pkts=1659 bytes=135488 src=178.170.172.xxx dst=xx.107.69.xxx sport=22 dport=59365 pkts=1193 bytes=210361 [ASSURED] mark=0 rid=133427 use=1
Total flows: 1
• bonts'a marotholi a pakete - e tla u lumella ho sheba lipalo-palo tsa liphutheloana
• bonts'a phallo ea li-firewall - E bonts'a li-firewall packet counters hammoho le phallo ea lipakete.

Re ka sebelisa lisebelisoa tsa mantlha tsa tlhahlobo ea marang-rang ka kotloloho ho tsoa ho router ea EDGE:

• ping ip LENTSOE
• ping ip WORD size SIZE count COUNT nofrag - ping e bontšang boholo ba data e rometsoeng le palo ea licheke, hape e thibela ho arohana ha boholo ba pakete e behiloeng.
• traceroute ip LENTSOE

Tatelano ea ho hlahloba ts'ebetso ea Firewall ho Edge

1. Qala bonts'a firewall 'me u shebe melao e kentsoeng ea ho sefa tloaelo tafoleng ea usr_rules
2. Re sheba ketane ea POSTROUTIN mme re laola palo ea lipakete tse theohileng re sebelisa tšimo ea DROP. Haeba ho na le bothata ba ho tsamaisa li-asymmetric, re tla rekota keketseho ea litekanyetso.
   Ha re etseng licheke tse ling:
   • Ping e tla sebetsa ka lehlakoreng le le leng eseng ka lehlakoreng le leng
   • ping e tla sebetsa, empa linako tsa TCP li ke ke tsa thehoa.
3. Re sheba tlhahiso ea tlhahisoleseling mabapi le liaterese tsa IP - bontša ipset
4. Lumella ho rengoa ha lifate molaong oa firewall litšebeletsong tsa Edge
5. Re sheba liketsahalo ho log - bonts'a log follow
6. Re hlahloba likhokahano ho sebelisa molao-id o hlokahalang - bontša flowtable rule_id
7. Ka thuso ea bonts'a lipalo-palo Re bapisa likhokahano tse kentsoeng tsa Current Flow Entries le boholo bo lumelletsoeng (Total Flow Capacity) ho tlhophiso ea hajoale. Litlhophiso le meeli e teng e ka bonoa ho VMware NSX Edge. Haeba u thahasella, nka bua ka sena sehloohong se latelang.

Ke eng hape eo u ka e balang ho blog? Cloud4Y

→ Livaerase tse hanyetsanang le CRISPR li haha ​​​​libaka tsa bolulo ho sireletsa liphatsa tsa lefutso ho li-enzyme tse kenang ka DNA.
→ Banka e ile ea hlōleha joang?
→ Theory e kholo ea Snowflake
→ Marang-rang ka libalune
→ Pentesters e ka pele ho cybersecurity

Ngolisa ho rona thelekramo- mocha e le hore u se ke oa fetoa ke sengoloa se latelang! Ha re ngole ho feta habeli ka beke le ka khoebo feela. Re u hopotsa hore ba qalang ba ka fumana RUB 1. ho tloha Cloud000Y. Maemo le foromo ea kopo bakeng sa ba thahasellang e ka fumanoa webosaeteng ea rona: bit.ly/2sj6dPK

Source: www.habr.com