ifw02

Primary tabs

introduction

A computer that acts as a firewall. It is one of the many PCs making up the LIC.

Every host name in the LIC has five characters like this one.

LIC topology: ifw02
PCs switches ethernet interfaces

hardware

A Dell OptiPlex GX260. Wikipedia (http://en.wikipedia.org/wiki/Dell_OptiPlex) has this summary.

  • Model: GX260
  • Chipset: Intel 845G
  • CPU: Pentium 4 or Celeron
  • FSB: 400/533 MHz
  • RAM type: DDR 200/266
  • RAM speed: PC2700
  • Chassis: SFF, SD, SMT
  • Comments: PATA only, no SATA Socket 478
  • USB: USB 2.0 x6
ifw02:~# lshw
ifw02
    description: Mini Tower Computer
    product: OptiPlex GX260
    vendor: Dell Computer Corporation
    serial: 6FT5H0J
    width: 32 bits
    capabilities: smbios-2.3 dmi-2.3 smp-1.4 smp
    configuration: administrator_password=enabled boot=normal chassis=mini-tower cpus=1 power-on_password=enabled uuid=44454C4C-4600-1054-8035-B6C04F48304A
  *-core
       description: Motherboard
       vendor: Dell Computer Corp.
       physical id: 0
       serial: ..              .
       slot: PCI1
     *-firmware
          description: BIOS
          vendor: Dell Computer Corporation
          physical id: 0
          version: A09 (11/01/2004)
          size: 64KiB
          capacity: 448KiB
          capabilities: isa pci pnp apm upgrade shadowing escd cdboot bootselect edd int13floppytoshiba int5printscreen int9keyboard int14serial int17printer acpi usb agp ls120boot biosbootspecification netboot
     *-cpu
          description: CPU
          product: Intel(R) Pentium(R) 4 CPU 1.80GHz
          vendor: Intel Corp.
          physical id: 400
          bus info: cpu@0
          version: 15.2.4
          slot: Microprocessor
          size: 1800MHz
          capacity: 3060MHz
          width: 32 bits
          clock: 400MHz
          capabilities: boot fpu fpu_exception wp vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm up pebs bts
          configuration: id=0
        *-cache:0
             description: L1 cache
             physical id: 700
             size: 8KiB
             capacity: 16KiB
             capabilities: internal write-back data
        *-cache:1
             description: L2 cache
             physical id: 701
             size: 512KiB
             capacity: 512KiB
             capabilities: internal varies unified
     *-memory
          description: System Memory
          physical id: 1000
          slot: System board or motherboard
          size: 256MiB
          capacity: 1GiB
        *-bank:0
             description: DIMM SDRAM Synchronous 266 MHz (3.8 ns)
             physical id: 0
             slot: DIMM_A
             size: 256MiB
             width: 64 bits
             clock: 266MHz (3.8ns)
        *-bank:1
             description: DIMM SDRAM Synchronous 266 MHz (3.8 ns) [empty]
             physical id: 1
             slot: DIMM_B
             width: 64 bits
             clock: 266MHz (3.8ns)
     *-pci
          description: Host bridge
          product: 82845G/GL[Brookdale-G]/GE/PE DRAM Controller/Host-Hub Interface
          vendor: Intel Corporation
          physical id: 100
          bus info: pci@0000:00:00.0
          version: 01
          width: 32 bits
          clock: 33MHz
          configuration: driver=agpgart-intel module=intel_agp
        *-display UNCLAIMED
             description: VGA compatible controller
             product: 82845G/GL[Brookdale-G]/GE Chipset Integrated Graphics Device
             vendor: Intel Corporation
             physical id: 2
             bus info: pci@0000:00:02.0
             version: 01
             width: 32 bits
             clock: 33MHz
             capabilities: pm vga_controller bus_master cap_list
             configuration: latency=0
        *-usb:0
             description: USB Controller
             product: 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) USB UHCI Controller #1
             vendor: Intel Corporation
             physical id: 1d
             bus info: pci@0000:00:1d.0
             version: 01
             width: 32 bits
             clock: 33MHz
             capabilities: uhci bus_master
             configuration: driver=uhci_hcd latency=0 module=uhci_hcd
           *-usbhost
                product: UHCI Host Controller
                vendor: Linux 2.6.26-2-686 uhci_hcd
                physical id: 1
                bus info: usb@1
                logical name: usb1
                version: 2.06
                capabilities: usb-1.10
                configuration: driver=hub slots=2 speed=12.0MB/s
        *-usb:1
             description: USB Controller
             product: 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) USB UHCI Controller #2
             vendor: Intel Corporation
             physical id: 1d.1
             bus info: pci@0000:00:1d.1
             version: 01
             width: 32 bits
             clock: 33MHz
             capabilities: uhci bus_master
             configuration: driver=uhci_hcd latency=0 module=uhci_hcd
           *-usbhost
                product: UHCI Host Controller
                vendor: Linux 2.6.26-2-686 uhci_hcd
                physical id: 1
                bus info: usb@2
                logical name: usb2
                version: 2.06
                capabilities: usb-1.10
                configuration: driver=hub slots=2 speed=12.0MB/s
        *-usb:2
             description: USB Controller
             product: 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) USB UHCI Controller #3
             vendor: Intel Corporation
             physical id: 1d.2
             bus info: pci@0000:00:1d.2
             version: 01
             width: 32 bits
             clock: 33MHz
             capabilities: uhci bus_master
             configuration: driver=uhci_hcd latency=0 module=uhci_hcd
           *-usbhost
                product: UHCI Host Controller
                vendor: Linux 2.6.26-2-686 uhci_hcd
                physical id: 1
                bus info: usb@3
                logical name: usb3
                version: 2.06
                capabilities: usb-1.10
                configuration: driver=hub slots=2 speed=12.0MB/s
        *-usb:3
             description: USB Controller
             product: 82801DB/DBM (ICH4/ICH4-M) USB2 EHCI Controller
             vendor: Intel Corporation
             physical id: 1d.7
             bus info: pci@0000:00:1d.7
             version: 01
             width: 32 bits
             clock: 33MHz
             capabilities: pm debug ehci bus_master cap_list
             configuration: driver=ehci_hcd latency=0 module=ehci_hcd
           *-usbhost
                product: EHCI Host Controller
                vendor: Linux 2.6.26-2-686 ehci_hcd
                physical id: 1
                bus info: usb@4
                logical name: usb4
                version: 2.06
                capabilities: usb-2.00
                configuration: driver=hub slots=6 speed=480.0MB/s
        *-pci
             description: PCI bridge
             product: 82801 PCI Bridge
             vendor: Intel Corporation
             physical id: 1e
             bus info: pci@0000:00:1e.0
             version: 81
             width: 32 bits
             clock: 33MHz
             capabilities: pci normal_decode bus_master
           *-network:0
                description: Ethernet interface
                product: RTL-8169 Gigabit Ethernet
                vendor: Realtek Semiconductor Co., Ltd.
                physical id: 7
                bus info: pci@0000:01:07.0
                logical name: eth1
                version: 10
                serial: 00:e0:4c:89:36:76
                size: 100MB/s
                capacity: 1GB/s
                width: 32 bits
                clock: 66MHz
                capabilities: pm bus_master cap_list ethernet physical tp 10bt 10bt-fd 100bt 100bt-fd 1000bt-fd autonegotiation
                configuration: autonegotiation=on broadcast=yes driver=r8169 driverversion=2.2LK-NAPI duplex=full ip=200.0.0.35 latency=64 link=yes maxlatency=64 mingnt=32 module=r8169 multicast=yes port=twisted pair speed=100MB/s
           *-network:1
                description: Ethernet interface
                product: RTL-8139/8139C/8139C+
                vendor: Realtek Semiconductor Co., Ltd.
                physical id: 8
                bus info: pci@0000:01:08.0
                logical name: eth2
                version: 10
                serial: 00:0e:2e:cb:a8:9e
                size: 100MB/s
                capacity: 100MB/s
                width: 32 bits
                clock: 33MHz
                capabilities: pm bus_master cap_list ethernet physical tp mii 10bt 10bt-fd 100bt 100bt-fd autonegotiation
                configuration: autonegotiation=on broadcast=yes driver=8139too driverversion=0.9.28 duplex=full latency=64 link=yes maxlatency=64 mingnt=32 module=8139too multicast=yes port=MII slave=yes speed=100MB/s
           *-network:2
                description: Ethernet interface
                product: RTL-8169 Gigabit Ethernet
                vendor: Realtek Semiconductor Co., Ltd.
                physical id: 9
                bus info: pci@0000:01:09.0
                logical name: eth3
                version: 10
                serial: 00:0e:2e:cb:a8:9e
                size: 100MB/s
                capacity: 1GB/s
                width: 32 bits
                clock: 66MHz
                capabilities: pm bus_master cap_list ethernet physical tp 10bt 10bt-fd 100bt 100bt-fd 1000bt-fd autonegotiation
                configuration: autonegotiation=on broadcast=yes driver=r8169 driverversion=2.2LK-NAPI duplex=full latency=64 link=yes maxlatency=64 mingnt=32 module=r8169 multicast=yes port=twisted pair slave=yes speed=100MB/s
           *-network:3
                description: Ethernet interface
                product: RTL-8139/8139C/8139C+
                vendor: Realtek Semiconductor Co., Ltd.
                physical id: a
                bus info: pci@0000:01:0a.0
                logical name: eth4
                version: 10
                serial: 00:0e:2e:cb:ac:d8
                size: 10MB/s
                capacity: 100MB/s
                width: 32 bits
                clock: 33MHz
                capabilities: pm bus_master cap_list ethernet physical tp mii 10bt 10bt-fd 100bt 100bt-fd autonegotiation
                configuration: autonegotiation=on broadcast=yes driver=8139too driverversion=0.9.28 duplex=half ip=192.168.120.6 latency=64 link=no maxlatency=64 mingnt=32 module=8139too multicast=yes port=MII speed=10MB/s
           *-network:4
                description: Ethernet interface
                product: 82540EM Gigabit Ethernet Controller
                vendor: Intel Corporation
                physical id: c
                bus info: pci@0000:01:0c.0
                logical name: eth0
                version: 02
                serial: 00:08:74:0f:10:66
                size: 1GB/s
                capacity: 1GB/s
                width: 32 bits
                clock: 66MHz
                capabilities: pm pcix msi bus_master cap_list ethernet physical tp 10bt 10bt-fd 100bt 100bt-fd 1000bt-fd autonegotiation
                configuration: autonegotiation=on broadcast=yes driver=e1000 driverversion=7.3.20-k2-NAPI duplex=full firmware=N/A ip=192.168.80.6 latency=64 link=yes mingnt=255 module=e1000 multicast=yes port=twisted pair speed=1GB/s
        *-isa
             description: ISA bridge
             product: 82801DB/DBL (ICH4/ICH4-L) LPC Interface Bridge
             vendor: Intel Corporation
             physical id: 1f
             bus info: pci@0000:00:1f.0
             version: 01
             width: 32 bits
             clock: 33MHz
             capabilities: isa bus_master
             configuration: latency=0
        *-ide
             description: IDE interface
             product: 82801DB (ICH4) IDE Controller
             vendor: Intel Corporation
             physical id: 1f.1
             bus info: pci@0000:00:1f.1
             version: 01
             width: 32 bits
             clock: 33MHz
             capabilities: ide bus_master
             configuration: driver=PIIX_IDE latency=0 module=piix
           *-ide:0
                description: IDE Channel 0
                physical id: 0
                bus info: ide@0
                logical name: ide0
                clock: 33MHz
              *-disk
                   description: ATA Disk
                   product: MAXTOR 6L020J1
                   vendor: Maxtor
                   physical id: 0
                   bus info: ide@0.0
                   logical name: /dev/hda
                   version: A93.0500
                   serial: 661219812428
                   size: 19GiB (20GB)
                   capacity: 19GiB (20GB)
                   capabilities: ata dma lba iordy smart security pm partitioned partitioned:dos
                   configuration: mode=udma5 signature=fb51107f smart=on
                 *-volume:0
                      description: EXT3 volume
                      vendor: Linux
                      physical id: 1
                      bus info: ide@0.0,1
                      logical name: /dev/hda1
                      logical name: /
                      version: 1.0
                      serial: 3c71528d-7bb8-4a41-a77f-a0d62d4a52fc
                      size: 337MiB
                      capacity: 337MiB
                      capabilities: primary bootable journaled extended_attributes large_files huge_files recover ext3 ext2 initialized
                      configuration: created=2009-09-04 23:42:46 filesystem=ext3 modified=2011-01-31 11:14:01 mount.fstype=ext3 mount.options=rw,errors=remount-ro,data=ordered mounted=2011-01-31 11:14:01 state=mounted
                 *-volume:1
                      description: Extended partition
                      physical id: 2
                      bus info: ide@0.0,2
                      logical name: /dev/hda2
                      size: 18GiB
                      capacity: 18GiB
                      capabilities: primary extended partitioned partitioned:extended
                    *-logicalvolume:0
                         description: Linux filesystem partition
                         physical id: 5
                         logical name: /dev/hda5
                         logical name: /usr
                         capacity: 4769MiB
                         configuration: mount.fstype=ext3 mount.options=rw,errors=continue,data=ordered state=mounted
                    *-logicalvolume:1
                         description: Linux filesystem partition
                         physical id: 6
                         logical name: /dev/hda6
                         logical name: /var
                         capacity: 2863MiB
                         configuration: mount.fstype=ext3 mount.options=rw,errors=continue,data=ordered state=mounted
                    *-logicalvolume:2
                         description: Linux swap / Solaris partition
                         physical id: 7
                         logical name: /dev/hda7
                         capacity: 729MiB
                         capabilities: nofs
                    *-logicalvolume:3
                         description: Linux filesystem partition
                         physical id: 8
                         logical name: /dev/hda8
                         logical name: /tmp
                         capacity: 384MiB
                         configuration: mount.fstype=ext3 mount.options=rw,errors=continue,data=ordered state=mounted
                    *-logicalvolume:4
                         description: Linux filesystem partition
                         physical id: 9
                         logical name: /dev/hda9
                         logical name: /home
                         capacity: 10GiB
                         configuration: mount.fstype=ext3 mount.options=rw,errors=continue,data=ordered state=mounted
           *-ide:1
                description: IDE Channel 1
                physical id: 1
                bus info: ide@1
                logical name: ide1
                clock: 33MHz
              *-cdrom
                   description: IDE CD-ROM
                   product: GCR-8481B
                   physical id: 0
                   bus info: ide@1.0
                   logical name: /dev/hdc
                   version: 1.06
                   capabilities: packet atapi cdrom removable nonmagnetic dma lba iordy audio
                   configuration: mode=udma2 status=nodisc
        *-serial
             description: SMBus
             product: 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) SMBus Controller
             vendor: Intel Corporation
             physical id: 1f.3
             bus info: pci@0000:00:1f.3
             version: 01
             width: 32 bits
             clock: 33MHz
             configuration: driver=i801_smbus latency=0 module=i2c_i801
        *-multimedia
             description: Multimedia audio controller
             product: 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) AC'97 Audio Controller
             vendor: Intel Corporation
             physical id: 1f.5
             bus info: pci@0000:00:1f.5
             version: 01
             width: 32 bits
             clock: 33MHz
             capabilities: pm bus_master cap_list
             configuration: driver=Intel ICH latency=0 module=snd_intel8x0
  *-network:0
       description: Ethernet interface
       physical id: 1
       logical name: bond0
       serial: 00:0e:2e:cb:a8:9e
       capabilities: ethernet physical
       configuration: broadcast=yes driver=bonding driverversion=3.2.5 firmware=2 ip=192.168.0.4 master=yes multicast=yes
  *-network:1 DISABLED
       description: Ethernet interface
       physical id: 2
       logical name: bond1
       capabilities: ethernet physical
       configuration: broadcast=yes driver=bonding driverversion=3.2.5 firmware=2 master=yes multicast=yes
  *-network:2 DISABLED
       description: Ethernet interface
       physical id: 3
       logical name: bond2
       capabilities: ethernet physical
       configuration: broadcast=yes driver=bonding driverversion=3.2.5 firmware=2 master=yes multicast=yes
ifw02:~#

network interfaces

LIC table: ifw02 network interfaces
computer interface description IP address netmask
(ifw01 or ifw02) bond0:0 gateway. HA address on an internet firewall. This IP address is usually found on ifw01, but if this computer has problems the address gets moved to ifw02. 192.168.0.1 255.255.248.0
ifw02 bond0 internet firewall. ethernet bonding for eth3 and eth4. 192.168.0.4 255.255.248.0
ifw02 eth2 Internet firewall - biz01 test network 192.168.0.5 255.255.248.0
ifw02 eth3 Internet firewall - biz02 test network 192.168.40.3 255.255.248.0
ifw02 eth0 internet firewall administration 192.168.80.6 255.255.248.0
ifw02 eth1 internet firewall 200.0.0.35 255.255.255.224
(ifw01 or ifw02) eth1:0 web site 1. HA address on an internet firewall. This IP address is usually found on ifw01, but if this computer has problems the address gets moved to ifw02. 200.0.0.10 255.255.255.224
(ifw01 or ifw02) eth1:1 web site 2 200.0.0.11 255.255.255.224
(ifw01 or ifw02) eth1:2 web site 3 200.0.0.12 255.255.255.224

extra packages

Things not provided by the OS install.

apt-get install  heartbeat ifenslave ipvsadm \
    ldirectord lynx minicom ntp ntpdate nut openssh-server \
    screen setserial sysv-rc-conf tcpdump 

customised files

Bespoke tailoring for this host.

Only the last part of each shorewall file is shown. This part contains the rules. The first few hundred lines contain a description of what is possible.

/etc/network/interfaces

The configuration file that assigns IP addresses to OS interfaces.

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback
#
# adm01 network
# see http://cluster.planetlarg.com/car-size-cluster-reference/ip-addresses/internet-dmz-adm01-19216880021
#
allow-auto eth0
iface eth0 inet static
    address 192.168.80.6
    netmask 255.255.248.0
#
# Internet
# see http://cluster.planetlarg.com/car-size-cluster-reference/ip-addresses/nat-ip-addresses-20000x
#
allow-auto eth1
iface eth1 inet static
    address 200.0.0.35
    netmask 255.255.255.224
    gateway 200.0.0.1
#
# biz01 network
# see http://cluster.planetlarg.com/car-size-cluster-reference/ip-addresses/internet-dmz-biz01-ip-addresses-1921680021
#
allow-auto eth2
iface eth2 inet static
    address 192.168.0.5
    netmask 255.255.248.0
#
# biz02 network
# see http://cluster.planetlarg.com/car-size-cluster-reference/ip-addresses/internet-dmz-biz02-19216840021
#
allow-auto eth3
iface eth3 inet static
    address 192.168.40.3
    netmask 255.255.248.0
#
# spare
#
allow-auto eth4
iface eth4 inet static
    address 192.168.120.6
    netmask 255.255.248.0
#
# bond the biz networks
# see http://cluster.planetlarg.com/car-size-cluster-build/add-ha-high-availability/bond-eth2-and-eth3-ifw01
#
allow-auto bond0
iface bond0 inet static
    pre-up  modprobe bond0
#    hwaddress ether 00:e0:4c:a9:34:42
    address 192.168.0.4
    netmask 255.255.248.0
    up      ifenslave    bond0 eth2 eth3
    down    ifenslave -d bond0 eth2 eth3
#

/etc/udev/rules.d/70-persistent-net.rules

The configuration file that assigns OS interface names to network interfaces.

# This file was automatically generated by the /lib/udev/write_net_rules
# program run by the persistent-net-generator.rules rules file.
#
# You can modify it, as long as you keep each rule on a single line.
#
#---------
# larg sep 2010

# PCI device 0x8086:0x100e (e1000)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:08:74:0f:10:66", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"

# PCI device 0x10ec:0x8169 (r8169)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:e0:4c:89:36:76", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1"

# PCI device 0x10ec:0x8139 (8139too)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0e:2e:cb:a8:9e", ATTR{type}=="1", KERNEL=="eth*", NAME="eth2"

# PCI device 0x10ec:0x8169 (r8169)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:e0:4c:89:33:0c", ATTR{type}=="1", KERNEL=="eth*", NAME="eth3"

# PCI device 0x10ec:0x8139 (8139too)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0e:2e:cb:ac:d8", ATTR{type}=="1", KERNEL=="eth*", NAME="eth4"
#

/etc/resolv.conf

The configuration file that tells the OS where the DNS server is.

domain planetlarg.com
search planetlarg.com
nameserver 200.0.0.1

/etc/modprobe.d/arch/i386

The configuration file that adds modules to the OS.

alias parport_lowlevel parport_pc

alias binfmt-0064 binfmt_aout
alias binfmt-332 iBCS

alias bond0 bonding
alias bond1 bonding
options bonding mode=1 miimon=100 downdelay=200 updelay=200 max_bonds=3

/etc/ha.d/haresources

The configuration file that lists High Availability things.

# This is a list of resources that move from machine to machine as
# nodes go down and come up in the cluster.
# The haresources files MUST BE IDENTICAL on all nodes of the cluster.
# for more info see sample file /usr/share/doc/heartbeat-2/haresources
#
# fields of "IPAddr::" are:
# IP address/netmask/interface/broadcast address
#
# fields of "ldirectord::" are:
# configuration file: This is the name of the file containing the
#      configuration, stored in the directory /etc/ha.d/conf/
#
ifw02  \
    IPaddr::200.0.0.3/27/bond0/200.0.0.31 \
    IPaddr::192.168.0.1/21/bond1/192.168.7.255 \
    ldirectord::ldirectord.cf
#

/etc/ha.d/authkeys

The configuration file that adds security to the HA application "heartbeat".

# heartbeat authentication
# This file must be mode 600!
# for more info see sample file /usr/share/doc/heartbeat-2/authkeys
#
auth 1
1 sha1 key-for-sha1-any-text-you-want

/etc/ha.d/ha.cf

The master configuration file for the HA application "heartbeat".

# heartbeat resources
# for more info see sample file /usr/share/doc/heartbeat-2/ha.cf
#
#       Facility to use for syslog()/logger
logfacility    local0
#       What interfaces to broadcast heartbeats over?
bcast          bond0
#       Set up a multicast heartbeat medium
mcast          bond0 225.0.0.1 694 1 0
#       resources will automatically fail back to the "primary" node
auto_failback  on
#       Tell what machines are in the cluster
node           ifw01
node           ifw02
#       Processes started and stopped with heartbeat
respawn        hacluster /usr/lib/heartbeat/ipfail
#       Access control for client api
apiauth        ipfail gid=haclient uid=hacluster

/etc/ha.d/conf/ldirectord.cf

The configuration file for the HA application "ldirectord".

# Ldirectord will connect to each real server
# and request a test page.
# If the data returned by the server does not contain a test string
# then the test fails and the real server will be
# taken out of the available pool.
# The real server will be added back into the pool once the test succeeds.
# If all real servers are removed from the pool
# then the fall back server is added to the pool.
#
# see /usr/share/doc/ldirectord/ldirectord.cf.gz
#
# global directives
#
checktimeout=5
checkinterval=5
fallback=127.0.0.1:80
autoreload=yes
quiescent=yes
#
# virtual server
#
virtual=200.0.0.10:80
        #
# real servers
        # real fields are
        # * IP adddress
        # http://cluster.planetlarg.com/car-size-cluster-reference/ip-addresses//internet-dmz-biz01-ip-addresses-1921680021
        # * port
        # * masq
        # tells LVS to use LVS-NAT
        # http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.LVS-NAT.html
        #
        # ics01
        real=192.168.3.2:80 masq
        # ics02
        #real=192.168.3.3:80 masq
        # ics03
        #real=192.168.3.4:80 masq
        #
# test page
        service=http
        request="ldirectord.html"
        receive="ldirectord test"
#  other stuff
        scheduler=rr
        protocol=tcp
#

standard issue files

Off-the-peg tailoring for this host.

/etc/hosts

The configuration file for host names and IP addresses.

127.0.0.1       localhost
127.0.1.1       ifw02.idc       ifw02

# The following lines are desirable for IPv6 capable hosts
::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

/etc/passwd

The configuration file for user accounts.

root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
Debian-exim:x:100:102::/var/spool/exim4:/bin/false
statd:x:101:65534::/var/lib/nfs:/bin/false
identd:x:102:65534::/var/run/identd:/bin/false
messagebus:x:103:104::/var/run/dbus:/bin/false
avahi:x:104:105:Avahi mDNS daemon,,,:/var/run/avahi-daemon:/bin/false
haldaemon:x:105:108:Hardware abstraction layer,,,:/home/haldaemon:/bin/false
gdm:x:106:111:Gnome Display Manager:/var/lib/gdm:/bin/false
hplip:x:107:7:HPLIP system user,,,:/var/run/hplip:/bin/false
issalarg:x:1000:1000:issalarg,,,:/home/issalarg:/bin/bash
ntp:x:108:112::/home/ntp:/bin/false
sshd:x:109:65534::/var/run/sshd:/usr/sbin/nologin
nut:x:110:113::/var/lib/nut:/bin/false
hacluster:x:111:114:Heartbeat System Account,,,:/usr/lib/heartbeat:/bin/false