# Projeto Linux --- ## Ip's | Server | Ip | Default Getaway | | --------------- | -------------- | --------------- | | Windows Server | 192.168.10.1 | 192.168.10.254 | | Ubuntu Server 1 | 192.168.10.2 | | | Ubuntu Server 2 | 192.168.10.3 | | | Ubuntu Server 3 | 192.168.10.4 | | | Ubuntu Server 4 | 192.168.10.5 | | | PfSenseLisboa | 192.168.10.254 | | | PfSensePorto | 192.168.30.254 | | --- ### Proxy * sudo nano /etc/environment http_proxy="http:172.16.10.253:8080/" https_proxy="https:172.16.10.253:8080/" * sudo nano .bashrc export http_proxy="http://172.16.10.253:8080" export https_proxy="https://172.16.10.253:8080" * sudo nano /etc/apt/apt.conf Acquire::http::proxy="http://172.16.10.253:8080/"; Acquire::https::proxy="https://172.16.10.253:8080/"; ## DOMINIO estar em / wget http://download.beyondtrust.com/PBISO/8.0.1/linux.deb.x64/pbis-open-8.0.1.2029.linux.x86_64.deb.sh sudo chmod +x pbis-open-8.0.1.2029.linux.x86_64.deb.sh ./pbis-open-8.0.1.2029.linux.x86_64.deb.sh domainjoin-cli join --disable ssh obras.pt Administrator sudo /opt/pbis/bin/config UserDomainPrefix obras.pt sudo /opt/pbis/bin/config AssumeDefaultDomain True sudo /opt/pbis/bin/config LoginShellTemplate /bin/bash sudo /opt/pbis/bin/config HomeDirTemplate %H/%D/%U domainjoin-cli query ***** ERRO dominio ifdown placa nat nano /etc/network/interfaces dns-nameservers x.x.x.x ifdown placa internal ifup placa internal localhost, 127.0.0.0/8, ::1, obras.pt, 192.168.10.0/24, 192.168.10.2, mail.obras.pt ## MYSQL sudo apt-get install mysql-server sudo apt-get install mysql.server mysql -u root -p >create database openfire; >GRANT ALL PRIVILEGES ON openfire.* TO openfire@localhost IDENTIFIED BY 'abc.123'; >flush privileges; >exit wget https://www.igniterealtime.org/downloadServlet?filename=openfire/openfire_4.2.3_all.deb \ (NA RAIZ) > -O openfire.deb dpkg -i openfire.deb systemctl restart openfire systemctl status openfire mysql -u root -p >use openfire; >source /usr/share/openfire/resources/database/openfire_mysql.sql; >exit sudo nano /etc/openfire/openfire.xml mudar porta 9090 para 9095 e 9091 para 9096 service openfire restart service openfire status for i in 9090 9091 5222 777 9095 9096 ; do sudo ufw allow $i; done service openfire restart service openfore status ## OPENFIRE next standart database connection DATABASE MYSQL DATABASE URL mudar [hostname] para localhost , apagar tudo depois da ultima / e mete openfire username root pass abc.123 next directory server next Server Type Active Directory host 192.168.10.1 Base DN- abrir windows server , tools, AD users and computers, view , advanced features, entrar pasta users, Adminsitrator, Atribute editor, distinguedname,copiar os DC'S Administrator DC - copiar tudo PAssword do dominio test settings save and continue save and continue save and continue Administrator ## POSTFIX sudo apt-get install postfix Internet Site obras.pt NÃO FAZER NADA sudo dpkg-reconfigure postfix senão houver obras.pt,adicionar no add nossa rede (192.168.10.0/24) NÃO FAZER NADA NÃO FAZER NADA ipv4 sudo apt-get install courier-imap sudo apt-get install mailutils nano /etc/postfix/main.cf adicionar home_mailbox=Maildir/ maildirmake /etc/skel/Maildir su - (user ad) ls ver se tem Maildir sudo dpkg-reconfigure postfix Internet Site Adicionar mail.obras.pt net next next next next /etc/init.d/courier-imap restart /etc/init.d/courier-authdaemon restart /etc/init.d/postfix restart service postfix restart sercice postfix status WINDOWS SERVER TOOLS-DNS forward-obras.pt new host mail ip add - ip ubuntu server postfix add host new mail exchange(mx) mail browse- nome da maquina- forward-obras.pt-mail ok OPENFIRE next standart database connection DATABASE MYSQL DATABASE URL mudar [hostname] para localhost , apagar tudo depois da ultima / e mete openfire username root pass abc.123 next directory server next Server Type Active Directory host 192.168.10.1 Base DN- abrir windows server , tools, AD users and computers, view , advanced features, entrar pasta users, Adminsitrator, Atribute editor, distinguedname,copiar os DC'S Administrator DC - copiar tudo PAssword do dominio test settings save and continue save and continue save and continue Administrator ## SPARK sacar spark em tar tar -xvf spark_2_8_3.tar.gz ./Spark java -version apt-get install default-jre apt update cd /cliente3/Transferências/Spark/ ./Spark apt-get install libxi6:i386 libxrender1:i386 libxtst6:i386 logar com user de AD Domain obras.pt Advanced host= ip do servidor de openfire 3 ultimos marcados ## Pfsense Lisboa open vpn install packed services status system/packadge manager/packadge Installer Porto e Lisboa squid squid guard open vpn client export ## VPN ### Open Vpn Vpn>OpenVpn Server +Add Server mode - Peer to peer Ipv4 tunnel Network - 10.0.0.1/30 Ipv4 Remote network's - 192.168.30.0/24 (ip da pfsense do porto) Gateway creation *both copiar shared key ----------------------------------------- Interfaces>Assigtments add Interfaces>OPT1 enable interface --------------------------------- * Firewall>rules>WAN add Pass Protocol Any to any Save Aplly Changes * Firewall>rules>Lan add Pass Protocol Any to any Save Aplly Changes * Firewall>rules>OPT1 add Pass Protocol Any to any Save Aplly Changes * Firewall>rules>Open vpn add Pass Protocol Any to any Save Aplly Changes -------------------------------- ## Pfsense Porto open vpn install packed services status system/packadge manager/packadge Installer Porto e Lisboa squid squid guard open vpn client export system/certification manager CAS/EDIT name=certificaçao lisboa country: PT state:palmela city=palmela organization=obras services\squid proxy server check enable loopback e LAN enable squid proxy enable this to force dns enable transpereance enable ssh filtering cSA - certificacação accept local cache - save no fim general e fazer td de nobo ## VPN ### Open Vpn vpn open vpn client +add peer to peer (shared key) server host address (ip wan lisboa) 192.168.110.125 Auto generate - tirar a cruz IPv4 Tunnel network 10.0.0.1/30 IPv4 Remote network Interfaces>Assigtments add Interfaces>OPT1 enable interface * Firewall>rules>WAN add Pass Protocol Any to any Save Aplly Changes * Firewall>rules>WAN add Pass Protocol Any to any Save Aplly Changes * Firewall>rules>Lan add Pass Protocol Any to any Save Aplly Changes * Firewall>rules>OPT1 add Pass Protocol Any to any Save Aplly Changes # Pfsense Para não ficar em baixo firewall/rules/wan - Roda dentada block - retirar os certos systemctl reconfigure postfix **