Index
- Introduction.
- Configure the DMZ server.
Introduction.
Using the articles about adding a Virtual Machine you can now create another Virtual Machine. Connect the network card of this new machine to the Internal Network WPL-DMZ, the third adapter of the gateway (eth2) should already be connected to that network. Make sure you add this machine to /etc/vbox/autorun.cfg so that it will be started and stopped together with the Home Server. Set it after the gateway machine.
Homeserver and Virtual servers.
If you do a network install, you can use the static IP address 10.126.162.2 with default gateway 10.126.162.1. This is the address this server will get after installation. Install all the base packages plus openssh.
Configure the DMZ server.
Using the net-legacy package, configure /etc/rc.conf like this:
MODULES=(vboxguest vboxsf nf_conntrack_ftp) .... HOSTNAME="websrv" # Legacy networking eth0="eth0 10.126.162.2 netmask 255.255.255.0 broadcast 10.126.162.255 \ add 2001:1af8:fecf:7ea2::2/64" INTERFACES=(eth0) gateway4="default gw 10.126.162.1" gateway6="default gw 2001:1af8:fecf:7ea2::1" ROUTES=(gateway4 gateway6)
Later more IPv6 addresses will be added for the applications like a web server. This IPv6 address is the address that belongs to the machine.
In /etc/mkinitcpio.conf set the modules to early load:
MODULES="ipv6"
Run “mkinitcio -p linux” to activate this change.
Install and activate sshd and iptables and add this server to the firewall to complete the basic server setup. As usual, the configuration is saved in the next download:
