Skip to content

Report Linux practice by ChumichevVA #37

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Bunshi66 wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Report Linux practice by ChumichevVA #37

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 18 additions & 0 deletions application/app.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
from flask import Flask, request

app = Flask(__name__)

@app.route('/get', methods=['GET'])
def get_endpoint():
return "This is a GET request response\n"

@app.route('/post', methods=['POST'])
def post_endpoint():
return f"Received POST data: {request.json}\n"

@app.route('/put', methods=['PUT'])
def put_endpoint():
return f"Received PUT data: {request.json}\n"

if __name__ == "__main__":
app.run(host='0.0.0.0', port=5000)
9 changes: 9 additions & 0 deletions configs/LinuxA.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
network:
ethernets:
enp0s3:
dhcp4: true
enp0s8:
dhcp4: no
addresses: [192.168.11.10/24]
gateway4: 192.168.11.1
version: 2
11 changes: 11 additions & 0 deletions configs/LinuxB.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
network:
ethernets:
enp0s3:
dhcp4: true
enp0s8:
dhcp4: no
addresses: [192.168.11.1/24]
enp0s9:
dhcp4: no
addresses: [192.168.3.1/24]
version: 2
12 changes: 12 additions & 0 deletions configs/LinuxC.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
network:
ethernets:
enp0s3:
dhcp4: true
enp0s8:
dhcp4: no
addresses: [192.168.3.10/24]
gateway4: 192.168.3.1
routes:
- to: 192.168.11.0/24
via: 192.168.3.1
version: 2
Binary file added pictures/app_request-response_check.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added pictures/application_web-server.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added pictures/client_request_check.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added pictures/ip_rules_and_firewall.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added pictures/netplanA.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added pictures/netplanB.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added pictures/netplanC.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added pictures/tcpdump_firewall-block-5500-port.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added pictures/web-server_status.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
71 changes: 71 additions & 0 deletions report.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
@@ -0,0 +1,68 @@
# Отчёт по работе №1: Практика Linux (VirtualBox)

<br>

**Чумичев Вячеслав Алексеевич**

<br>

**Дата рождения: 11.03.2002**

<br>

## 1. Создание ВМ
Начинаем работу с создания одной ВМ на основе скачанного образа. Дважды клонируем её. <br>
Далее настраиваем сетевые адаптеры по заданию:
- Вместо NAT - Сетевой мост
- Добавляем две внутренние подсети - `clientnet` и `servernet` <br> <br>

После настройки запускаем все три ВМ и конфигурируем hostname и user:
- `user=chumichev_1, hostname=chumichev_server (server)`
- `user=chumichev_2, hostname=chumichev_gateway (gateway)`
- `user=chumichev_3, hostname=chumichev_client (client)`

## 2. Конфигурация netplan
Перейдем к настройке netplan конфигов. <br>
Меняем конфигурационные файлы командой:
```shell
sudo nano /etc/netplan/00-installer-config.yaml
```
А также применяем новые сетевые настройки:
```shell
sudo netplan apply
```
Проверим полученный результат: <br>

![Netplan A](pictures/netplanA.png)
![Netplan B](pictures/netplanB.png)
![Netplan C](pictures/netplanC.png)

## 3. Индивидуальная настройка ВМ
### Linux A (server)
В корневой папке создадим файл `app.py` с простым Flask приложением на три эндпоинта. <br>
Также напишем сервис для автозапуска приложения:

![Flask приложение и сервис для его запуска](pictures/application_web-server.png)

### Linux B (gateway)
Настроим `iptables` на ВМ-шлюзе для фильтрации пакетов по 5000 порту. <br>
Делаем это также через терминал командами по заданию. <br>
После изменения сохраняем конфигурацию через `iptables-persistent`. <br>
Проверим полученный результат: <br>

![ip_rules](pictures/ip_rules_and_firewall.png)

## 4. Тестирование всей системы
Для проверки всей системы необходимо:
- Проверить работу web-service `app.py` на машине **А**

![Проверка статуса работы сервиса автозапуска приложения](pictures/web-server_status.png)

- Запустить `tcpdump` на машине **B** и проверить работу firewall

![tcpdump по порту 5500](pictures/tcpdump_firewall-block-5500-port.png)

- Начать отправлять `curl` запросы на машине **C**
Проверим полученный результат: <br>

![ВМ С](pictures/client_request_check.png)

![ВМ A](pictures/app_request-response_check.png)