Table of Contents for
Linux Network Administrator's Guide, Second Edition

Version ebook / Retour

Cover image for bash Cookbook, 2nd Edition Linux Network Administrator's Guide, Second Edition by Terry Dawson Published by O'Reilly Media, Inc., 2000
  1. Cover
  2. Linux Network Administrator’s Guide, 2nd Edition
  3. Preface
  4. Sources of Information
  5. File System Standards
  6. Standard Linux Base
  7. About This Book
  8. The Official Printed Version
  9. Overview
  10. Conventions Used in This Book
  11. Submitting Changes
  12. Acknowledgments
  13. 1. Introduction to Networking
  14. TCP/IP Networks
  15. UUCP Networks
  16. Linux Networking
  17. Maintaining Your System
  18. 2. Issues of TCP/IP Networking
  19. IP Addresses
  20. Address Resolution
  21. IP Routing
  22. The Internet Control Message Protocol
  23. Resolving Host Names
  24. 3. Configuring the Networking Hardware
  25. A Tour of Linux Network Devices
  26. Ethernet Installation
  27. The PLIP Driver
  28. The PPP and SLIP Drivers
  29. Other Network Types
  30. 4. Configuring the Serial Hardware
  31. Introduction to Serial Devices
  32. Accessing Serial Devices
  33. Serial Hardware
  34. Using the Configuration Utilities
  35. Serial Devices and the login: Prompt
  36. 5. Configuring TCP/IP Networking
  37. Installing the Binaries
  38. Setting the Hostname
  39. Assigning IP Addresses
  40. Creating Subnets
  41. Writing hosts and networks Files
  42. Interface Configuration for IP
  43. All About ifconfig
  44. The netstat Command
  45. Checking the ARP Tables
  46. 6. Name Service and Resolver Configuration
  47. How DNS Works
  48. Running named
  49. 7. Serial Line IP
  50. SLIP Operation
  51. Dealing with Private IP Networks
  52. Using dip
  53. Running in Server Mode
  54. 8. The Point-to-Point Protocol
  55. Running pppd
  56. Using Options Files
  57. Using chat to Automate Dialing
  58. IP Configuration Options
  59. Link Control Options
  60. General Security Considerations
  61. Authentication with PPP
  62. Debugging Your PPP Setup
  63. More Advanced PPP Configurations
  64. 9. TCP/IP Firewall
  65. What Is a Firewall?
  66. What Is IP Filtering?
  67. Setting Up Linux for Firewalling
  68. Three Ways We Can Do Filtering
  69. Original IP Firewall (2.0 Kernels)
  70. IP Firewall Chains (2.2 Kernels)
  71. Netfilter and IP Tables (2.4 Kernels)
  72. TOS Bit Manipulation
  73. Testing a Firewall Configuration
  74. A Sample Firewall Configuration
  75. 10. IP Accounting
  76. Configuring IP Accounting
  77. Using IP Accounting Results
  78. Resetting the Counters
  79. Flushing the Ruleset
  80. Passive Collection of Accounting Data
  81. 11. IP Masquerade and Network Address Translation
  82. Configuring the Kernel for IP Masquerade
  83. Configuring IP Masquerade
  84. Handling Name Server Lookups
  85. More About Network Address Translation
  86. 12. Important Network Features
  87. The tcpd Access Control Facility
  88. The Services and Protocols Files
  89. Remote Procedure Call
  90. Configuring Remote Login and Execution
  91. 13. The Network Information System
  92. NIS Versus NIS+
  93. The Client Side of NIS
  94. Running an NIS Server
  95. NIS Server Security
  96. Setting Up an NIS Client with GNU libc
  97. Choosing the Right Maps
  98. Using the passwd and group Maps
  99. Using NIS with Shadow Support
  100. 14. The Network File System
  101. Mounting an NFS Volume
  102. The NFS Daemons
  103. The exports File
  104. Kernel-Based NFSv2 Server Support
  105. Kernel-Based NFSv3 Server Support
  106. 15. IPX and the NCP Filesystem
  107. IPX and Linux
  108. Configuring the Kernel for IPX and NCPFS
  109. Configuring IPX Interfaces
  110. Configuring an IPX Router
  111. Mounting a Remote NetWare Volume
  112. Exploring Some of the Other IPX Tools
  113. Printing to a NetWare Print Queue
  114. NetWare Server Emulation
  115. 16. Managing Taylor UUCP
  116. UUCP Configuration Files
  117. Controlling Access to UUCP Features
  118. Setting Up Your System for Dialing In
  119. UUCP Low-Level Protocols
  120. Troubleshooting
  121. Log Files and Debugging
  122. 17. Electronic Mail
  123. How Is Mail Delivered?
  124. Email Addresses
  125. How Does Mail Routing Work?
  126. Configuring elm
  127. 18. Sendmail
  128. Installing sendmail
  129. Overview of Configuration Files
  130. The sendmail.cf and sendmail.mc Files
  131. Generating the sendmail.cf File
  132. Interpreting and Writing Rewrite Rules
  133. Configuring sendmail Options
  134. Some Useful sendmail Configurations
  135. Testing Your Configuration
  136. Running sendmail
  137. Tips and Tricks
  138. 19. Getting Exim Up and Running
  139. If Your Mail Doesn’t Get Through
  140. Compiling Exim
  141. Mail Delivery Modes
  142. Miscellaneous config Options
  143. Message Routing and Delivery
  144. Protecting Against Mail Spam
  145. UUCP Setup
  146. 20. Netnews
  147. What Is Usenet, Anyway?
  148. How Does Usenet Handle News?
  149. 21. C News
  150. Installation
  151. The sys File
  152. The active File
  153. Article Batching
  154. Expiring News
  155. Miscellaneous Files
  156. Control Messages
  157. C News in an NFS Environment
  158. Maintenance Tools and Tasks
  159. 22. NNTP and the nntpd Daemon
  160. Installing the NNTP Server
  161. Restricting NNTP Access
  162. NNTP Authorization
  163. nntpd Interaction with C News
  164. 23. Internet News
  165. Newsreaders and INN
  166. Installing INN
  167. Configuring INN: the Basic Setup
  168. INN Configuration Files
  169. Running INN
  170. Managing INN: The ctlinnd Command
  171. 24. Newsreader Configuration
  172. trn Configuration
  173. nn Configuration
  174. A. Example Network: The Virtual Brewery
  175. B. Useful Cable Configurations
  176. A Serial NULL Modem Cable
  177. C. Linux Network Administrator’s Guide, Second Edition Copyright Information
  178. 1. Applicability and Definitions
  179. 2. Verbatim Copying
  180. 3. Copying in Quantity
  181. 4. Modifications
  182. 5. Combining Documents
  183. 6. Collections of Documents
  184. 7. Aggregation with Independent Works
  185. 8. Translation
  186. 9. Termination
  187. 10. Future Revisions of this License
  188. D. SAGE: The System Administrators Guild
  189. Index
  190. Colophon

The sendmail.cf and sendmail.mc Files

The m4 macro processor program generates the sendmail.df file when it processes the macro configuration file provided by the local system administrator. Throughout the remainder of this chapter we will refer to this configuration file as the sendmail.mc file.

The configuration process is basically a matter of creating a suitable sendmail.mc file that includes macros that describe your desired configuration. The macros are expressions that the m4 macro processor understands and expands into the complex sendmail.cf syntax. The macro expressions are made up of the macro name (the text in capital letters at the start), which can be likened to a function in a programming language, and some parameters (the text within brackets) that are used in the expansion. The parameters may be passed literally into the sendmail.cf output or may be used to govern the way the macro processing occurs.

A sendmail.mc file for a minimal configuration (UUCP or SMTP with all nonlocal mail being relayed to a directly connected smart host) can be as short as 10 or 15 lines, excluding comments.

Two Example sendmail.mc Files

If you’re an administator of a number of different mail hosts, you might not want to name your configuration file sendmail.mc. Instead, it is common practice to name it after the host—vstout.m4 in our case. The name doesn’t really matter as long as the output is called sendmail.cf. Providing a unique name for the configuration file for each host allows you to keep all configuration files in the same directory and is just an administrative convenience. Let’s look at two example macro configuration files so we know where we are heading.

Most sendmail configurations today use SMTP only. It is very simple to configure sendmail for SMTP. Example 18.1 expects a DNS name server to be available to resolve hosts and will attempt to accept and deliver all mail for hosts using just SMTP.

Example 18-1. Sample Configuration File vstout.smtp.m4

divert(-1)
#
# Sample configuration file for vstout - smtp only
#
divert(0)
VERSIONID(`@(#)sendmail.mc	8.7 (Linux) 3/5/96')
OSTYPE(`linux')
#
# Include support for the local and smtp mail transport protocols.
MAILER(`local')
MAILER(`smtp')
#
FEATURE(rbl)
FEATURE(access_db)
# end

A sendmail.mc file for vstout at the Virtual Brewery is shown in Example 18.2. vstout uses SMTP to talk to all hosts on the Brewery’s LAN, and you’ll see the commonality with the generic SMTP-only configuration just presented. In addition, the vstout configuration sends all mail for other destinations to moria, its Internet relay host, via UUCP.

Example 18-2. Sample Configuration File vstout.uucpsmtp.m4

divert(-1)
#
# Sample configuration file for vstout
#
divert(0)
VERSIONID(`@(#)sendmail.mc	8.7 (Linux) 3/5/96')
OSTYPE(`linux')
dnl
# moria is our smart host, using the "uucp-new" transport.
define(`SMART_HOST', `uucp-new:moria')
dnl
# Support the local, smtp and uucp mail transport protocols.
MAILER(`local')
MAILER(`smtp')
MAILER(`uucp')
LOCAL_NET_CONFIG
# This rule ensures that all local mail is delivered using the
# smtp transport, everything else will go via the smart host.
R$* < @ $* .$m. > $*	$#smtp $@ $2.$m. $: $1 < @ $2.$m. > $3
dnl
#
FEATURE(rbl)
FEATURE(access_db)
# end

If you compare and contrast the two configurations, you might be able to work out what each of the configuration parameters does. We’ll explain them all in detail.

Typically Used sendmail.mc Parameters

A few of the items in the sendmail.mc file are required all the time; others can be ignored if you can get away with defaults. The general sequence of the definitions in the sendmail.mc is as follows:

  1. VERSIONID

  2. OSTYPE

  3. DOMAIN

  4. FEATURE

  5. Local macro definitions

  6. MAILER

  7. LOCAL_* rulesets

We’ll talk about each of these in turn in the following sections and refer to our examples in Example 18.1 and Example 18.2, when appropriate, to explain them.

Comments

Lines in the sendmail.mc file that begin with the # character are not parsed by m4, and will by default be output directly into the sendmail.cf file. This is useful if you want to comment on what your configuration is doing in both the input and output files.

To allow comments in your sendmail.mc that are not placed into the sendmail.cf, you can use the m4 divert and dnl tokens. divert(-1) will cause all output to cease. divert(0) will cause output to be restored to the default. Any output generated by lines between these will be discarded. In our example, we’ve used this mechanism to provide a comment that appears only in the sendmail.mc file. To achieve the same result for a single line, you can use the dnl token that means, literally, “starting at the beginning of the next line, delete all characters up to and including the next newline.” We’ve used this in our example, too.

These are standard m4 features, and you can obtain more information on them from its manual page.

VERSIONID and OSTYPE

VERSIONID(`@(#)sendmail.mc  8.9 (Linux) 01/10/98')

The VERSIONID macro is optional, but is useful to record the version of the sendmail configuration in the sendmail.cf file. So you’ll often encounter it, and we recommend it. In any case, be sure to include:

OSTYPE(`linux')

This is probably the most important definition. The OSTYPE macro causes a file of definitions to be included that are good defaults for your operating system. Most of the definitions in an OSTYPE macro file set the pathnames of various configuration files, mailer program paths and arguments, and the location of directories sendmail uses to store messages. The standard sendmail source code release includes such a file for Linux, which would be included by the previous example. Some Linux distributions, notably the Debian distribution, include their own definition file that is completely Linux-FHS compliant. When your distribution does this, you should probably use its definition instead of the Linux default one.

The OSTYPE definition should be one of the first definitions to appear in your sendmail.mc file, as many other definitions depend upon it.

DOMAIN

The DOMAIN macro is useful when you wish to configure a large number of machines on the same network in a standard way. It you’re configuring a small number of hosts, it probably isn’t worth bothering with. You typically configure items, such as the name of mail relay hosts or hubs that all hosts on your network will use.

The standard installation contains a directory of m4 macro templates used to drive the configuration process. This directory is usually named /usr/share/sendmail.cf or something similar. Here you will find a subdirectory called domain that contains domain-specific configuration templates. To make use of the DOMAIN macro, you must create your own macro file containing the standard definitions you require for your site, and write it into the domain subdirectory. You’d normally include only the macro definitions that were unique to your domain here, such as smart host definitions or relay hosts, but you are not limited to these.

The sendmail source distribution comes with a number of sample domain macro files that you can use to model your own.

If you saved your domain macro file as /usr/share/sendmail.cf/domain/vbrew.m4, you’d include definitions in your sendmail.mc using: 

DOMAIN(`vbrew')

FEATURE

The FEATURE macro enables you to include predefined sendmail features in your configuration. These sendmail features make the supported configurations very simple to use. There are a large number, and throughout this chapter we’ll talk about only a few of the more useful and important ones. You can find full details of the features available in the CF file included in the source package.

To use any of the features listed, you should include a line in your sendmail.mc that looks like: 

FEATURE(name)

where name is substituted with the feature name. Some features take one optional parameter. If you wish to use something other than the default, you should use an entry that looks like: 

FEATURE(name, param)

where param is the parameter to supply.

Local macro definitions

The standard sendmail macro configuration files provide lots of hooks and variables with which you can customize your configuration. These are called local macro definitions. Many of them are listed in the CF file in the sendmail source package.

The local macro definitions are usually invoked by supplying the name of the macro with an argument representing the value you wish to assign to the variable the macro manages. Again, we’ll explore some of the more common local macro definitions in the examples we present later in the chapter.

Defining mail transport protocols

If you want sendmail to transport mail in any way other than by local delivery, you must tell it which transports to use. The MAILER macro makes this very easy. The current version of sendmail supports a variety of mail transport protocols; some of these are experimental, others are probably rarely used.

In our network we need the SMTP transport to send and receive mail among the hosts on our local area network, and the UUCP transport to send and receive mail from our smart host. To achieve this, we simply include both the smtp and uucp mail transports. The local mail transport is included by default, but may be defined for clarity, if you wish. If you are including both the smtp and the uucp mailers in your configuration, you must always be sure to define the smtp mailer first.

The more commonly used transports available to you using the MAILER macro are described in the following list:

local

This transport includes both the local delivery agent used to send mail into the mailbox of users on this machine and the prog mailer used to send messages to local programs. This transport is included by default.

smtp

This transport implements the Simple Mail Transport Protocol (SMTP), which is the most common means of transporting mail on the Internet. When you include this transport, four mailers are configured: smtp (basic SMTP), esmtp (Extended SMTP), smtp8 (8bit binary clean SMTP), and relay (specifically designed for gatewaying messages between hosts).

uucp

The uucp transport provides support for two mailers: uucp-old, which is the traditional UUCP, and uucp-new, which allows multiple recipients to be handled in one transfer.

usenet

This mailer allows you to send mail messages directly into Usenet style news networks. Any local message directed to an address of news.group.usenet will be fed into the news network for the news.group newsgroup.

fax

If you have the HylaFAX software installed, this mailer will allow you to direct email to it so that you may build an email-fax gateway. This feature is experimental at the time of writing and more information may be obtained from http://www.vix.com/hylafax/.

There are others, such as the pop, procmail, mail11, phquery, and cyrus that are useful, but less common. If your curiosity is piqued, you can read about these in the sendmail book or the documentation supplied in the source package.

Configure mail routing for local hosts

The Virtual Brewery’s configuration is probably more complex than most sites require. Most sites today would use the SMTP transport only and do not have to deal with UUCP at all. In our configuration we’ve configured a “smart host” that is used to handle all outgoing mail. Since we are using the SMTP transport on our local network we must tell sendmail that it is not to send local mail via the smart host. The LOCAL_NET_CONFIG macro allows you to insert sendmail rules directly into the output sendmail.cf to modify the way that local mail is handled. We’ll talk more about rewrite rules later on, but for the moment you should accept that the rule we’ve supplied in our example specifies that any mail destined for hosts in the vbrew.com domain should be delivered directly to the target hosts using the SMTP mail transport.