Difference between revisions of "Dummy Interface"
From NST Wiki
Jump to navigationJump to search (→Installing The Linux Dummy-Network Interface) |
(→Removing The Linux Dummy-Network Interface) |
||
| (20 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| + | __TOC__ | ||
== Installing The Linux Dummy-Network Interface == | == Installing The Linux Dummy-Network Interface == | ||
| − | + | If your '''[http://www.networksecuritytoolkit.org NST]''' system does not have an active NIC adapter installed or is off-line from the network, you can install a '''Dummy Network Interface Module''' to simulate a network computing environment. This can be quite useful for testing out various networking tools (e.g., '''[http://www.wireshark.org Wireshark]''' and '''[http://www.snort.org Snort]''') with the '''[http://www.networksecuritytoolkit.org Network Security Toolkit]''' when off-line. Use the following procedure to install the '''Linux Dummy-Network Interface''': | |
| − | If your | ||
| Line 8: | Line 8: | ||
For example, an Internet address of 10.0.0.1 would result in: | For example, an Internet address of 10.0.0.1 would result in: | ||
| − | + | echo 10.0.0.1 ${HOSTNAME} >> /etc/hosts; | |
| − | + | 2. Preload the dummy network driver on the machine. | |
If this command is successful, you do not receive any messages from the server. | If this command is successful, you do not receive any messages from the server. | ||
| − | + | modprobe dummy; | |
| + | |||
| + | 3. Create the interface(s) (Example: Network Interface: dummy1): | ||
| + | |||
| + | ip link add dummy1 type dummy; | ||
| + | |||
| + | 4. Bind an IPv4 Address to Network Interface dummy1: | ||
| − | + | ip addr add 10.0.0.1/24 dev dummy1; | |
| − | + | --Or -- | |
| − | |||
| − | |||
| − | + | ip addr add ${HOSTNAME}/24 dev dummy1; | |
| − | + | 5. Bring the dummy1 Network Interface up: | |
| − | |||
| − | |||
| − | + | ip link set dummy1 up; | |
| − | |||
| − | + | 6. If you need to add more than one (1) dummy interface use the following: | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | + | ip link add dummy2 type dummy; | |
| − | + | ip link add dummy3 type dummy; | |
| + | ip addr add 10.0.0.2/24 dev dummy2; | ||
| + | ip addr add 10.0.0.3/24 dev dummy3; | ||
| + | ip link set dummy2 up; | ||
| + | ip link set dummy3 up; | ||
| − | + | 7. Check the network bindings with the linux '''[https://en.wikipedia.org/wiki/Iproute2 ip]''' command: | |
| − | + | ||
| − | + | [root@nst28-dev ~]# ip a | |
| − | + | 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 | |
| − | + | link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 | |
| − | + | inet 127.0.0.1/8 scope host lo | |
| − | + | valid_lft forever preferred_lft forever | |
| − | + | inet6 ::1/128 scope host | |
| + | valid_lft forever preferred_lft forever | ||
| + | 2: dummy1: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000 | ||
| + | link/ether 36:f5:1b:3a:12:41 brd ff:ff:ff:ff:ff:ff | ||
| + | inet 10.0.0.1/24 scope global dummy1 | ||
| + | valid_lft forever preferred_lft forever | ||
| + | inet6 fe80::34f5:1bff:fe3a:1241/64 scope link | ||
| + | valid_lft forever preferred_lft forever | ||
| + | 3: dummy2: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000 | ||
| + | link/ether 6a:5c:3f:56:dc:2d brd ff:ff:ff:ff:ff:ff | ||
| + | inet 10.0.0.2/24 scope global dummy2 | ||
| + | valid_lft forever preferred_lft forever | ||
| + | inet6 fe80::685c:3fff:fe56:dc2d/64 scope link | ||
| + | valid_lft forever preferred_lft forever | ||
| + | 4: dummy3: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000 | ||
| + | link/ether 86:d5:9f:08:f1:32 brd ff:ff:ff:ff:ff:ff | ||
| + | inet 10.0.0.3/24 scope global dummy3 | ||
| + | valid_lft forever preferred_lft forever | ||
| + | inet6 fe80::84d5:9fff:fe08:f132/64 scope link | ||
| + | valid_lft forever preferred_lft forever | ||
| + | |||
| + | == Removing The Linux Dummy-Network Interface == | ||
| + | |||
| + | 1. Unbind the dummy established Network Interface(s): | ||
| + | |||
| + | ifconfig dummy1 down; | ||
| + | ifconfig dummy2 down; | ||
| + | ifconfig dummy3 down; | ||
| + | |||
| + | 2) Remove the dummy kernel module. | ||
| + | |||
| + | rmmod dummy; | ||
== References == | == References == | ||
Reference Info 1: '''[http://www.faqs.org/docs/linux_network/x-087-2-iface.interface.html Linux Network Administrators Guide]''' | Reference Info 1: '''[http://www.faqs.org/docs/linux_network/x-087-2-iface.interface.html Linux Network Administrators Guide]''' | ||
| + | |||
| + | Reference Info 2: '''[https://en.wikipedia.org/wiki/Iproute2 iproute2]''' | ||
Latest revision as of 08:09, 28 May 2018
Contents
Installing The Linux Dummy-Network Interface
If your NST system does not have an active NIC adapter installed or is off-line from the network, you can install a Dummy Network Interface Module to simulate a network computing environment. This can be quite useful for testing out various networking tools (e.g., Wireshark and Snort) with the Network Security Toolkit when off-line. Use the following procedure to install the Linux Dummy-Network Interface:
1. Add an IP address and host name to your "/etc/hosts" table.
For example, an Internet address of 10.0.0.1 would result in:
echo 10.0.0.1 ${HOSTNAME} >> /etc/hosts;
2. Preload the dummy network driver on the machine.
If this command is successful, you do not receive any messages from the server.
modprobe dummy;
3. Create the interface(s) (Example: Network Interface: dummy1):
ip link add dummy1 type dummy;
4. Bind an IPv4 Address to Network Interface dummy1:
ip addr add 10.0.0.1/24 dev dummy1;
--Or --
ip addr add ${HOSTNAME}/24 dev dummy1;
5. Bring the dummy1 Network Interface up:
ip link set dummy1 up;
6. If you need to add more than one (1) dummy interface use the following:
ip link add dummy2 type dummy; ip link add dummy3 type dummy; ip addr add 10.0.0.2/24 dev dummy2; ip addr add 10.0.0.3/24 dev dummy3; ip link set dummy2 up; ip link set dummy3 up;
7. Check the network bindings with the linux ip command:
[root@nst28-dev ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: dummy1: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether 36:f5:1b:3a:12:41 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.1/24 scope global dummy1
valid_lft forever preferred_lft forever
inet6 fe80::34f5:1bff:fe3a:1241/64 scope link
valid_lft forever preferred_lft forever
3: dummy2: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether 6a:5c:3f:56:dc:2d brd ff:ff:ff:ff:ff:ff
inet 10.0.0.2/24 scope global dummy2
valid_lft forever preferred_lft forever
inet6 fe80::685c:3fff:fe56:dc2d/64 scope link
valid_lft forever preferred_lft forever
4: dummy3: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether 86:d5:9f:08:f1:32 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.3/24 scope global dummy3
valid_lft forever preferred_lft forever
inet6 fe80::84d5:9fff:fe08:f132/64 scope link
valid_lft forever preferred_lft forever
Removing The Linux Dummy-Network Interface
1. Unbind the dummy established Network Interface(s):
ifconfig dummy1 down; ifconfig dummy2 down; ifconfig dummy3 down;
2) Remove the dummy kernel module.
rmmod dummy;
References
Reference Info 1: Linux Network Administrators Guide
Reference Info 2: iproute2
