Backuppc windows7/XP/OS x client install config



  • Client Setup (Windows 7/Vista/XP)
    These instructions are written for Windows 7, Vista, and XP clients.
    For the SSH portion we will be using CopSSH which is a customized packaged version of the Cygwin openssh code.
    Rsyncd will be used as the communication for BackupPC to do it’s magic. We could install Cygwin and customize the installation which contains the code but I have found that these two separate products work well and take less configuration and time to complete.

    First create a backuppc user account and add it to the Administrators and Backup Operators groups. Set it so the password never expires. Make sure every Windows user has a password set.
    SSH Client/Server (Windows 7/Vista/XP)
    For
    CopSSH (http://www.itefix.no/i2/copssh) downloads at(http://sourceforge.net/projects/sereds/files/)
    Download Copssh_3.1.3_Installer.zip.

    Extract CopSSH and install the file accepting all the defaults. The installer will create a service account and generate a random password. Once installed you need to activate a user. Click Start > All Programs > Copssh > 1. Activate a User. From the drop down box for username select your user id and click Next. Type a passphrase and click Activate.
    Now you need to open port 22 on the firewall.
    Open Control Panel > System Security > Windows Firewall > Advanced Settings. Under Windows firewall and advanced settings click Inbound Rules. On the Right Pane click New Rule. Select Port, click next, in Specific local ports type 22, click next, click Next to allow the connection, click next to allow it through public, private and domain. Give it a name and save it. Try to connect from your server to the system.
    For you command line junkies type:

    c:windowssystem32> netsh firewall set portopening protocol = TCP port = 22 name = openssh mode = enable scope = CUSTOM addresses = LocalSubnet
    

    Rsyncd
    Download rsyncd from [http://sourceforge.net/projects/backuppc/files/cygwin-rsyncd/(cygwin-rsyncd-2.6.8_0.zip.][2]
    Make a folder named ‘rsyncd’ in C: and unzip the content into c:rsyncd.
    Edit Configuration files
    Edit c:rsyncdrsyncd.secrets and change UUU:PPP to : and save the file.
    Example:

    backuppc:pa$$w0rd
    

    Edit c:rsyncdrsyncd.conf file and add the details for the information you want to backup. For this example just want to backup the documents folder for the user. So adding the following lines will take care of it.

    [documents] path = c:/users/backuppc/Documents comment = documents auth users = backuppc secrets file = c:/rsyncd/rsyncd.secrets hosts allow = 192.168.1.0/24 strict modes = false read only = true list = false
    

    You can back up the whole drive and will probably want to add exceptions for directories like TEMP and others. You can do this by creating a separate text file on the server with them listed.
    Save the file changes when you are done adding.
    Service / Firewall Setup
    From a command prompt type cd c:rsyncd press Enter
    Run this command to register it as a service.

    cygrunsrv.exe -I rsyncd -e CYGWIN=nontsec -p c:/rsyncd/rsync.exe -a "--config=c:/rsyncd/rsyncd.conf --daemon –no-detach"
    

    or edit c:rsyncdservice.bat and remove the rem comments from the last 3 lines and run the command.
    Automatic Wakeup/Standby
    You may want to configure the clients to automatically wake up when BackupPC connects to them so they don’t need to always be on. First, configure Wake on LAN in the BIOS and configure the network interface. Under the Power Management tab set AC Recover -> Last, Suspend Mode -> S3, and Remote Wake Up -> On.
    Client Setup (Linux)
    SSH and rsync are standard fare on Linux. Setting them up and configuring are simple to do.
    Rsync is included and just needs to be configured to run as a daemon. Edit or create the /etc/rsyncd.conf configuration file. The format is the same as the Windows systems with the exception of the drive letters. Change the values to suit your needs.
    motd file = /etc/rsyncd.motd
    log file = /var/log/rsyncd.log
    pid file = /var/run/rsyncd.pid
    lock file = /var/run/rsync.lock

    [Users] path = /home comment = User files auth users = backuppc secrets file = /etc/rsyncd.secrets hosts allow = 192.168.1.0/24 strict modes = false read only = true list = false
    

    Edit /etc/rsyncd.secrets and change or add UUU:PPP to : and save the file. If the user id you want to use doesn’t exist then you will need to create it.
    Example:
    backuppc:pa$$w0rd
    Change the permissions on rsyncd.secrets and rsync.conf to non-world readable.

    $ chmod 640 /etc/rsyncd.secrets $ chmod 640 /etc/rsyncd.conf
    

    Restart rsync on the system.

    $ sudo /etc/init.d/rsync restart
    

    /////////////////////////
    Client Setup (MAC)
    Enabling SSH (Remote Access)
    Enabling SSH on the MAC is easy due to the kernel being built on BSD. With that in mind, to enable SSH on the system 10.4 and higher.
    1. Open System Preferences and click Sharing.
    2. Click Services and select the Remote Login checkbox.
    Note: Selecting Remote Login also also enables the secure FTP (sftp) service.
    Rsync
    Rsync is included and just needs to be configured to run as a daemon. Edit or create the /etc/rsyncd.conf configuration file. The format is the same as the Windows systems with the exception of the drive letters. Change the values to suit your needs.

    [Users] path = /Users comment = User files auth users = backuppc secrets file = /etc/rsyncd.secrets hosts allow = 192.168.1.0/24 strict modes = false read only = true list = false
    

    Edit /etc/rsyncd.secrets and change or add UUU:PPP to : and save the file.

    Example: backuppc:pa$$w0rd
    

    Change the permissions on rsyncd.secrets and rsync.conf to non-world readable.

    $ chmod 640 /etc/rsyncd.secrets $ chmod 640 /etc/rsyncd.conf
    

    Now start rsync in daemon mode. This is done by creating rsync.plist and copying it to /Library/Startupitems/.
    Rsyncd.plist

    After rebooting the system rsync will be running in daemon mode waiting for a connection from BackupPC.
    Server Setup (Ubuntu Linux)
    BackupPC is available via the Synaptic Package Manager in Ubuntu for extremely easy installation.
    Install software
    Install BackupPC and sshd so you can connect remotely.

    $ sudo apt-get install backuppc $ sudo apt-get install openssh-server
    

    Set a password for the backuppc web user.

    $ htpasswd /etc/backuppc/htpasswd backuppc
    

    Passwordless SSH
    We need to setup SSH for the backuppc user. Follow the default suggestions for ssh-keygen and don’t use a passphrase. You could try to use ssh-agent or Seahorse to store the passphrases for encrypted keys, but it is difficult to ensure they are unlocked whenever the backuppc user needs them.

    $ sudo -i $ su backuppc $ bash $ ssh-keygen -t rsa
    

    Setup passwordless SSH for each of the clients so the backuppc user can connect without prompts. First copy the backuppc user’s public key to the authorized_users file on each client.

    ssh-copy-id username@client
    

    or, if you don’t have ssh-copy-id, use the following where highport is the SSH port you set for the client if you secured SSH. Otherwise you can omit -P highport.

    $ scp -P highport /var/lib/backuppc/.ssh/id_rsa.pub username@client:~/.ssh/backuppc_id_rsa.pub $ ssh username@client $ cat ~/.ssh/backuppc_id_rsa.pub >> ~/.ssh/authorized_keys $ rm ~/.ssh/backuppc_id_rsa.pub
    

    Global BackupPC Settings
    Most of the global settings are easily configured via the web interface, at [http://localhost/backuppc][3] but you can also edit /etc/backuppc/config.pl directly.
    Hosts
    Define each host you want to back up. It is easiest to automate email notifications if you use the user’s email address as their username.

    Xfer
    ClientCharset ->; cp1252
    Only choose if your primary clients run Windows â€" use the default UTF8 for other clients. If you don’t set this as default, you’ll have to configure it for each Windows client.
    XferMethod ->; rsyncd

    Regular rsync over SSH doesn’t work between Linux and Windows/Cygwin boxes because of a bug fixed in rsync 3.0. However, BackkupPC doesn’t use the features of 3.0 and the problem remains. Using rsyncd over a pre-established SSH tunnel or VPN is the best way around this.
    RsyncdUserName ->; backuppc
    Or whatever you call it.
    RsyncShareName ->; cyg
    Or whatever you call it.
    RsyncdUserName ->; backuppc
    RsyncdPasswd ->; password you used in the client rsync.secrets files.

    Same as is hardcoded in rsyncd.conf on the clients.
    BackupFilesExclude
    BackupFilesExclude is easier to modify in /etc/backuppc/config.pl directly. Pick the exclude list for the primary operating system of your clients. Unfortunately, you will have to hard code the exclude list for your other clients. For example, if Windows 7 or Vista is the primary OS and XP is the only other one, use the 7/Vista excludes below in config.pl and the XP excludes in each clients clientname.pl file. You can check out the wiki page I wrote most of to get ideas for excludes for Windows 2000 or Linux.

    You may also want to exclude some of the Cygwin directories like /bin, /tmp and /packages (where I told Cygwin to put the package directory during setup). Just make sure to backup /etc so you don’t lose your configuration!
    7/Vista

    I ran into a lot of problems on my Windows 7 and Vista machines where rsync would follow the junction points microsoft added for backward compatibility (see this site for more info). This caused extra-long filenames rsync couldn’t handle. To find all junction points on your 7/Vista machine open the Command Prompt and run from the root of the c drive:
    dir /aL /s >; c:usersUSERNAMEJunctionPoints.txt

    The rules below will exclude these junction points. Rules with asterisks in them will match the junction points that are in every user profile by default without having to code excludes for each user manually. We can remove any temp data and program or system installation files as well. On 7/Vista, only original installation data is stored in Program Files. Any data programs write to their installation folder goes to ProgramData automatically instead. The Windows folder shouldn’t hold anything interesting, either.
    Exclude list for Windows 7/Vista clients with the rsyncd share being /cygdrive/c:

    $Conf{BackupFilesExclude} = { #Windows 7/Vista specific! ‘*’ => [ #7/Vista junction points '/Documents and Settings', '/ProgramData/Application Data', '/ProgramData/Desktop', '/ProgramData/Documents', '/ProgramData/Favorites', '/ProgramData/Start Menu', '/ProgramData/Templates', '/Users/All Users', '/Users/Users/Default User', '/Users/Users/All Users/Application Data', '/Users/Users/All Users/Desktop', '/Users/All Users/Documents', '/Users/All Users/Favorites', '/Users/All Users/Start Menu', '/Users/All Users/Templates', #Junction points common to every user profile '/Users/*/Application Data', '/Users/*/Cookies', '/Users/*/Local Settings', '/Users/*/My Documents', '/Users/*/NetHood', '/Users/*/PrintHood', '/Users/*/Recent', '/Users/*/SendTo', '/Users/*/Start Menu', '/Users/*/Templates', '/Users/*/AppData/Local/Application Data', '/Users/*/AppData/Local/History', '/Users/*/AppData/Local/Temporary Internet Files', '/Users/*/Documents/My Music', '/Users/*/Documents/My Pictures', '/Users/*/Documents/My Videos', #Temporary and in-use user data '/Users/*/AppData/Local/Microsoft/Windows/Temporary Internet Files', '/Users/*/AppData/Local/Temp', '/Users/*/NTUSER.DAT*', '/Users/*/ntuser.dat*', '/Users/*/AppData/Local/Microsoft/Windows/UsrClass.dat*', '/Users/*/AppData/Local/Microsoft/Windows Defender/FileTracker', '/Users/*/AppData/Local/Microsoft/Windows/Explorer/thumbcache_*.db', '/Users/*/AppData/Local/Microsoft/Windows/WER', '/Users/*/AppData/Local/Mozilla/Firefox/Profiles/*/Cache', '/Users/*/AppData/Local/Mozilla/Firefox/Profiles/*/OfflineCache', '/Users/*/AppData/Roaming/Microsoft/Windows/Cookies', '/Users/*/AppData/Roaming/Microsoft/Windows/Recent', 'ProgramData/Microsoft/Search', 'ProgramData/Microsoft/Windows Defender', '*.lock', 'Thumbs.db', 'IconCache.db', 'Cache*', 'cache*', #Installation folders and system data '/Program Files', '/Windows', '/$Recycle.Bin', '/MSOCache', '/System Volume Information', '/Boot', '/autoexec.bat', '/bootmgr', '/BOOTSECT.BAK', '/config.sys', '/hiberfil.sys', '/pagefile.sys' ] };
    

    <
    XP
    Exclude list for Windows XP clients with the rsyncd share being /cygdrive/c:

    $Conf{BackupFilesExclude} = { #XP specific! ‘*’ => [ #Temporary and in-use user data '/Documents and Settings/*/Cookies', '/Documents and Settings/*/Local Settings/Temporary Internet Files', '/Documents and Settings/*/Local Settings/Temp', '/Documents and Settings/*/NTUSER.DAT*', '/Documents and Settings/*/ntuser.dat*', '/Documents and Settings/*/Local Settings/Application Data/Microsoft/Windows/UsrClass.dat*', '/Documents and Settings/*/Local Settings/Application Data/Mozilla/Firefox/Profiles/*/Cache', '/Documents and Settings/*/Local Settings/Application Data/Mozilla/Firefox/Profiles/*/OfflineCache', '/Documents and Settings/*/Recent', '*.lock', 'Thumbs.db', 'IconCache.db', 'Cache*', 'cache*', #Installation folders and system data '/WINDOWS', '/RECYCLER', '/MSOCache', '/System Volume Information', '/AUTOEXEC.BAT', '/BOOTSECT.BAK', '/CONFIG.SYS', '/hiberfil.sys', '/pagefile.sys' ] };
    

    Email
    EMailAdminUserName -> youremail@host.com
    CGI
    CgiUserConfigEditEnable -> no
    You probably don’t want users editing their configuration.
    Schedule
    FullKeepCnt -> 4, 2, 3, 0, 0, 4
    Spreads out backups exponentially over almost three years. The schedule is approximately 0wk (current), 1wk, 2wk, 3wk, 5wk, 7wk, 11wk, 15wk, 19wk, 51wk/1yr, 83wk/1.6yr, 115wk/2.2yr, 147wk/2.8yr.
    FullAgeMax -> 1095
    3 years.
    IncrLevels -> 3, 2, 5, 4, 7, 6

    This is based on the Tower of Hanoi puzzle and is a way of balancing your backups so you don’t backup the same data a bunch of times yet retain duplicate backups of the data. See Tower of Hanoi pattern for backup for more info.
    BlackoutPeriods
    BlackoutPeriods:hourEnd -> 1
    Better for night owls
    BlackoutPeriods:weekDays -> 0, 1, 2, 3, 4, 5, 6
    Avoid the same times every day for a home environment.
    Client BackupPC Settings
    Xfer
    RsyncdClientPort -> XXXXX
    Pick a high (10000+) one for each client. They need to be unique to identify tunnels.
    BackupSettings
    ClientNameAlias -> localhost

    If you want to use SSH tunnels, you have to create one beforehand and then try to connect to the rsyncd server on the localhost. This breaks the default ping command, so you have to compensate. The workaround for that requires individual attention, which is why this is changed in client settings instead of global ones.
    PingCmd -> /etc/backuppc/mktnl clienthostname clientsshport localport
    In order to setup the SSH tunnel beforehand, we can create script that BackupPC can run before the backup. I’m placing it in the PingCmd field so it is run when BackupPC pings the host before it starts. It also allows me to return a valid ping even though we set the alias above to localhost.
    Here is the contents of /etc/backuppc/mktnl:

    #!/bin/sh host=$1 sshPort=$2 locPort=$3 remPort=873 username=backuppc /bin/ping -c 1 -w 3 $host /usr/bin/ssh -f -L $locPort:localhost:$remPort $username@$host -p $sshPort sleep 10 1>/dev/null 2>/dev/null && echo “SSH tunnel started successfully.”
    

    The ping command returns its results to BackupPC and the SSH tunnel is started and prints into the log for you. The sleep 10 makes the tunnel wait for 10 seconds after all traffic finishes before closing.
    PingMaxMsec -> 200
    Only set for external (over the Internet) hosts
    Schedule
    BlackoutPeriods
    hourEnd and hourBegin adjusted for user
    Client Testing

    You can test backups for each client by running the following where hostname is the name of the host in the BackupPC global settings.

    /usr/share/backuppc/bin/BackupPC_dump -f -v hostname
    

    Web Access and Email Configuration

    Client Web Access
    You need to set a password for each email address/username you defined previously so users can access their backup pages. Run the following for each host where client email is the email address/username you defined for that host.

    htpasswd /etc/backuppc/htpasswd clientemail
    

    To schedule checks for BackupPC status, use cron (see this site for more info). Run

    crontab -e
    

    and add the following line to get a message every half hour if the BackupPC server goes down:

    */30 * * * * /usr/share/backuppc/bin/BackupPC_sendEmail -c
    

    If you want to send your email using the message submit port (587) instead of smtp (25), see this post. This will allow you to get around the port 25 blocks some ISPs use to reduce spam on their networks.

    Separate Hard Drive for the Pool (Optional)
    You probably want to use a separate hard drive or group of drives for your BackupPC pool for easier maintenance, expansion, and reliability. We are going to use Logical Volume Manager (LVM) to create a resizable pool we can easily add more drives to.

    Setup LVM
    LVM allows us to create expandable logical volumes across many drives. See A Beginner’s Guide To LVM for more detailed setup instructions. Also check out Managing Disk Space with LVM and A simple introduction to working with LVM.

    Set up your drive using fdisk. The command below is for a drive at /dev/sdb

    fdisk -l fdisk /dev/sdb
    

    The choices you want to make are: n, p, 1, ENTER, ENTER, t, 1, L, 8e, w. Then run

    pvcreate /dev/sdb1 pvdisplay vgcreate bpcfs /dev/sdb1 vgdisplay vgscan lvcreate –name bpclv –extents 100%FREE bpcvg lvdisplay lvscan mkfs.ext3 /deb/bpcvg/bpclv
    

    If you get a ‘no entry for device-mapper found’ error, run

    modprobe dm-mod
    

    Change the Archive Directory
    If your new partition is /dev/bpcvg/bpclv, execute the following commands as root

    mount /dev/bpcvg/bpclv /mnt cp -dpR /var/lib/backuppc/. /mnt umount /dev/md0 mv /var/lib/backuppc /var/lib/backuppc.orig mkdir /var/lib/backuppc mount /dev/bpcvg/bpclv /var/lib/backuppc df -h
    

    This makes a backup of your data then copies it to the new drive. Once you’re sure that worked, you need to make it mount on startup.
    Edit /etc/fstab and add the following line:

    /dev/bpcvg/bpclv /var/lib/backuppc ext3 rw,noatime 0 0
    

    Then restart test and run

    df -h
    

    [url=http://limeit.us/page/index.html/_/articles/backuppc-windows7xpos-x-client-install-config-r38]Click here to view the article[/url]

    [2]: http://sourceforge.net/projects/backuppc/files/cygwin-rsyncd/(cygwin-rsyncd-2.6.8_0.zip. [3]: http://localhost/backuppc


Log in to reply
 



Tmux Commands

screen and tmux

A comparison of the features (or more-so just a table of notes for accessing some of those features) for GNU screen and BSD-licensed tmux.

The formatting here is simple enough to understand (I would hope). ^ means ctrl+, so ^x is ctrl+x. M- means meta (generally left-alt or escape)+, so M-x is left-alt+x

It should be noted that this is no where near a full feature-set of either group. This - being a cheat-sheet - is just to point out the most very basic features to get you on the road.

Trust the developers and manpage writers more than me. This document is originally from 2009 when tmux was still new - since then both of these programs have had many updates and features added (not all of which have been dutifully noted here).

Action tmux screen
start a new session tmux OR
tmux new OR
tmux new-session
screen
re-attach a detached session tmux attach OR
tmux attach-session
screen-r
re-attach an attached session (detaching it from elsewhere) tmux attach -d OR
tmux attach-session -d
screen -dr
re-attach an attached session (keeping it attached elsewhere) tmux attach OR
tmux attach-session
screen -x
detach from currently attached session ^b d OR
^b :detach
^a ^d OR
^a :detach
rename-window to newname ^b , <newname> OR
^b :rename-window <newn>
^a A <newname>
list windows ^b w ^a w
list windows in chooseable menu ^a "
go to window # ^b # ^a #
go to last-active window ^b l ^a ^a
go to next window ^b n ^a n
go to previous window ^b p ^a p
see keybindings ^b ? ^a ?
list sessions ^b s OR
tmux ls OR
tmux list-sessions
screen -ls
toggle visual bell ^a ^g
create another window ^b c ^a c
exit current shell/window ^d ^d
split window/pane horizontally ^b " ^a S
split window/pane vertically ^b % ^a |
switch to other pane ^b o ^a <tab>
kill the current pane ^b x OR (logout/^D)
collapse the current pane/split (but leave processes running) ^a X
cycle location of panes ^b ^o
swap current pane with previous ^b {
swap current pane with next ^b }
show time ^b t
show numeric values of panes ^b q
toggle zoom-state of current pane (maximize/return current pane) ^b z
break the current pane out of its window (to form new window) ^b !
re-arrange current panels within same window (different layouts) ^b [space]
Kill the current window (and all panes within) ^b killw [target-window]
  • IP Multicast address ranges

    All multicast addresses can easily be recognized because they start with the bit pattern “1110”.

    224.0.0.0 - 224.0.0.255 Well-known multicast addresses, control channels

    224.0.1.0 - 238.255.255.255 Globally-scoped (Internet-wide) multicast addresses

    239.0.0.0 - 239.255.255.255 Local multicast addresses

    Special and private address ranges

    Private address ranges are not routed on the Internet and can be freely allocated in any private network. NAT (network address translation) is required when connecting such a network to the Internet.

    Private network addresses (RFC1597/RFC1918 addresses):

    10.0.0.0 - 10.255.255.255 A 24-bit block, /8, class A network

    172.16.0.0 - 172.31.255.255 A 20-bit block, /12, set of 16 contiguous class B network numbers

    192.168.0.0 - 192.168.255.255 A 16-bit block, /16, set of 255 contiguous class C network numbers

    Special addresses:

    127.0.0.0 - 127.255.255.255 Special address range for the localhost. You can normally not use those addresses for anything else. 127.0.0.1 is generally assigned to the loopback device

    0.0.0.0 _Special host address commonly reserved for the default route _

    Overview of common subnets and masks Mask Hosts Usable Netmask Hex Mask /30 4 2 255.255.255.252 fffffffc this is 1/64 of a Class C net /29 8 6 255.255.255.248 fffffff8 this is 1/32 of a Class C net /28 16 14 255.255.255.240 fffffff0 this is 1/16 of a Class C net /27 32 30 255.255.255.224 ffffffe0 this is 1/8 of a Class C net /26 64 62 255.255.255.192 ffffffc0 this is 1/4 of a Class C net /24 256 254 255.255.255.0 ffffff00 this is a Class C net /23 512 510 255.255.254.0 fffffe00 these are 2 Class C net /22 1024 1022 255.255.252.0 fffffc00 these are 4 Class C net /21 2048 2046 255.255.248.0 fffff800 these are 8 Class C net /20 4096 4094 255.255.240.0 fffff000 these are 16 Class C net /19 8192 8190 255.255.224.0 ffffe000 these are 32 Class C net /18 16384 16382 255.255.192.0 ffffc000 these are 64 Class C net /17 32768 32766 255.255.128.0 ffff8000 these are 128 Class C net /16 65536 65534 255.255.0.0 ffff0000 these are 256 Class C net = Class B net

    read more
  • Subnetting

    Subnetting is used to split one network into several smaller networks.

    To reproduce the network ID of an existing network id, where the host ID sacrificed in part for use in making additional ID

    Remember the formula to find a lot of subnets is 2 n - 2
    N = number of bits that are shrouded in

    And the formula to find the number of hosts per subnet is 2 m - 2
    M = number of bits that have not been shrouded in

    Examples of cases with the settlement:

    Ip address 130.200.0.0 with a subnet mask of 255.255.224.0 identified as class B.

    Subnet mask: 11111111.11111111.11100000.00000000
    3 bits of the octet to 3 have been used, residu 5 bits that have not been shrouded in so many groups of subnets that can be used is a multiple of 2 5 =32 (256-224 = 32)
    32 64 96 128 160 192 224

    So the IP group which can be used :

    130.200.0.0 - 130.200.31.254  loopback subnet
    130.200.32.1 - 130.200.63.254
    130.200.64.1 - 130.200.95.254
    130.200.96.1 - 130 200 127 254
    130.200.128.1 - 130 200 159 254
    130.200.160.1 - 130 200 191 254
    130.200.192.1 - 130 200 223 254

    NETMASK / SubnetMask

    For the grouping of addressing, in addition to the IP number or netmask is also known subnetmask. Equal to the IP number is 32 bits. There are three major groupings with a subnet mask is known, ie 255.0.0.0, 255.255.0.0 and255.0.0.0.
    In the networking world, subnetmask were grouped called the class knownthree classes namely:
    1. Class A, is all the IP numbers that have subnetmask 255.0.0.0
    2. Class B, are all numbers that have the IP 255.255.0.0 Subnet mask
    3. Class C, is all the IP numbers that have a 255.255.255.0 Subnet mask

    The combination of IP and Netmask is addressing computer use. Both of these can not escape. So the writing is usually as follows:

    IP: 202.95.151.129
    Netmask: 255.255.255.0

    An IP number with the IP number of our neighbors is considered one group (a network) when the IP and Netmask we converted to binary and “AND” , as well as neighbors and Netmask IP number is converted to binary and “AND”, if both results were the same then a single network. And we can relate directly.

    GATEWAY / ROUTER

    Gateways are computers that have at least 2 pieces of network interface for connecting 2 pieces of tissue or more. On the Internet addresses can be reached via a gateway-gateway which provide a path / route in the direction which must be passed so that the data packet to its destination. Most gateways running a routing daemon (a program that dynamically updating routing tables).Because it is also usually serves as a gateway router. Gateway / router can be shaped like a router box is in production Cisco, 3COM, etc. or it could be a computer running Network Operating System plus the routing daemon. Suppose the PC installed and running FreeBSD Unix program Routed or Gated. But in NATD usage, routing daemons do not need to run, so just installed the gateway only.

    Because the gateway / router set up the traffic data packets between networks, then it can be fitted with a mechanism or a security restriction (filtering) the data packets. This mechanism is called a Firewall.

    In fact firewall is a program that runs on the gateway / router that is in charge of checking every data packet that passes then compare it with the rule is applied and finally decide whether the packet should be forwarded or rejected. The purpose is essentially as a security that protects internal networks from external threats. But in this paper Firewalls are used as the basis for running the Network Address Translation (NAT).

    In FreeBSD, the program is run as a firewall is ipfw. Before you can run the ipfw, GENERIC kernel should be modified in order to support the functions of a firewall. Ipfw set of traffic data packets based on IP of origin, destination IP, port number and protocol type. To run NAT, IP DIVERT option must be enabled in the kernel.

    Divert (kernel packet diversion mechanism)

    Divert socket is the same with ordinary IP sockets, except that the divert socket can bind to specific divert port via the bind system call. IP address in the bind is not considered, only the port number are noted. A socket is bind divert to divert port will receive all packets on the port diversion by the mechanism in the kernel that is run by the implementation of filtering and ipfw program.

    BROADCAST

    This address is used to send / receive information that should be known by all hosts on a network. As is known, each packet has a header destination address of the IP address of hosts that will be addressed by the package. With this address, only the destination host to process the package, while others will host it. What if a host wants to send a packet to all hosts in the network ?Inefficient if he should make a number of host replication purposes. Bandwidth usage / pathway will increase the workload and the host increases, the contents of the packages is the same. Therefore, created the concept of broadcast address. Host simply send to the broadcast address, all hosts in the network will receive the packet. Consequently, all hosted on the same network must have the same broadcast address and the address should not be used as and IP number for a particular host.

    So, actually, each host has two addresses to receive the packet: the first is the IP number which is unique and the second is the broadcast address on the network where the host is located. Broadcast address is making all the host bits in the IP number to 1. So, for a host or IP address 167.205.9.35167.205.240.2, broadcast addresses is 167205255255 (2 last segment of the IP Address 11111111.11111111 are valuable, so it is unreadable 255 255decimal). The type of information is usually broadcast routing information.

    read more
});