This section covers the configuration of network interfaces, hostname resolution, and basic traffic filtering using the system firewall.
- IPv4 and IPv6 Configuration: Manually configure addresses, gateways, and DNS.
- Hostname Management: Set and verify the persistent system hostname.
- Network Services: Ensure networking starts automatically at boot.
- Firewall Management: Use
firewall-cmdto allow or restrict services and ports. - Name Resolution: Configure
/etc/hostsfor local resolution.
| Task | Command |
|---|---|
| List Connections | nmcli con show |
| Set Static IP | nmcli con mod "eth0" ipv4.addresses 192.168.1.10/24 ipv4.gateway 192.168.1.1 ipv4.method manual |
| Set DNS | nmcli con mod "eth0" ipv4.dns "8.8.8.8 8.8.4.4" |
| Apply Changes | nmcli con down "eth0" && nmcli con up "eth0" |
- Set Hostname:
hostnamectl set-hostname server1.example.com - Check Status:
hostnamectl status
- List All Rules:
firewall-cmd --list-all - Allow a Service:
firewall-cmd --permanent --add-service=http - Allow a Port:
firewall-cmd --permanent --add-port=8080/tcp - Reload (Required):
firewall-cmd --reload
- The Static Challenge: Change your VM from DHCP to a static IP address using only
nmcli. Verify you can still ping your gateway. - The Name Resolver: Add an entry to
/etc/hostsso that the namelab-serverpoints to your own IP address. Test it withping lab-server. - The Firewall Shield: Enable the firewall, allow
sshandhttp, but block all other incoming traffic. Verify usingfirewall-cmd --list-all.
- Persistence: Use
nmcli con showto ensureautoconnectis set toyes. - Testing: Always use
ip addrandip routeto verify your manual settings took effect. - Firewall: Remember that without
--permanent, your firewall rules will disappear after a reboot!