ANS LAB 2 COMMANDS

1. Firewall

1.1. sudo dnf install firewalld -y

1.2. sudo firewall-cmd --permanent --add-service=ssh

sudo firewall-cmd --reload

1.3. sudo firewall-cmd --permanent --add-port=6881-6889/tcp

sudo firewall-cmd --permanent --add-port=6881-6889/udp

sudo firewall-cmd --reload

1.4. sudo firewall-cmd --permanent --add-service=dns

sudo firewall-cmd --permanent --remove-service=ftp

sudo firewall-cmd --permanent --remove-service=http

sudo firewall-cmd --permanent --remove-service=https

sudo firewall-cmd --reload

1.5. sudo firewall-cmd --list-all

2. DNS

2.1. sudo dnf install bind bind-utils -y

2.2. sudo systemctl enable named

sudo systemctl start named

2.3. Edit with: sudo nano /etc/named.conf file

options {

listen-on port 53 { any; };

allow-query { any; };

recursion yes;

};

zone "226089.students.finki.ukim.mk" {

type master;

file "/var/named/226089.students.finki.ukim.mk.zone";

};

zone "anslab2.com" {

type slave;

masters { 10.10.16.99; };

file "/var/named/anslab2.com.zone";

};

2.4. Create and edit file: sudo nano /var/named/226089.students.finki.ukim.mk.zone

$TTL 86400

@ IN SOA ns1.226089.students.finki.ukim.mk. admin.226089.students.finki.ukim.mk. (

2024112801 ; Serial (YYYYMMDDNN format)

3600 ; Refresh

1800 ; Retry

1209600 ; Expire

86400 ) ; Minimum TTL

IN NS ns1.226089.students.finki.ukim.mk.

IN MX 10 mail.226089.students.finki.ukim.mk.

ns1 IN A <server-ip>

mail IN A <server-ip>

@ IN A <server-ip>

@ IN AAAA ::1

www IN CNAME @

@ IN TXT "v=spf1 mx -all"

2.5. sudo chown root:named /var/named/226089.students.finki.ukim.mk.zone

sudo chmod 640 /var/named/226089.students.finki.ukim.mk.zone

2.6. sudo named-checkconf

sudo named-checkzone 226089.students.finki.ukim.mk /var/named/226089.students.finki.ukim.mk.zone

2.7. sudo systemctl restart named

2.8. nslookup 226089.students.finki.ukim.mk 192.168.0.111

2.9. nslookup www.anslab2.com 10.10.16.99