Create deb Package in Ubuntu (Very Brief Introduction)

This is a very brief and basic introduction to creating a deb package. It’s more of a log /history of commands I ran (while learning this myself) and their output. Special thanks to How To Create A .DEB Package [Ubuntu / Debian] for serving as the base I used to build this post. Log in to your Ubuntu machine and open a terminal. Then run the following commands.

cg@codeghar:~$ mkdir custom-package

cg@codeghar:~$ cd custom-package/

cg@codeghar:~/custom-package$ pwd

/home/cg/custom-package

cg@codeghar:~/custom-package$ mkdir credner-1.0

cg@codeghar:~/custom-package$ cd ~/source/

cg@codeghar:~/source$ ls

credner-1.0.tar.gz  credner.py

cg@codeghar:~/source$ vim credner.py

#!/usr/bin/env python3
print ("Hello World!")

cg@codeghar:~/source$ cp credner-1.0.tar.gz ~/custom-package/

cg@codeghar:~/source$ cd -

/home/cg/custom-package

cg@codeghar:~/custom-package$ ls

credner-1.0  credner-1.0.tar.gz

cg@codeghar:~/custom-package$ sudo aptitude install build-essential autoconf automake autotools-dev dh-make debhelper devscripts fakeroot xutils lintian pbuilder

Note: All these packages will be installed as required.

cg@codeghar:~/custom-package$ ls

credner-1.0  credner-1.0.tar.gz

cg@codeghar:~/custom-package$ cd credner-1.0/

cg@codeghar:~/custom-package/credner-1.0$ ls

cg@codeghar:~/custom-package/credner-1.0$ dh_make -e credner@example.com -f ../credner-1.0.tar.gz

Type of package: single binary, indep binary, multiple binary, library, kernel module, kernel patch?
 [s/i/m/l/k/n] s

Maintainer name  : codeghar
Email-Address    : credner@example.com
Date             : Wed, 14 Nov 2012 16:02:15 -0800
Package Name     : credner
Version          : 1.0
License          : blank
Type of Package  : Single
Hit  to confirm:
Currently there is no top level Makefile. This may require additional tuning.
Done. Please edit the files in the debian/ subdirectory now. You should also
check that the credner Makefiles install into $DESTDIR and not in / .

cg@codeghar:~/custom-package/credner-1.0$ ls

debian

cg@codeghar:~/custom-package/credner-1.0$ cd debian/

cg@codeghar:~/custom-package/credner-1.0/debian$ ls

changelog          credner.default.ex   emacsen-startup.ex  menu.ex      README.Debian
compat             credner.doc-base.EX  init.d.ex           postinst.ex  README.source
control            docs                 manpage.1.ex        postrm.ex    rules
copyright          emacsen-install.ex   manpage.sgml.ex     preinst.ex   source
credner.cron.d.ex  emacsen-remove.ex    manpage.xml.ex      prerm.ex     watch.ex

cg@codeghar:~/custom-package/credner-1.0/debian$ vim control

Source: credner
Section: unknown
Priority: extra
Maintainer: codeghar 
Build-Depends: debhelper (>= 8.0.0)
Standards-Version: 3.9.2
Homepage: 
#Vcs-Git: git://git.debian.org/collab-maint/credner.git
#Vcs-Browser: http://git.debian.org/?p=collab-maint/credner.git;a=summary

Package: credner
Architecture: any
Depends: ${shlibs:Depends}, ${misc:Depends}
Description: First test deb package
 This is my first deb package attempt

cg@codeghar:~/custom-package/credner-1.0/debian$ vim copyright

Format: http://dep.debian.net/deps/dep5
Upstream-Name: credner
Source: 

Files: *
Copyright: 2012 codeghar 
License: GPL-2+
 This package is free software; you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
 the Free Software Foundation; either version 2 of the License, or
 (at your option) any later version.
 .
 This package is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU General Public License for more details.
 .
 You should have received a copy of the GNU General Public License
 along with this program. If not, see 
 .
 On Debian systems, the complete text of the GNU General
 Public License version 2 can be found in "/usr/share/common-licenses/GPL-2".

# If you want to use GPL v2 or later for the /debian/* files use
# the following clauses, or change it to suit. Delete these two lines
Files: debian/*
Copyright: 2012 codeghar 
License: GPL-2+
 This package is free software; you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
 the Free Software Foundation; either version 2 of the License, or
 (at your option) any later version.
 .
 This package is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU General Public License for more details.
 .
 You should have received a copy of the GNU General Public License
 along with this program. If not, see 
 .
 On Debian systems, the complete text of the GNU General
 Public License version 2 can be found in "/usr/share/common-licenses/GPL-2".

# Please also look if there are files or directories which have a
# different copyright/license attached and list them here.

cg@codeghar:~/custom-package/credner-1.0/debian$ vim changelog

credner (1.0-1) unstable; urgency=low

  * Initial release (Closes: #nnnn)  

 -- codeghar   Wed, 14 Nov 2012 16:02:15 -0800

cg@codeghar:~/custom-package/credner-1.0/debian$ cd ..

cg@codeghar:~/custom-package/credner-1.0$ dpkg-buildpackage -us -uc -rfakeroot

dpkg-buildpackage: export CFLAGS from dpkg-buildflags (origin: vendor): -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security
dpkg-buildpackage: export CPPFLAGS from dpkg-buildflags (origin: vendor): -D_FORTIFY_SOURCE=2
dpkg-buildpackage: export CXXFLAGS from dpkg-buildflags (origin: vendor): -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security
dpkg-buildpackage: export FFLAGS from dpkg-buildflags (origin: vendor): -g -O2
dpkg-buildpackage: export LDFLAGS from dpkg-buildflags (origin: vendor): -Wl,-Bsymbolic-functions -Wl,-z,relro
dpkg-buildpackage: source package credner
dpkg-buildpackage: source version 1.0-1
dpkg-buildpackage: source changed by codeghar 
dpkg-buildpackage: host architecture amd64
 dpkg-source --before-build credner-1.0
 fakeroot debian/rules clean
dh clean
   dh_testdir
   dh_auto_clean
   dh_clean
 dpkg-source -b credner-1.0
dpkg-source: info: using source format `3.0 (quilt)'
dpkg-source: info: building credner using existing ./credner_1.0.orig.tar.gz
dpkg-source: warning: ignoring deletion of file credner.py
dpkg-source: info: building credner in credner_1.0-1.debian.tar.gz
dpkg-source: info: building credner in credner_1.0-1.dsc
 debian/rules build
dh build
   dh_testdir
   dh_auto_configure
   dh_auto_build
   dh_auto_test
 fakeroot debian/rules binary
dh binary
   dh_testroot
   dh_prep
   dh_installdirs
   dh_auto_install
   dh_install
   dh_installdocs
   dh_installchangelogs
   dh_installexamples
   dh_installman
   dh_installcatalogs
   dh_installcron
   dh_installdebconf
   dh_installemacsen
   dh_installifupdown
   dh_installinfo
   dh_installinit
   dh_installmenu
   dh_installmime
   dh_installmodules
   dh_installlogcheck
   dh_installlogrotate
   dh_installpam
   dh_installppp
   dh_installudev
   dh_installwm
   dh_installxfonts
   dh_installgsettings
   dh_bugfiles
   dh_ucf
   dh_lintian
   dh_gconf
   dh_icons
   dh_perl
   dh_usrlocal
   dh_link
   dh_compress
   dh_fixperms
   dh_strip
   dh_makeshlibs
   dh_shlibdeps
   dh_installdeb
   dh_gencontrol
dpkg-gencontrol: warning: Depends field of package credner: unknown substitution variable ${shlibs:Depends}
   dh_md5sums
   dh_builddeb
dpkg-deb: building package `credner' in `../credner_1.0-1_amd64.deb'.
 dpkg-genchanges  >../credner_1.0-1_amd64.changes
dpkg-genchanges: including full source code in upload
 dpkg-source --after-build credner-1.0
dpkg-buildpackage: full upload (original source is included)

cg@codeghar:~/custom-package/credner-1.0$ ls

debian

cg@codeghar:~/custom-package/credner-1.0$ cd ..

cg@codeghar:~/custom-package$ ls

credner-1.0                  credner_1.0-1.debian.tar.gz  credner-1.0.tar.gz
credner_1.0-1_amd64.changes  credner_1.0-1.dsc
credner_1.0-1_amd64.deb      credner_1.0.orig.tar.gz

cg@codeghar:~/custom-package$ sudo dpkg --install credner_1.0-1_amd64.deb

[sudo] password for codeghar:
Selecting previously unselected package credner.
(Reading database ... 84043 files and directories currently installed.)
Unpacking credner (from credner_1.0-1_amd64.deb) ...
Setting up credner (1.0-1) ...

cg@codeghar:~/custom-package$ dpkg --list credner

Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name              Version           Description
+++-=================-=================-==================================================
ii  credner           1.0-1             First test deb package

cg@codeghar:~/custom-package$ dpkg --listfiles credner

/.
/usr
/usr/share
/usr/share/doc
/usr/share/doc/credner
/usr/share/doc/credner/copyright
/usr/share/doc/credner/changelog.Debian.gz
/usr/share/doc/credner/README.Debian

cg@codeghar:~/custom-package$ sudo dpkg --purge credner

(Reading database ... 84047 files and directories currently installed.)
Removing credner ...

cg@codeghar:~/custom-package$ dpkg --list credner

Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name              Version           Description
+++-=================-=================-==================================================
un  credner                       (no description available)

From this tutorial you can learn the very basics of how to create a deb package. In our example package credner.py was not installed, and that’s alright. Our main purpose was to show the building blocks for now. We also installed a whole bunch of packages we might not have needed for this example. That’s ok, too, because as we continue our learning process we might need them.

My next goal is to create a deb package from a proper Python script. Stay tuned.

NTP Server

So you want to setup your own NTP server? Setting one up in Ubuntu 12.04 is really easy.

sudo aptitude install ntp

Once it has been installed you can modify its configuration file /etc/ntp.conf. The default settings are pretty sane and you may want to only change the NTP servers it uses. Then start the service if it’s not already started.

sudo service ntp start

But be aware of some issues.

The first one is “stratum”. NTP servers work in a hierarchy and stratum indicates the level in which your server lies. Mostly any stratum 4 or higher is ignored and anything 3 or lower is used. To find out the stratum of your server run the following command.

ntptrace

If you have a high stratum, especially stratum 16, you need to do two things:

1. Use NTP servers with lower stratum as your source in /etc/ntp.conf file. These are servers closest to your geographical location.
2. After starting NTP service wait for about 15 minutes and then run ntptrace again to see if the server’s time has stabilized.

Performing these two actions will go a long way in ensuring that you don’t get the “no server suitable for synchronization” error when using your new NTP server.

Another useful command is:

ntpq -p

I also recently found out that ntpdate is deprecated and has been replaced with sntp.

Hat tip to ntptrace returns stratum 16, ntpq -p shows sync with stratum 2 server for clearing up lots of stuff. Other honorable mentions: NTP Troubleshooting; Network Time Protocol (NTP) Server and Clients Setup in Ubuntu

Ubuntu: The Good, The Bad, and The Ugly

After the Amazon search results in the Dash debacle it was a good time to re-evaluate my support for Ubuntu. Do I want to continue to use Ubuntu on my desktop and server and to recommend to friends? The answer, after much deliberation, is still yes. Although the following are my observations/feelings/etc., they do indicate more advantages to using Ubuntu than disadvantages. I also feel that for a Linux distribution to succeed it has to offer soft benefits in addition to great technology, something Ubuntu does better than a lot of other distributions.

The Good

  • Six-month releases with newer technology
  • Long term support (LTS) releases every two years
  • Server and desktop offerings on par with any other good distribution
  • Free of cost for individuals and enterprises
  • Very good focus on desktop integration and user experience
  • Out of the box hardware support is much better than some other distributions. No other distribution has worked on my Gen 1 MacBook as well as Ubuntu has.
  • Based on the great work of the Debian project
  • Unity DE (to me) is the best Linux currently has to offer. Its integration, simplicity, and keyboard shortcuts make it a joy to use.
  • Very simple licensing and support options unlike Red Hat and SuSE (they confuse me to no end)
  • “Moving up” from development/test environment to production does not require re-configuring, re-installing or re-licensing (but you can buy support if needed) unlike RHEL (CentOS to RHEL) and SLES (OpenSUSE to SLES)
  • As soon as the latest LTS is released most package versions are fairly new but on a new RHEL release packages are mostly a year or more older from the get go. (Please correct me if I’m wrong). This means that you get to deploy newer technology with Ubuntu LTS and have it supported for five years.
  • It’s increasing market share for Linux, especially with Steam coming soon to Ubuntu

The Bad

  • A very visible Not Invented Here (NIH) syndrome
  • Not much collaboration with other distributions on reaching consensus over shared/common technology (see: systemd, AppArmor)
  • More focus on desktop and not as much attention to server
  • Decisions that sometimes polarize the community more than any other distribution
  • Keeping Landscape server closed source
  • May need to run sudo aptitude remove unity-lens-shopping starting in 12.10
  • Ubuntu is either a community project or a Canonical project with community contributions. It can’t pretend to be a community project and continue to give Canonical almost all decision-making power.
  • It doesn’t have a functionality like zypper ps by default, although it’s not really needed because aptitude usually restarts the services after upgrade anyways. One has to install sudo install debian-goodies and then use the checkrestart application to get functionality similar to zypper ps. Thanks to Equivalent of openSuse “zypper ps” on other distros? for this tip.

The Ugly

  • Honestly, I haven’t seen anything ugly so far

Wait and watch on systemd

I have been pondering the systemd situation for a while. My biggest concern has been that Debian and Ubuntu have not made decisions to adopt it as default, especially when Fedora, OpenSUSE, Mageia, and others have. Maybe Red Hat Enterprise Linux (RHEL) 7 will include it as well. So it seems like on the init system level, two fragmented groups are emerging: those who use systemd and those who don’t. My second concern is the ability for a casual/intermediate user to transition from a systemd-using system to one that doesn’t use it.

I have finally decided, after a long period of thinking, forecasting, etc., that I will use Ubuntu for the foreseeable future. This means that whether other distributions adopt systemd or reject it does not have much of an impact on me. If Ubuntu decides to adopt it then I’ll simply start using it. But I won’t worry about the fragmentation because it should not and does not matter to me. And it also shouldn’t matter to you either. Here’s why.

Ubuntu has been making big strides recently in adoption and popularity. More often than not you’ll find Ubuntu being deployed wholesale by organizations all over the world for desktop use. Google also uses a customized version within its own organization. Granted, Ubuntu is not as well adopted as RHEL on servers but it’s adoption is increasing at a rapid pace nonetheless. All this makes Ubuntu a viable alternative in the present and future.

Canonical, and by extension Ubuntu, sometimes does really annoying things. They have made me question my loyalty to the distribution many times. Not adopting systemd for 12.04 was one thing but to reject it outright, as Mark Shuttleworth did, did cause a bit of panic. But I overcame the systemd decision like I did other decisions because I support the diversity in the level of influence a distribution has over the future of Linux. RHEL has a big say in how organizations use Linux all over the world. Fedora, by extension, has the same influence because it prepares the technology of tomorrow. There’s a need for an equally influential player, Ubuntu in this case, to counter that excessive influence, not because RHEL is “evil” but because healthy competition is good.

Given the future viability of Ubuntu and the need to have another influential player, the fragmentation does not matter for those using Ubuntu exclusively. As long as you and I and millions more are using Ubuntu, any technology it uses to build itself is a viable and successful technology. So what if Ubuntu uses AppArmor instead of SELinux and Upstart instead of systemd? Both AppArmor and Upstart do their job and work on millions of installations.

The day when Ubuntu adopts systemd or SELinux I will happily use them. It’s not because Ubuntu can do no wrong but because I trust Ubuntu to make a better decision for millions of users than I can.

P.S. Ubuntu is not just a product. It’s a collection of people who care about FLOSS, Linux, and users. They are led, capably in my opinion, by Shuttleworth. And by joining the Ubuntu bandwagon I ensure that the product and project succeeds resulting in the success of many others tied to it.

IPv6 in Ubuntu 12.04

I have been exploring IPv6 for a couple months now. It’s a very interesting subject and will quickly become inevitable. IPv6 is coming and it’s here to stay. I have learned a lot about IPv6 in Ubuntu and Windows. Consider this the first article in a series I’ll be publishing as I learn more. I will not give an introduction to IPv6 here. There are lot of good places to learn about it

IPv6 is enabled by default in Ubuntu 12.04 Precise Pangolin. A Local Link Unicast (link-local) address is configured automatically. If you have Router Advertisement (RA) enabled on a switch or router on your network then Ubuntu will autoconfigure its own Global Unicast Address as well. But how does your /etc/network/interfaces file look? Something similar to below.

auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp

See how you didn’t have to do anything on Ubuntu to get IPv6 working? But let’s dig deeper.

If you still want to be explicit for Ubuntu to use autoconfiguration for IPv6 then edit /etc/network/interfaces.

sudo vim /etc/network/interfaces

And add a line for IPv6 to make the file look similar to below:

auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
iface eth0 inet6 auto

Bring down eth0 and bring it back up.

sudo ifdown eth0

sudo ifup eth0

Static IPv6 Address

What if you wanted to use a static IPv6 address? Just edit your /etc/network/interfaces file and make it look similar to below.

auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
iface eth0 inet6 static
    address 2999:abcd:1234:5678::a157
    netmask 64
    gateway 2999:abcd:1234:5678::1
    dns-nameservers 2999:abcd:1234:5678::20
    dns-search codeghar.com

Privacy Extension

Let’s say you want to enable privacy extension. That’s also quite easy to do.

sudo vim /etc/sysctl.d/10-ipv6-privacy.conf

In this file, make sure you have the following two lines. This will enable privacy extension on all interfaces. By default Ubuntu already has privacy enabled (I think).

net.ipv6.conf.all.use_tempaddr = 2
net.ipv6.conf.default.use_tempaddr = 2

Save the file and exit vim. Now run the following command to enable these settings.

sudo service procps restart

If that doesn’t work then you can restart your computer.

Look at your IPs and you’ll notice something interesting.

ip addr show

1: lo:  mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qdisc pfifo_fast state UP ql en 1000
    link/ether 00:05:06:07:08:09 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.100/24 brd 198.168.1.255 scope global eth0
    inet6 2789:1234:cdef:9876:395e:c9fd:78b4:d863/64 scope global temporary dynamic
       valid_lft 604349sec preferred_lft 85349sec
    inet6 2789:1234:cdef:9876:205:06ff:fe07:0809/64 scope global dynamic
       valid_lft 2591921sec preferred_lft 604721sec
    inet6 fe80::205:06ff:fe07:0809/64 scope link
       valid_lft forever preferred_lft forever

For eth0 you’ll notice two IPv6 addresses with scope global: “scope global temporary dynamic” and “scope global dynamic”. The term “temporary” means that this is a disposable address generated because of privacy extension. It will expire when “preferred_lft” seconds expire and new temporary address will be generated.

Since we chose value 2 in file /etc/sysctl.d/10-ipv6-privacy.conf, these temporary addresses will be used when connecting to other computers.

Security

Do not forget that you now need to maintain two firewalls, one for IPv4 and one for IPv6. I’ll write another post about ip6tables, the firewall for IPv6.

Disable IPv6

I highly recommend to NOT disable IPv6 in Ubuntu. But if you still want to you can.

sudo vim /etc/sysctl.conf

Add three lines to the file.

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

Save the file and exit vim. Now run the following command to enable these settings.

sudo service procps restart

If that doesn’t work then you can restart your computer.

Hat Tips

IPv6 privacy extensions on Linux; Make curl download using non-Privacy extension IPv6 address?; How to be anonymous on IPV6 protocol by not using MAC address in EUI-64?; Disable IPv6 If your Internet is Working Slow in Ubuntu 12.04 Precise Pangolin/Linux Mint 13; IPV6 auto configuration not working

Get Broadcom BCM4311 Working in Ubuntu 12.04

I have had the best luck following Jorge Castro’s steps on getting BCM4311 to work in Ubuntu. The steps are simple.

  1. Open Additional Drivers application
  2. Remove ‘Broadcom STA Driver’
  3. Open Ubuntu Software Center
  4. Search ‘bcm’
  5. Install ‘Installer Package for firmware for the b43 driver’ (firmware-b43-installer)
  6. Reboot your computer

Make sure if there’s a physical switch for Wifi that it’s enabled and after rebooting your machine your wireless should work fine.

I tested this on a Dell Latitude D630. lspci showed the following results for wireless.

0c:00.0 Network controller: Broadcom Corporation BCM4311 802.11b/g WLAN (rev 01)

Ubuntu 12.04 IPv4 NAT Gateway and DHCP Server

Before I begin this post, I want to thank Internet Connection Sharing – Ubuntu 10.04 NAT Gateway Setup (Abridged Version) for providing the bulk of the tutorial. I have made some modifications for Ubuntu 12.04.

The setup is simple: a single Ubuntu server will act as a gateway and DHCP server for a local network. All other machines on the local network will receive their IPs from the DHCP server. To make things easier, I’ll call this Ubuntu server “Skyray” for the rest of the post.

Skyray has two network interfaces, eth0 and eth1. eth0 is on the 10.20.30.0/24 subnet and this is the Internet facing interface. eth1 is on the 172.22.22.0/24 subnet, where all other machines are also present. Basically, eth0 will connect to the Internet and eth1 will serve DHCP requests and act as the gateway.

/etc/network/interfaces

First you need to configure eth0 and eth1 for Skyray. Edit the file and make sure it has at least the following settings (or whatever settings are appropriate for your environment).

sudo vim /etc/network/interfaces

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
    address 10.20.30.77
    netmask 255.255.255.0
    gateway 10.20.30.1
    network 10.20.30.0
    broadcast 10.20.30.255
    dns-nameservers 10.20.30.15 10.20.30.16
    dns-search codeghar.com

auto eth1
iface eth1 inet static
    address 172.22.22.1
    netmask 255.255.255.0
    network 172.22.22.0
    broadcast 172.22.22.255

/etc/sysctl.conf

You need to enable IPv4 forwarding. To do so, edit this file.

sudo vim /etc/sysctl.conf

And uncomment the line

# net.ipv4.ip_forward=1

so that it now appears as

net.ipv4.ip_forward=1

Save the file and run the following command to make the change effective without a reboot.

sudo sysctl -w net.ipv4.ip_forward=1

/etc/rc.local

You’ll need to allow iptables rules for NAT to work. Edit the file and save it.

sudo vim /etc/rc.local

Make sure the following two lines appear before the exit 0 line in the file.

/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables --table nat -A POSTROUTING -o eth0 -j MASQUERADE

To make these iptables rules active without rebooting, run the following commands:

sudo iptables -P FORWARD ACCEPT

sudo iptables –-table nat -A POSTROUTING -o eth0 -j MASQUERADE

Install DHCP server

sudo aptitude install isc-dhcp-server

/etc/dhcp/dhcpd.conf

Configure your newly installed DHCP server. Edit the file and save.

sudo vim /etc/dhcp/dhcpd.conf

The file is very well commented and you can learn a lot reading it. Just make sure it has at least the following configuration.

ddns-update-style none;

# option definitions common to all supported networks...
option domain-name "codeghar.com";
option domain-name-servers 10.20.30.15, 10.20.30.16;

default-lease-time 3600;
max-lease-time 7200;

# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;

# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
log-facility local7;

# This is a very basic subnet declaration.

subnet 172.22.22.0 netmask 255.255.255.0 {
  range 172.22.22.21 172.22.22.250;
  option subnet-mask 255.255.255.0;
  option broadcast-address 172.22.22.255;
  option routers 172.22.22.1;
}

/etc/default/isc-dhcp-server

We want to serve DHCP only on eth1 interface to we need to configure it that way. Edit the file and save it.

sudo vim /etc/default/isc-dhcp-server

The line will look like this before you change it

INTERFACES=""

And after you change it, it will look like this:

INTERFACES="eth1"

Now you should stop and start the DHCP server.

sudo service isc-dhcp-server stop (if the service is already running; skip if it’s not running)

sudo service isc-dhcp-server start

Conclusion

Now any machines you have on the 172.22.22.0/24 network will get their IP address from Skyray if they are set to DHCP. And Skyray will also serve as their gateway.

Follow

Get every new post delivered to your Inbox.

Join 33 other followers