Differences between version 6 and predecessor to the previous major change of MetaNetConfiguration.
Other diffs: Previous Revision, Previous Author, or view the Annotated Edit History
Newer page: | version 6 | Last edited on Thursday, June 5, 2003 9:52:05 pm | by JohnMcPherson | Revert |
Older page: | version 4 | Last edited on Saturday, May 17, 2003 1:22:18 pm | by CraigBox | Revert |
@@ -55,18 +55,25 @@
__Note__: You may wish to change the paths based on your distribution. Debian Woody prefers "/var/cache/bind/stubs", but doesn't create it by default. __Make sure the directory you have named in the config file exists on the filesystem!__
You should then be able to restart named(8) (debian: /etc/init.d/bind restart, or reload if it's already running) and then ping "www.tla".
-You are now properly on the !MetaNet. You should now be able to visit http://www.tla/ and http://www.plaz.tla/.
+You are now properly on the !MetaNet. You should now be able to visit http://www.tla/
!Other clients on your network
-Make sure any clients on your network that you want to resolve !MetaNett
addresses have the address of your nameserver as the first nameserver in /etc/resolv.conf, or their native DNS configuration. You can put your [ISP]'s nameserver after it as a precaution, if you like.
+Make sure any clients on your network that you want to resolve !MetaNet
addresses have the address of your nameserver as the first nameserver in /etc/resolv.conf, or their native DNS configuration. You can put your [ISP]'s nameserver after it as a precaution, if you like.
-!Root CA
+!!Firewalling
+see FirewallNotes and PerrysFirewallingScript. Although you should be able to mostly trust other people on the metanet, you should at the very least do some basic firewalling.
+
+For example, samba/nmbd does broadcasts that will go across the metanet. You can either block traffic to and from the metanet on ports 137, 138 and 139 (both [TCP] and [UDP]) or you can add the following in smb.conf's global section:
+ bind interfaces only = yes
+ interfaces = 10.x.y./24
+
+!
!Root CA
The !MetaNet has a CertificateAuthority that it uses for signing SSL websites and potentially other cool stuff. To add this "root CA" to your browser, visit http://www.meta.net.nz/install-cert.html
Now, go to MetaNetResources to see what you can do with your new internetwork.
-----
[1] The reason is if you use a forwarder, then all queries get forwarded to the other server and it won't be able to resolve metanet names and addresses.