(OK) simply running CORE & docker on Fedora 23
来源:互联网 发布:南风知我意1txt百度云 编辑:程序博客网 时间:2024/05/21 06:38
[root@localhost core]#./bootstrap.sh
[root@localhost core]# ./configure --with-startup=systemd
[root@localhost core]# make
[root@localhost core]# make install
[root@localhost core]#systemctl daemon-reload
[root@localhost core]# systemctl start core-daemon.service[root@localhost core]# core-gui
NOTE: /root/.core/configs/m-MPE-manet.imn
----------------------
Under the Session Menu, the Options... dialog has an option to set a control network prefix.
This can be set to a network prefix such as 172.16.0.0/24. A bridge will be created on the host machine having the last address in the prefix range (e.g. 172.16.0.254), and each node will have an extra ctrl0 control interface configured with an address corresponding to its node number (e.g. 172.16.0.3 for n3.)
----------------------
[root@localhost 桌面]# . iptables_core.sh
[root@localhost 桌面]# cat iptables_core.sh
#!/bin/bashecho 1 > /proc/sys/net/ipv4/ip_forwardecho 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcastsecho 1 > /proc/sys/net/ipv4/icmp_echo_ignore_allecho 1 > /proc/sys/net/ipv4/tcp_syncookies#网卡:上外、下内#上外 192.168.0.100#下内 172.16.0.254#INET_IF="ppp0"INET_IF="enp13s0"LAN_IF="b.ctrl0net.6a"#INET_IP="192.168.0.100"INET_IP="10.108.162.164"LAN_IP="172.16.0.254"LAN_IP_RANGE="172.16.0.0/24"#LAN_WWW="172.16.0.6"IPT="/sbin/iptables"#TC="/sbin/tc"MODPROBE="/sbin/modprobe"$MODPROBE ip_tables$MODPROBE iptable_nat$MODPROBE ip_nat_ftp$MODPROBE ip_nat_irc$MODPROBE ipt_mark$MODPROBE ip_conntrack$MODPROBE ip_conntrack_ftp$MODPROBE ip_conntrack_irc$MODPROBE ipt_MASQUERADEfor TABLE in filter nat mangle ; do$IPT -t $TABLE -F$IPT -t $TABLE -X$IPT -t $TABLE -Zdone$IPT -P INPUT DROP$IPT -P OUTPUT ACCEPT$IPT -P FORWARD DROP $IPT -t nat -P PREROUTING ACCEPT$IPT -t nat -P OUTPUT ACCEPT$IPT -t nat -P POSTROUTING ACCEPT# 拒绝INTERNET客户访问#$IPT -A INPUT -i $INET_IF -m state --state RELATED,ESTABLISHED -j ACCEPT$IPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT#$IPT -A INPUT -i $INET_IF -p tcp -s 123.5.0.0/16 --dport 22 -j ACCEPT$IPT -A INPUT -p tcp --dport 22 -j ACCEPT$IPT -A INPUT -i $INET_IF -m state --state NEW,INVALID -j DROPfor DNS in $(grep ^n /etc/resolv.conf|awk '{print $2}'); do$IPT -A INPUT -p tcp -s $DNS --sport domain -j ACCEPT$IPT -A INPUT -p udp -s $DNS --sport domain -j ACCEPTdone# anti bad scaning$IPT -A INPUT -i $INET_IF -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP$IPT -A INPUT -i $INET_IF -p tcp --tcp-flags ALL ALL -j DROP$IPT -A INPUT -i $INET_IF -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP$IPT -A INPUT -i $INET_IF -p tcp --tcp-flags ALL NONE -j DROP$IPT -A INPUT -i $INET_IF -p tcp --tcp-flags SYN,RST SYN,RST -j DROP$IPT -A INPUT -i $INET_IF -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP#$IPT -t nat -A PREROUTING -d $INET_IP -p tcp --dport 8008 -j DNAT --to-destination $LAN_WWW:8008#$IPT -t nat -A PREROUTING -d $INET_IP -p tcp --dport 22 -j DNAT --to-destination $LAN_WWW:22if [ $INET_IF = "ppp0" ] ; then$IPT -t nat -A POSTROUTING -o $INET_IF -s $LAN_IP_RANGE -j MASQUERADEelse$IPT -t nat -A POSTROUTING -o $INET_IF -s $LAN_IP_RANGE -j SNAT --to-source $INET_IPfi#no limit#$IPT -A FORWARD -s 192.168.1.216 -m mac --mac-source 00:15:17:F7:AB:84 -j ACCEPT#$IPT -A FORWARD -d 192.168.1.216 -j ACCEPT#$IPT -A FORWARD -p tcp -d ! $LAN_IP_RANGE -m multiport --dports ! 20,21,22,25,53,80,110,443,8080 -j DROP#$IPT -A FORWARD -p udp -d ! $LAN_IP_RANGE -m multiport --dports ! 20,21,22,25,53,80,110,443,8080 -j DROP#MAC、IP地址绑定#$IPT -A FORWARD -s 192.168.1.11 -m mac --mac-source 44-87-FC-44-B9-6E -j ACCEPT$IPT -A FORWARD -s 172.16.0.1 -j ACCEPT$IPT -A FORWARD -s 172.16.0.2 -j ACCEPT$IPT -A FORWARD -s 172.16.0.3 -j ACCEPT$IPT -A FORWARD -s 172.16.0.4 -j ACCEPT$IPT -A FORWARD -s 172.16.0.5 -j ACCEPT$IPT -A FORWARD -s 172.16.0.6 -j ACCEPT$IPT -A FORWARD -s 172.16.0.7 -j ACCEPT$IPT -A FORWARD -s 172.16.0.8 -j ACCEPT$IPT -A FORWARD -s 172.16.0.9 -j ACCEPT$IPT -A FORWARD -s 172.16.0.10 -j ACCEPT$IPT -A FORWARD -s 172.16.0.11 -j ACCEPT$IPT -A FORWARD -s 172.16.0.12 -j ACCEPT$IPT -A FORWARD -d 172.16.0.1 -j ACCEPT$IPT -A FORWARD -d 172.16.0.2 -j ACCEPT$IPT -A FORWARD -d 172.16.0.3 -j ACCEPT$IPT -A FORWARD -d 172.16.0.4 -j ACCEPT$IPT -A FORWARD -d 172.16.0.5 -j ACCEPT$IPT -A FORWARD -d 172.16.0.6 -j ACCEPT$IPT -A FORWARD -d 172.16.0.7 -j ACCEPT$IPT -A FORWARD -d 172.16.0.8 -j ACCEPT$IPT -A FORWARD -d 172.16.0.9 -j ACCEPT$IPT -A FORWARD -d 172.16.0.10 -j ACCEPT$IPT -A FORWARD -d 172.16.0.11 -j ACCEPT$IPT -A FORWARD -d 172.16.0.12 -j ACCEPT
[root@n6 n6.conf]# route add default gw 172.16.0.254
[root@n6 n6.conf]# route -n
[root@n6 n6.conf]# cat /etc/resolv.conf
[root@n6 n6.conf]# ping www.bupt.edu.cn
---------------------------------------------------------------------------
至此,CORE虚拟节点访问互联网 成功
---------------------------------------------------------------------------
下面在CORE虚拟节点中 使用docker —— 前提,CORE虚拟节点访问互联网 成功
---------------------------------------------------------------------------
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^OK OK
---------Install Docker on Fedora 23
dnf update -y
dnf -y install docker-io
systemctl start docker
systemctl start docker.service
systemctl restart docker.service
systemctl stop docker.service
systemctl status docker.service
systemctl status docker -l
^^^^^^宿主机测试
docker images
docker search centos
docker pull centos
docker images
docker tag 2933d50b9f77 docker.io/centos:core
docker run centos echo "hello world!"
^^^^^^至此,宿主机 OK
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^OK OK in CORE node
[root@n6 n6.conf]#
docker daemon &
docker images
docker run centos echo "hello world!"
docker run --rm -it centos /bin/bash
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
---------------------------------------------------------------------------
至此,在CORE虚拟节点中 使用docker 成功
---------------------------------------------------------------------------
- (OK) simply running CORE & docker on Fedora 23
- (OK) running CORE & docker on Fedora 23 server - all commands
- (OK)(OK) Install Docker on Fedora 23
- (OK) Install Docker on Fedora 23
- (OK) INSTALL CORE on Fedora 23 or CentOS 7
- (OK) Fedora 23——CORE——docker——(5)——> install-core
- (OK) Fedora 23——CORE——docker——(3)——> install-docker
- (OK) running imunes in Fedora 23
- (OK) running imunes in Fedora 23
- (OK) running CORE—Common Open Research Emulator—docker
- (OK) running CORE—Common Open Research Emulator—docker
- (OK) Fedora 23——CORE——docker——(1)——> install-kernel
- (OK) Fedora 23——CORE——docker——(2)——> install-quagga
- (OK) Fedora 23——CORE——docker——(4)——> iptables_core.sh
- (OK) Fedora 23——CORE——docker——(7)——> dockersvc.py
- (OK) Fedora 23——CORE——docker——(8)——> problems
- (OK) Fedora 23——CORE——docker——(6)——> install-docker-py-1.8.1
- ERROR——running docker in CORE on Fedora23
- linux环境下如何快速升级你的Node.js
- 区块链技术(一):Truffle开发入门
- js+css 灵活层叠 绝对/相对 定位 2
- 【C++】登录界面(透明文字显示)
- Python virtualenv的使用
- (OK) simply running CORE & docker on Fedora 23
- 华为为啥突然用2K屏?余承东终于说出真相
- 欧路词典激活方法(免费)
- 最长回文字串
- 接口电路——原理,应用,分类,处理过程
- 罗永浩:父母生我的时候差点把我打掉 曾通读琼瑶全集
- nyoj_2 括号配对问题
- 【项目源码】- 【局域网聊天】android实现局域网聊天 - UDP实现
- Docker 2016 年度报告