RHEL 5.5中的TAHI合规性(IPV6)

时间:2014-05-22 08:12:47

标签: linux ipv6 rhel

我们正计划为我们的设备盒提供ipv6徽标认证。我们正在运行TAHI套件(http://tahi.org/)来验证ipv6合规性。我更改了RHEL 5.5框中的大多数sysctl设置以使其正常工作。

我很难解决以下问题: 1)片段重组 - 片段ID不匹配应该给出错误 2)片段重组 - 片段之间的源地址不同 3)片段重组 - 目标地址在片段之间不同

我在sysctl中与IPv6有关的当前配置是:

net.ipv6.conf.default.accept_dad=2
net.ipv6.conf.all.accept_dad=2
net.ipv6.conf.eth0.accept_dad=2
net.ipv6.conf.eth0.use_tempaddr=0

可以通过ip6tables完成吗?有关如何在RHEL 5.5中配置它的任何想法?

1 个答案:

答案 0 :(得分:0)

INSTALL PREREQUISITES

对于SNORT,我们需要安装以下内容:

  • flex byacc bison pcre-devel libdnet-devel zlib-devel

  • 我们可以从以下网址下载:

ftp://ftp.univie.ac.at/systems/linux/dag/redhat/el5/en/x86_64/buildtools/RPMS/flex-2.5.35-0.8.el5.rfb.x86_64.rpm

ftp://fr2.rpmfind.net/linux/centos/5.10/os/x86_64/CentOS/byacc-1.9-29.2.2.x86_64.rpm

http://vault.centos.org/5.5/os/x86_64/CentOS/zlib-devel-1.2.3-3.x86_64.rpm

http://vault.centos.org/5.5/os/x86_64/CentOS/bison-2.3-2.1.x86_64.rpm

http://vault.centos.org/5.5/os/x86_64/CentOS/pcre-devel-6.6-2.el5_1.7.x86_64.rpm

ftp://ftp.univie.ac.at/systems/linux/dag/redhat/el5/en/x86_64/dag/RPMS/libdnet-1.11-1.2.el5.rf.x86_64.rpm

http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS/libdnet-devel-1.11-1.2.el5.rf.x86_64.rpm 

* Install the above said rpm in the below order:
rpm -ivh flex-2.5.35-0.8.el5.rfb.x86_64.rpm
rpm -ivh byacc-1.9-29.2.2.x86_64.rpm
rpm -ivh zlib-devel-1.2.3-3.x86_64.rpm
rpm -ivh bison-2.3-2.1.x86_64.rpm
rpm -ivh pcre-devel-6.6-2.el5_1.7.x86_64.rpm
rpm -ivh libdnet-1.11-1.2.el5.rf.x86_64.rpm
rpm -ivh libdnet-devel-1.11-1.2.el5.rf.x86_64.rpm

下载所需的SNORT& ALLIED LIBRARIES

http://www.tcpdump.org/release/libpcap-1.5.3.tar.gz http://sourceforge.net/projects/snort.mirror/files/Snort%202.9.5.6/snort-2.9.5.6.tar.gz/download http://sourceforge.net/projects/snort.mirror/files/Snort%202.9.5.6/daq-2.0.1.tar.gz/download

[注意:以下假设以上3个已下载到/ opt / CSCOlumos / SNORT]

安装LIBPCAP

cd / opt / CSCOlumos / SNORT

tar -xf libpcap-1.5.3.tar.gz

mv libpcap-1.5.3 / usr / local / src /

cd /usr/local/src/libpcap-1.5.3

./ configure --prefix = / usr

make install

/ sbin目录/ LDCONFIG

安装DAQ和SNORT

cd / opt / CSCOlumos / SNORT

tar -xf daq-2.0.1.tar.gz

cd daq-2.0.1

./配置

cd os-daq-modules

cd ..

make install

cd / opt / CSCOlumos / SNORT

tar -xf snort-2.9.5.6.tar.gz

cd snort-2.9.5.6

./配置

make install

修复libdnet LIBRARY ISSUES

cp -rp /usr/lib/vmware-tools/lib32/libdnet.so.1 / usr / local / lib /

/ sbin目录/ LDCONFIG

更新

mkdir -p / var / log / snort /

触摸/ var / log / snort / alert

测试SNORT

snort --version

,, _ - >哼了一声! < -   o“)〜版本2.9.5.6 GRE(Build 208)    ''''由Martin Roesch& Snort团队:http://www.snort.org/snort/snort-team            版权所有(C)1998-2013 Sourcefire,Inc.,et al。            使用libpcap 1.5.3版            使用PCRE版本:6.6 06-Feb-2006            使用ZLIB版本:1.2.3

配置IPV6过滤器和运行

vi /opt/test/SNORT/SNORT.conf

预处理程序frag3_global:max_frags 65536

预处理器frag3_engine:策略linux                     bind_to 2001 :: 99ed:d7c6:86f0:8e0a                     detect_anomalies

预处理器frag3_engine:policy linux detect_anomalies

现在运行:

snort -c /opt/test/SNORT/SNORT.conf

注意:这里的2001 :: 99ed:d7c6:86f0:8e0a是eth0(通信接口)ipv6地址。

相关问题
最新问题