installation of packet
yum install fail2ban cockpit cockpit-machines python3 make git-core
Server config based on:
Data Replication between servers https://www.programmersought.com/article/92226036787/
Virtual machine hosting https://www.tecmint.com/install-kvm-on-ubuntu/
cockpit https://www.techrepublic.com/article/how-to-enable-cockpit-on-centos-8/ , https://www.tecmint.com/manage-kvm-virtual-machines-using-cockpit-web-console/
firewalld https://www.liquidweb.com/kb/how-to-start-and-enable-firewalld-on-centos-7/
firewalld config
add nfs :
firewall-cmd --add-port=873/tcp
add port forwarding to opnsense:
https to opnsense:firewall-cmd --add-forward-port=port=443:proto=tcp:toport=443:toaddr=AAA.BBB.CCC.DDD
http to opnsense:firewall-cmd --add-forward-port=port=80:proto=tcp:toport=80:toaddr=AAA.BBB.CCC.DDD
opnsense console:firewall-cmd --add-forward-port=port=4443:proto=tcp:toport=4443:toaddr=AAA.BBB.CCC.DDD
add pf to linux
firewall-cmd --add-forward-port=port=XXXX:proto=tcp:toport=22:toaddr=AAA.BBB.CCC.DDD
add port forwarding to windows:
SQLfirewall-cmd --add-forward-port=port=1433:proto=tcp:toport=1433:toaddr=AAA.BBB.CCC.DDD
RDP
firewall-cmd --add-forward-port=port=3389:proto=tcp:toport=3389:toaddr=AAA.BBB.CCC.DDD
firewall usefull command:
firewall-cmd --reload
firewall-cmd --runtime-to-permanent
Storage
Default : /export/nfs/data
ISO: /export/nfs/iso
virsh network
virsh net-edit default
<network> <name>default</name> <uuid>aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeee</uuid> <forward mode='nat'/> <bridge name='virbr0' stp='on' delay='0'/> <mac address='XX:XX:XX:XX:XX:XX'/> <domain name='default'/> <ip address='AAA.BBB.CCC.DDD' netmask='255.255.255.0'> </ip> </network>
Qemu Hooks
https://forums.centos.org/viewtopic.php?f=50&t=71454&start=10
make the hook tool
cd /usr/local/src git clone https://github.com/saschpe/libvirt-hook-qemu.git cd libvirt-hook-qemu make install rm -rf libvirt-hook-qemu
make the hook config
vi /etc/libvirt/hooks/hooks.json
{ "k3OS": { "interface": "my-bridge-name", "private_ip": "A.B.C.D", // IP of the VM "port_map": { "tcp": [[5022,22]] // port mapping } }, "linux.2.1": { "interface": "my-bridge-name", "private_ip": "A.B.C.D", // IP of the VM "port_map": { "tcp": [[1022,22]] } }, "OPNsense.2.1": { "interface": "my-bridge-name", "private_ip": "A.B.C.D", // IP of the VM "port_map": { "tcp": [80,443,4443] } }, "Windows": { "interface": "my-bridge-name", "private_ip": "A.B.C.D", // IP of the VM "port_map": { "tcp": [1433,3389] } } }