notes/home-network
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
home-network/network-info.org
ronny abraham bc709ff72e added everything
2025-07-29 02:46:43 +03:00

116 lines
5.3 KiB
Org Mode
Executable file
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#+title: Network & Router Info
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="_share/media/css/computer.css" />
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="_share/media/css/org-media-sass/content-overview.css" />
#+OPTIONS: H:6
* links
- [[./toc.org][TOC - Home Computer]]
* Router Configuration
** WiFi Settings
| Category | Value |
|-----------+--------------|
| SSID | ronny-wifi |
| Password | 2reishit2ara |
| Router IP | 192.168.0.1 |
*** links to access the router
- http://tplinkwifi.net/webpages/index.html?t=baf9a7a7
- [[http://192.168.0.1]]
** Internet Connection
| Category | Value |
|---------------------+-----------------|
| Internet IP Address | 94.159.253.187 |
| Subnet Mask | 255.255.255.255 |
| Default Gateway | 82.102.129.99 |
| Primary DNS | 80.179.52.100 |
| Secondary DNS | 80.179.55.100 |
** DHCP Settings
| Category | Value |
|-----------------+-----------------------------|
| DHCP Server | Enabled |
| IP Address Pool | 192.168.0.2 - 192.168.0.253 |
** Open Ports
These are the active port forwarding rules configured on the router for local devices. All are currently marked as open and mapped directly from external to internal ports on the same device.
*** Current Port Forwards
| Service Name | Device IP | External Port | Internal Port | Protocol | Status |
|-----------------------------+--------------+---------------+---------------+----------+--------|
| GIT | 192.168.0.63 | 222 | 222 | TCP | Open |
| SSH | 192.168.0.63 | 22 | 22 | TCP | Open |
| HTTPS | 192.168.0.63 | 443 | 443 | TCP | Open |
| FTP | 192.168.0.63 | 21 | 21 | TCP | Open |
| HTTP | 192.168.0.63 | 80 | 80 | TCP | Open |
| Postgres - stg.ronnyabraham | 192.168.0.63 | 5433 | 5433 | TCP | Open |
* FTP
** FTP Server Configuration Overview
| Setting | Value | Notes |
|--------------------------+-------------------------------+----------------------------------------------------------|
| Server IP (LAN) | 192.168.0.63 | Your Raspberry Pi's local IP |
| Domain (optional) | ftp.ronnyabraham.com | Public address (requires DNS pointing to your home IP) |
| FTP Username | ftpuser | Restricted to chroot jail: /home/ftpuser/ftp |
| FTP Password | [your-password] | Chosen during user setup |
| Login Port | 21 (TCP) | Already forwarded |
| Passive Port Range | 3000031000 (TCP) | Must be forwarded in router for PASV mode |
| FTP Root Dir | /mnt/storage/srv/ftp | Physical storage location |
| FTP Mount (seen by user) | /home/ftpuser/ftp | Bind-mounted for vsftpd |
| Passive Mode Enabled | YES | Required for most clients like FileZilla, ncftp |
| Encrypted FTP (FTPS) | NO | Not yet set up — optional for secure external access |
| Firewall | None or default iptables | UFW not installed |
| External Access Ready? | YES, if passive ports forwarded| Port forwarding must include 21 + 3000031000 |
** vsftpd.conf Configuration
Location: `/etc/vsftpd.conf`
Add or ensure the following lines are present to enable passive mode:
#+begin_src conf
pasv_enable=YES
pasv_min_port=30000
pasv_max_port=31000
pasv_address=ftp.ronnyabraham.com
#+end_src
After changes, restart the service:
#+begin_src bash
sudo systemctl restart vsftpd
#+end_src
** Optional To-Do
*** DONE Forward passive ports in router (3000031000)
*** TODO Enable TLS (FTPS) for secure login & transfer
Enabling TLS (also known as FTPS) encrypts both the FTP login credentials and file transfers, protecting them from interception over the internet.
This is especially important if you plan to access your FTP server remotely from public networks.
Steps to enable:
1. Generate or obtain an SSL certificate and key (self-signed or from a trusted CA)
2. Edit `/etc/vsftpd.conf` to enable SSL:
#+begin_src conf
ssl_enable=YES
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
require_ssl_reuse=NO
ssl_ciphers=HIGH
#+end_src
3. Restart vsftpd:
#+begin_src bash
sudo systemctl restart vsftpd
#+end_src
4. Configure your FTP client (e.g., FileZilla or ncftp) to use "FTP over TLS"
* Raspberry Pi Information
#+INCLUDE: "pi-storage.org::*Raspberry Pi Information" :only-contents t
Reference in a new issue View git blame Copy permalink