Configuring Yum Software Repositories

YUM (Yellowdog Updater Modified) is a package management utility that simplifies the installation, updating, and removal of software packages on Linux distributions. By resolving dependencies automatically, it alleviates the need for manual administrative intervention when managing RPM packages. In environments with multiple Linux servers, deploying a centralized repository significantly reduces bandwidth usage and ensures consistency.

Setting Up a Local Repository

To configure a repository from local media, the ISO image must be mounted and a definition file created within the /etc/yum.repos.d/ directory.

mkdir -p /mnt/iso_source
mount /dev/sr0 /mnt/iso_source

cat > /etc/yum.repos.d/local-base.repo << EOF
[local_source]
name=Local Installation Media
baseurl=file:///mnt/iso_source
enabled=1
gpgcheck=0
EOF

yum clean all
yum makecache

Deploying an FTP-Based Repository

For network-wide access, an FTP server can host the software packages. This involves setting up vsftpd, copying the packages, and generating metadata.

Server-Side Configuration:

yum install -y vsftpd
systemctl start vsftpd
systemctl enable vsftpd

mkdir -p /var/ftp/centos-packages
cp -r /mnt/iso_source/* /var/ftp/centos-packages/

# Generate repository metadata
createrepo /var/ftp/centos-packages

Client-Side Configuration:

cat > /etc/yum.repos.d/network-ftp.repo << EOF
[ftp_centos]
name=CentOS FTP Repository
baseurl=ftp://192.168.10.5/centos-packages
enabled=1
gpgcheck=0
EOF

NFS Network File System

Network File System (NFS) allows a system to share directories and files with other systems over a network. Developed by Sun Microsystems, it enables clients to mount remote file systems as if they were local. NFS operates on TCP/IP and relies on the Remote Procedure Call (RPC) mechanism to manage communication between client and server.

NFS Workflow and Mechanism

When a client initiates a file operation (read, write, create), the request is transmitted via TCP to the NFS server. The server utilizes the RPC service (rpcbind) to map the request to the appropriate NFS daemon. The process involves verifying user permissions and file access rights before the kernel executes the operation on the local storage.

NFS Server and Client Configuration

Server Setup:

yum install -y nfs-utils rpcbind

# Create the shared directory
mkdir -p /data/shared_content

# Configure export options
# Syntax: /shared/directory client_ip(options)
echo "/data/shared_content 192.168.10.0/24(rw,sync,no_root_squash)" >> /etc/exports

# Start services in order
systemctl start rpcbind
systemctl start nfs
systemctl enable rpcbind
systemctl enable nfs

# Verify exports
showmount -e localhost

Client Setup:

yum install -y nfs-utils

# Check available shares on server
showmount -e 192.168.10.5

# Create mount point and mount
mkdir -p /mnt/nfs_mount
mount -t nfs 192.168.10.5:/data/shared_content /mnt/nfs_mount

# Verify mount
df -h | grep nfs

# Test write operation
echo "Test Data" > /mnt/nfs_mount/test_file.txt

Network Traffic Capture with Tcpdump

Tcpdump is a powerful command-line packet analyzer used for network troubleshooting and security analysis. It captures packets flowing through a network interface and displays them based on specified criteria.

Syntax and Filter Components

The general usage follows this pattern:

tcpdump [options] [protocol] [direction] [type]

• Protocol: tcp, udp, icmp, ip, arp, etc.
• Direction: src, dst, src and dst, src or dst.
• Type: host, net, port, portrange.

Practical Usage Examples

Capture all ICMP packets related to a specific host:

tcpdump -i eth0 icmp and host 172.16.50.10

Capture TCP traffic on port 80 coming from a specific source address:

tcpdump -i eth0 tcp src port 80 and src host 172.16.50.15

Capture packets for a specific network range:

tcpdump -i eth0 net 172.16.50.0/24