Chapter 3. Prerequisites

Table of Contents

OS Configuration
Static IP Address And Name
ISP Requests
Port Forwarding
NFS File Sharing
Database Configuration

OS Configuration

There are a number of prerequisites to successful operation of a WACS server, and the first group of these depend on the web server host operating system being correctly configured. Later ones depend on the configuration of the database and NFS file serving sub-system to work.

Static IP Address And Name

For any web-based application to be successfully deployed, one of the most important things is that the webserver be reachable on a reliable URL. This is unfortunately not as straight forward as it sounds as in most other fields of activity, networked computers just work fine if allocated the next available network address. This is not the case with web servers. The first step then to getting a host configured to be a web server is to ensure it will always appear as the same name on the same IP (network) address each time it boots up.

In a typical home or small office network, the network router box (ADSL or Cable router) can be configured to do this for you. The first step is to determine the ethernet address of the host concerned; you can do this with the ifconfig command when run as root. It is usually best to specify the relevant network interface which will usually be the first ethernet interface, known as eth0. The output should look something like this:

Example 3.1. Determining The Ethernet Address

# ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 00:11:2F:54:86:D5  
          inet addr:192.168.1.10  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::211:2fff:fe54:86d5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:100576 errors:0 dropped:0 overruns:0 frame:0
          TX packets:79057 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:64722164 (61.7 MiB)  TX bytes:51569420 (49.1 MiB)
          Interrupt:17 

#

You need the HWaddr which in this case is 00:11:2F:54:86:D5. Log into the administrative interface of your router, and look for either DNS or LAN settings; you should be able to find an option here to reserve an address for a specific machine. You need to pick a name and an IP address to be allocated to it; most home networks use the Class-C non-routed address range which means the network numbers start 192.168. - your router will have probably choosen either 192.168.0.1 or 192.168.1.1 for it's own address. You need to stick to whatever the router has choosen for the first three couplets of numbers as that will be your local network number. Lets assume we want to call the server nemesis, then we'd be looking to enter the following into the network number reservation list in the router configuration.

Configuration ItemExample Value
Ethernet Address00:11:2F:54:86:D5
IP Address192.168.1.10
Host Namenemesis
[Warning]Warning

Depending upon the ADSL/Cable router design you may also want to specify your internet domain and you may need to modify the automatically allocated address range it uses to avoid conflicts. You'll have to refer to the manual for the router to determine this.

You may additionally want to set the hostname within the operating system itself to the same name, and you might want to fix the address in the server's own configuration to make it come up on that network address even if the ADSL/Cable router is down when it reboots. How this is done varies even between Linux distributions, so you will have to refer to the documentation of your particular distribution on how to do this.

ISP Requests

You will probably also want to ask your Internet Service Provider for a number of specific changes to be made to your account. The minimum you almost certainly want to ask for is "a static IP address" - this means that whenever your ADSL router makes a request for an Internet address to be allocated to it, it will always be given the same one. If you don't want to let on what it's actually for, and remember that a WACS server may well be holding content in violation of their terms and conditions of service, you can say that your employer wants to know a fixed network address to add to their security access list in order to allow you to access their corporate network from home.

[Warning]Warning

This terms and conditions thing is annoying. If you have your WACS system secured so that only people with passwords you've issued them can access it, your ISP will probably never know and to some extent it's an invasion of privacy for them to dictate to you what you may or may not do with your own system. Do remember that WACS is released in the public domain in the hope that it will be useful, but the license explicitly disclaims liability for any damages caused through it's malfunction or use. It's not impossible that some bug in our security code might now or at some point in the future expose your collection unintentionally. You have got to understand that that risk is on your head if you make your server accessible to the internet. Quite apart from this be wary of throwing it open to general access as people from netnanny services hunting down sources of unsuitable material could end up blacklisting their whole IP address range with serious commercial consequences for them and other mainstream web sites hosted by them. In that situation they'll have a genuine grievance with you and may well come after you with lawyers which is usually pretty nasty...

[Tip]Tip

While talking to your ISP, it's worth saying to them that you wish to access files on your system from outside, for your personal use only, and that you'd like to know if any protocols or port numbers are blocked at their firewall. Many (unfortunately) block http, but you can always move the actual port number used by your WACS web server to a different one, providing you know that you're going to have to.

The second thing that is useful is a standard domain name for your home network; this can be a domain name you've bought or merely a fixed name within their namespace. If you get a domain name, for instance, mydomain.info, it's helpful to get them to name the system in the DNS records for that domain, ie nemesis.mydomain.info so that the same hostname works both inside your local network and outside in the general internet. Note that if you only get the static IP address from your ISP, you can buy a domain name through a third party domain name seller and configure that to give the static IP address allocated to you by your ISP when asked for nemesis.mydomain.info. The cost of this can be very low, especially on the lesser domains like .net, .info, etc.

Port Forwarding

If you want your WACS server to be accessible from the internet, you will have to configure your ADSL/Cable router to do port forwarding. For basic web serving, all you need is TCP/IP port 80 (http) open. You do this by going into your routers NAT Firewall Rules configuration option and set up port forwarding rules for port 80/HTTP to forward to whatever address you set your server up with; if you did this with the example above, the rule would be:

port 80/tcp (http) is forwarded to 192.168.1.10 port 80
[Note]Note

On many simpler router boxes, the port number can only be forwarded to the same port number on the desination host, so it won't ask you the destination port number. port 80 will be implicit for a port 80 forward.

If your ISP's firewall rules cause you to have to move to a different port, you will need to configure the apache web server to listen on the other port number too (Port 80 is in the standard httpd.conf file, you can add a second line, say Port 8080 straight after it. You will also need to modify the wacs.cfg file's server section to have http://nemesis.mydomain.info:8080/ instead of http://nemesis.mydomain.info/ in each attribute. It does work just fine though...