本地裸机安装EVE-NG | Word Count: 2.7k | Reading Time: 14mins | Post Views:
从微信群文件里面翻出来的指导手册,现在还能用,只是忘了出处了,大约应该是51CTO教RHCA的庚老师的笔记。
1、安装前准备 1 2 3 4 5 6 7 8 9 10 11 12 13 1 、裸机一台,建议组“洋垃圾”,内存64g以上,CPU 16 线程以上,500g以上固态盘 2 、U盘:8G以上 3 、准备一个引导系统的windows系统 4 、Rufus软件(ubuntu启动盘制作工具,百度下载) 5 、准备ubuntu16.04.7的安装镜像 6 、eve—ng材料包 7 、良好的internet环境 8 、定制linux镜像(包含ubuntu、SUSE,centos-stream) 9 、EVE-NG官方文档 材料包链接: 链接:https://pan.baidu.com/s/14QbWkX8C7-iy-NwbVzUNRg 提取码:dos6
2、制作U盘启动盘 使用Rufus软件制作一个ubuntu16的启动盘
3、安装ubuntu16操作系统 安装ubuntu16操作系统为EVE-NG的底层系统,参考 官方文档的3.3章节
4、修改ubuntu系统配置 1、修改SSH-Server配置 1 2 3 4 5 6 7 8 9 10 先使用普通用户登录 sudo -i echo 1 | passwd --stdin root vim /etc/ssh/sshd_config PermitRootLogin yes systemctl restart sshd
2、修改主机名和解析文件 1 2 3 4 5 6 7 8 9 10 root@eve-ng:~# cat /etc/hosts 127.0 .0 .1 localhost 192.168 .31 .54 eve-ng.eve-ng.net eve-ng 127.0 .0 .127 xml.cisco.com root@eve-ng:~# cat /etc/hostname eve-ng
3、取消ubuntu系统网卡命名规则 1 root@eve-ng:~# vim /etc/default/grub
1 root@eve-ng:~# update-grub
4、修改网卡配置文件 由于重启之后网卡的名字会发生变化,所以我们要在重启之前修改网卡配置文件,以免重启之后,网卡配置文件错误而导致断网。
1 2 3 4 5 root@eve-ng:~# cat /etc/network/interfaces auto eth0 iface eth0 inet dhcp
5、EVE-NG的安装 1、先更新ubuntu系统 1 2 3 4 5 sed -i 's/cn.archive.ubuntu.com/mirrors.163.com/' /etc/apt/sources.list sed -i 's/security.ubuntu.com/mirrors.163.com/' /etc/apt/sources.list apt update apt upgrade
2、把材料包拷贝到ubuntu上 1 2 3 4 5 root@eve-ng:~# ls | grep eve-ng裸机材料.zip eve-ng裸机材料.zip root@eve-ng:~# apt install unzip root@eve-ng:~# unzip eve-ng裸机材料.zip
3、使用官方脚本安装eve-ng 1 2 3 4 chmod u+x install-eve.sh./install-eve.sh
接下来就是长久的等待了,安装下载的文件基本都在国外,一般1个多小时,可以配置科学上网来提升网速,具体请百度。
安装过程中别重启,Ctrl+c!!!!别!!!别!!!
等安装完成后重启机器
4、eve-ng的初始化配置 当重启结束后,ssh连接到机器会出现eve-ng的初始化配置界面
后面就是一路回车,结束之后,eve-ng会自动重启,重启之后在web浏览器上输入eve-ng的IP地址就可以登陆到eve-ng 的web界面了。
默认的eve-ng的用户名是admin,密码是eve
6、EVE-NG定制内容 1、图标定制 1 2 3 4 root@eve-ng:~# mv *png /opt/unetlab/html/images/icons/ Switch.png Server.png Router.png Desktop4.png
2、取消不可用模板 1 2 root@eve-ng:~# mv config.php /opt/unetlab/html/include
3、模板定制 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 root@eve-ng:~# mv custom_templates.yml /opt/unetlab/html/includes/ root@eve-ng:~# cat /opt/unetlab/html/includes/custom_templates.yml --- custom_templates: - name: h3cvsr listname: H3CVSR - name: centos listname: CentOS - name: ubuntu listname: Ubuntu - name: suse listname: Suse - name: fedora listname: Fedora - name: rhel listname: RHEL ... root@eve-ng:~#mv h3cvsr.yml win.yml suse.yml ubuntu.yml centos.yml /opt/unetlab/html/templates/intel
4、dhcp hub定制 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 root@eve-ng:~# ip link show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link /loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master pnet0 state UP mode DEFAULT group default qlen 1000 link /ether 00:e0:9a:68:00:94 brd ff:ff:ff:ff:ff:ff 3: pnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000 link /ether 00:e0:9a:68:00:94 brd ff:ff:ff:ff:ff:ff 4: pnet1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link /ether ae:c1:9e:e2:d8:49 brd ff:ff:ff:ff:ff:ff 5: pnet2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link /ether 1a:da:24:6d:5a:ac brd ff:ff:ff:ff:ff:ff 6: pnet3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link /ether b6:a2:23:14:3b:7f brd ff:ff:ff:ff:ff:ff 7: pnet4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link /ether fa:16:1d:6b:22:92 brd ff:ff:ff:ff:ff:ff 8: pnet5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link /ether 4a:be:2f:38:0c:d1 brd ff:ff:ff:ff:ff:ff 9: pnet6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link /ether 9a:99:4c:bf:9c:82 brd ff:ff:ff:ff:ff:ff 10: pnet7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link /ether be:30:8a:29:97:da brd ff:ff:ff:ff:ff:ff 11: pnet8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link /ether d6:50:cf:90:58:3d brd ff:ff:ff:ff:ff:ff 12: pnet9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link /ether ea:51:67:30:80:52 brd ff:ff:ff:ff:ff:ff root@eve-ng:~# brctl show bridge name bridge id STP enabled interfaces pnet0 8000.00e09a680094 no eth0 pnet1 8000.000000000000 no pnet2 8000.000000000000 no pnet3 8000.000000000000 no pnet4 8000.000000000000 no pnet5 8000.000000000000 no pnet6 8000.000000000000 no pnet7 8000.000000000000 no pnet8 8000.000000000000 no pnet9 8000.000000000000 no
当一个eve-ng里的设备连接到了cloudx就相当于在Ubuntu桥接到了pnetx
给pnet1到pnet9的配置地址,pnet0是你物理网卡的地址,不要修改。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 root@eve-ng:~# cat > /etc/network/interfaces << END # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface iface eth0 inet manual auto pnet0 iface pnet0 inet static address 192.168.2.137 netmask 255.255.255.0 gateway 192.168.2.1 dns-nameservers 114.114.114.114 bridge_ports eth0 bridge_stp off # Cloud devices iface eth1 inet manual auto pnet1 iface pnet1 inet static address 10.163.1.200 netmask 255.255.255.0 bridge_ports eth1 bridge_stp off iface eth2 inet manual auto pnet2 iface pnet2 inet static address 10.163.2.200 netmask 255.255.255.0 bridge_ports eth2 bridge_stp off iface eth3 inet manual auto pnet3 iface pnet3 inet static address 10.163.3.200 netmask 255.255.255.0 bridge_ports eth3 bridge_stp off iface eth4 inet manual auto pnet4 iface pnet4 inet static address 10.163.4.200 netmask 255.255.255.0 bridge_ports eth4 bridge_stp off iface eth5 inet manual auto pnet5 iface pnet5 inet static address 10.163.5.200 netmask 255.255.255.0 bridge_ports eth5 bridge_stp off iface eth6 inet manual auto pnet6 iface pnet6 inet static address 101.163.6.200 netmask 255.255.255.0 bridge_ports eth6 bridge_stp off iface eth7 inet manual auto pnet7 iface pnet7 inet static address 101.163.7.200 netmask 255.255.255.0 bridge_ports eth7 bridge_stp off iface eth8 inet manual auto pnet8 iface pnet8 inet manual address 101.163.8.200 netmask 255.255.255.0 bridge_ports eth8 bridge_stp off iface eth9 inet manual auto pnet9 iface pnet9 inet static address 101.163.9.200 netmask 255.255.255.0 bridge_ports eth9 bridge_stp off END root@eve-ng:~# apt update root@eve-ng:~# apt install isc-dhcp-server cat > /etc/dhcp/dhcpd.conf <<END #subnet 10.163.1.0 netmask 255.255.255.0 { subnet 10.163.1.0 netmask 255.255.255.0 { range 10.163.1.100 10.163.1.199; option domain-name-servers 114.114.114.114; option subnet-mask 255.255.255.0; option routers 10.163.1.200; default-lease-time 600; max-lease-time 7200; } subnet 10.163.2.0 netmask 255.255.255.0 { range 10.163.2.100 10.163.2.199; option domain-name-servers 114.114.114.114; option subnet-mask 255.255.255.0; option routers 10.163.2.200; default-lease-time 600; max-lease-time 7200; } subnet 10.163.3.0 netmask 255.255.255.0 { range 10.163.3.100 10.163.3.199; option domain-name-servers 114.114.114.114; option subnet-mask 255.255.255.0; option routers 10.163.3.200; default-lease-time 600; max-lease-time 7200; } subnet 10.163.4.0 netmask 255.255.255.0 { range 10.163.4.100 10.163.4.199; option domain-name-servers 114.114.114.114; option subnet-mask 255.255.255.0; option routers 10.163.4.200; default-lease-time 600; max-lease-time 7200; } subnet 10.163.5.0 netmask 255.255.255.0 { range 10.163.5.100 10.163.5.199; option domain-name-servers 114.114.114.114; option subnet-mask 255.255.255.0; option routers 10.163.5.200; default-lease-time 600; max-lease-time 7200; } subnet 101.163.6.0 netmask 255.255.255.0 { range 101.163.6.100 101.163.6.199; option domain-name-servers 114.114.114.114; option subnet-mask 255.255.255.0; option routers 101.163.6.200; default-lease-time 600; max-lease-time 7200; } subnet 101.163.7.0 netmask 255.255.255.0 { range 101.163.7.100 101.163.7.199; option domain-name-servers 114.114.114.114; option subnet-mask 255.255.255.0; option routers 101.163.7.200; default-lease-time 600; max-lease-time 7200; } subnet 101.163.8.0 netmask 255.255.255.0 { range 101.163.8.100 101.163.8.199; option domain-name-servers 114.114.114.114; option subnet-mask 255.255.255.0; option routers 101.163.8.200; default-lease-time 600; max-lease-time 7200; } subnet 101.163.9.0 netmask 255.255.255.0 { range 101.163.9.100 101.163.9.199; option domain-name-servers 114.114.114.114; option subnet-mask 255.255.255.0; option routers 101.163.9.200; default-lease-time 600; max-lease-time 7200; } END root@eve-ng:~# systemctl restart isc-dhcp-server for i in {1..9}do cat >>/etc/network/interfaces<<end iface pnet$i inet manual auto pnet$i iface pnet$i inet static address 192.168.10$i.2 netmask 255.255.255.0 bridge_ports eth0 bridge_stp off end done for i in {1..9}do cat >>/etc/dhcp/dhcpd.conf<<end subnet 192.168.10$i.0 netmask 255.255.255.0 { range 192.168.10$i.10 192.168.10$i.100; option domain-name-servers 114.114.114.114; option subnet-mask 255.255.255.0; option routers 192.168.10$i.2; option broadcast-address 192.168.10$i.255; default-lease-time 600; max-lease-time 7200; } end done
此时任何网络设备连接到任何一个cloud上,都会获得这个cloud对应的pnet网段上的地址,并且能拿到对应的网关和dns。
5、互联网定制访问 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 cat > /etc/rc.local <<END #!/bin/bash snat=`ifconfig pnet0 | grep "inet addr" | cut -d":" -f 2 | cut -d " " -f1` iptables -t nat -A POSTROUTING -s 10.163.0.0/16 -o pnet0 -j SNAT --to $snat iptables -t nat -A POSTROUTING -s 101.163.0.0/16 -o pnet0 -j SNAT --to $snat exit 0 END chmod u+x /etc/rc.localroot@eve-ng:~# iptables -L -t nat -n Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain INPUT (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination SNAT all -- 10.163.0.0/16 0.0.0.0/0 to:192.168.31.54 SNAT all -- 101.163.0.0/16 0.0.0.0/0 to:192.168.31.54
6、shell定制 1 2 3 4 5 vim .bashrc alias fix='/opt/unetlab/wrappers/unl_wrapper -a fixpermissions' source .bashrc
7、镜像定制 1 2 3 4 5 6 7 bin目录下文件拷贝到/opt/unetlab/addons/iol/bin/ 其他所有文件都放到/opt/unetlab/addons/qemu/ 然后输入fix root@eve-ng:~# fix
8、思科镜像激活 1 2 3 4 mv bin/* /opt/unetlab/addons/iol/bin/cd /opt/unetlab/addons/iol/bin/vim creck.py
1 root@eve-ng:/opt/unetlab/addons/iol/bin# python crack.py | grep license -A1 >iourc
9、镜像密码
