Topics

  • Network interface configuration
  • NetworkManager (nmcli)
  • Static and DHCP configurations
  • Hostname and DNS management
  • Firewall configuration (firewall-cmd)

exercise_01.sh

executable safe: yes
#!/bin/bash
# @type: executable
# @requires: none
# @safe: yes
set -euo pipefail

# Exercise 1: Use the ip a command to list all network interfaces. 
# Identify the IP address, netmask (in CIDR format), and MAC address for your primary Ethernet interface.
#
# Task: Display network interface information.

ip addr show

exercise_02.sh

executable safe: yes
#!/bin/bash
# @type: executable
# @requires: none
# @safe: yes
set -euo pipefail

# Exercise 2: Use the ip route show command to display the system's current routing table. 
# Identify the default gateway and its associated metric.
#
# Task: Display routing table with gateway information.

ip route show

exercise_03.sh

executable safe: yes
#!/bin/bash
# @type: executable
# @requires: none
# @safe: yes
set -euo pipefail

# Exercise 3: Use nmcli con show to list all available NetworkManager connection profiles. 
# Identify which connections are currently active and on which devices.
#
# Task: List all NetworkManager connections and their status.

nmcli connection show

exercise_04.sh

executable safe: yes
#!/bin/bash
# @type: executable
# @requires: none
# @safe: yes
set -euo pipefail

# Exercise 4: Use nmcli to display all properties for your primary active connection. 
# Note the ipv4.method value.
#
# Task: Display detailed connection properties.

# Get the active connection name
ACTIVE_CON=$(nmcli -t -f NAME,DEVICE connection show --active | head -n1 | cut -d: -f1)

echo "Displaying properties for: $ACTIVE_CON"
echo ""

nmcli con show "$ACTIVE_CON"

exercise_05.sh

executable safe: no requires: root
#!/bin/bash
# @type: executable
# @requires: root
# @safe: no
set -euo pipefail

# Exercise 5: Add a new, persistent NetworkManager connection named lab-dhcp 
# for your second (likely disconnected) Ethernet interface. 
# Ensure it is configured to get an IP address automatically via DHCP and to autoconnect.
#
# Task: Create a new DHCP-based network connection.
#
# Note: Replace 'enp8s0' with your actual second network interface name.

# You may need to identify your second interface first with: ip link show

sudo nmcli con add con-name lab-dhcp type ethernet ifname enp8s0 \
  ipv4.method auto \
  connection.autoconnect yes

echo ""
echo "Connection 'lab-dhcp' created."
nmcli connection show

exercise_06.sh

executable safe: no requires: root
#!/bin/bash
# @type: executable
# @requires: root
# @safe: no
set -euo pipefail

# Exercise 6: Create a new, persistent connection named static1 for your primary interface. 
# Configure it with the following manual settings:
# IP Address: 192.168.122.55/24
# Gateway: 192.168.122.1
# DNS Server: 8.8.8.8
# Autoconnect: no
#
# Task: Create a static IP network configuration.
#
# Note: Replace 'enp1s0' with your actual primary interface name.

sudo nmcli con add con-name static1 type ethernet ifname enp1s0 \
  ipv4.method manual \
  ipv4.addresses 192.168.122.55/24 \
  ipv4.gateway 192.168.122.1 \
  ipv4.dns 8.8.8.8 \
  connection.autoconnect no

echo ""
echo "Connection 'static1' created successfully."
nmcli connection show

exercise_07.sh

executable safe: no requires: root
#!/bin/bash
# @type: executable
# @requires: root
# @safe: no
set -euo pipefail

# Exercise 7: Bring the static1 connection up. 
# Use ip a and ip route to verify that the static IP and new default gateway are active.
#
# Task: Activate a network connection and verify its status.

sudo nmcli con up static1

echo ""
echo "=== IP Address Information ==="
ip a

echo ""
echo "=== Routing Table ==="
ip route

exercise_08.sh

executable safe: no requires: root
#!/bin/bash
# @type: executable
# @requires: root
# @safe: no
set -euo pipefail

# Exercise 8: Add a second IP address, 10.10.10.55/24, to your active static1 connection. 
# Do not remove the original 192.168.122.55/24 address. 
# Verify with ip a that the interface now has both IP addresses.
#
# Task: Add a secondary IP address to an existing connection.

sudo nmcli con mod static1 +ipv4.addresses 10.10.10.55/24

sudo nmcli con up static1

echo ""
echo "Verifying both IP addresses:"
ip a show enp1s0

exercise_09.sh

executable safe: no requires: root
#!/bin/bash
# @type: executable
# @requires: root
# @safe: no
set -euo pipefail

# Exercise 9: Change your system's persistent hostname to server15.test.local.
#
# Task: Set a new system hostname.

sudo hostnamectl set-hostname server15.test.local

echo "Hostname changed to server15.test.local"
echo "Please re-open your shell session to see the change."
echo ""
echo "Current hostname:"
hostnamectl

exercise_10.sh

executable safe: no requires: root
#!/bin/bash
# @type: executable
# @requires: root
# @safe: no
set -euo pipefail

# Exercise 10: Edit the /etc/hosts file to add a new entry. 
# The entry should map the IP address 192.168.122.55 to the hostnames web55.test.local and web55.
#
# Task: Add a hosts file entry.

echo "192.168.122.55  web55.test.local web55" | sudo tee -a /etc/hosts

echo ""
echo "Entry added to /etc/hosts:"
grep "web55" /etc/hosts

exercise_11.sh

executable safe: no requires: root
#!/bin/bash
# @type: executable
# @requires: root
# @safe: no
set -euo pipefail

# Exercise 11: Modify your active connection profile to use the static DNS servers 8.8.8.8 and 8.8.4.4
#
# Task: Configure custom DNS servers for a network connection.

# Get the active connection name
ACTIVE_CON=$(nmcli -t -f NAME,DEVICE connection show --active | grep -v '^lo:' | head -n1 | cut -d: -f1)

echo "Modifying connection: $ACTIVE_CON"

sudo nmcli con mod "$ACTIVE_CON" ipv4.dns "8.8.8.8 8.8.4.4"

sudo nmcli con up "$ACTIVE_CON"

echo ""
echo "DNS servers configured. Contents of /etc/resolv.conf:"
cat /etc/resolv.conf

exercise_12.sh

executable safe: no requires: root
#!/bin/bash
# @type: executable
# @requires: root
# @safe: no
set -euo pipefail

# Exercise 12: Modify the same connection profile to set ipv4.ignore-auto-dns to yes. 
# Reactivate the connection and then inspect the /etc/resolv.conf file 
# to ensure only your manually set DNS servers are present.
#
# Task: Ignore DHCP-provided DNS servers and use only manually configured ones.

# Get the active connection name
ACTIVE_CON=$(nmcli -t -f NAME,DEVICE connection show --active | grep -v '^lo:' | head -n1 | cut -d: -f1)

echo "Modifying connection: $ACTIVE_CON"

sudo nmcli con mod "$ACTIVE_CON" ipv4.ignore-auto-dns yes

sudo nmcli con up "$ACTIVE_CON"

echo ""
echo "Auto-DNS ignored. Contents of /etc/resolv.conf:"
cat /etc/resolv.conf

exercise_13.sh

executable safe: no requires: root
#!/bin/bash
# @type: executable
# @requires: root
# @safe: no
set -euo pipefail

# Exercise 13: Add the http service to the default zone's runtime configuration. 
# Verify it is listed. Then, reload the firewall using firewall-cmd --reload 
# and verify that the http service is now gone (because it was not permanent).
#
# Task: Demonstrate temporary vs permanent firewall rules.

echo "Adding http service temporarily..."
sudo firewall-cmd --add-service=http

echo ""
echo "Current services (runtime):"
sudo firewall-cmd --list-services

echo ""
echo "Reloading firewall..."
sudo firewall-cmd --reload

echo ""
echo "Services after reload (http should be gone):"
sudo firewall-cmd --list-services

exercise_14.sh

executable safe: no requires: root
#!/bin/bash
# @type: executable
# @requires: root
# @safe: no
set -euo pipefail

# Exercise 14: Permanently add TCP port 8080 to the public zone. 
# Reload the firewall and verify that the port is now active in the runtime configuration.
#
# Task: Add a permanent firewall rule for a custom port.

sudo firewall-cmd --zone=public --add-port=8080/tcp --permanent

echo "Port 8080/tcp added permanently."
echo ""

echo "Reloading firewall..."
sudo firewall-cmd --reload

echo ""
echo "Open ports in public zone:"
sudo firewall-cmd --zone=public --list-ports