Заметки
Страница заметок [temp]
https://www.kaspersky.ru/small-to-medium-business-security/downloads/endpoint
sudo vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.12.126.102 xwiki.prod.cc.msr.mosreg.ru
10.12.126.102 jenkins-ci-cd.prod.cc.msr.mosreg.ru
10.12.126.97 stat-ift-psi.test.cc.msr.mosreg.rupassbolt
https://www.passbolt.com/docs/hosting/install/ce/docker/
docker compose -f docker-compose.yaml \
exec passbolt su -m -c "/usr/share/php/passbolt/bin/cake \
passbolt register_user \
-u xeonmp22@gmail.com \
-f xeon \
-l mp \
-r admin" -s /bin/sh www-datahttps://www.passbolt.com/docs/api/
https://www.passbolt.com/docs/development/getting-started/
https://www.youtube.com/watch?v=XD3lZFyniCE
PXE
https://wiki.stechmo.ru/bin/view/Red%20OS/Установка%20по%20сети%20(настройка%20PXE)/?srid=tMVIRpt1
Backups
pdc-minsoc-1c-db01
10.12.126.66
Логин ssh: astra_subd
Пароль ssh: Zx123456!
Логин СУБД: postgres
Пароль СУБД: 5qjDzifR
Ресурс для резервных копий 1С
10.50.100.62:/opt/nfs/zkgu.msr.mosreg.ru
Eltex
https://docs.eltex-co.ru/pages/viewpage.action?pageId=499679774
#!/usr/bin/clish
#280
#1.28.1
#2025-03-25
#10:27:37
object-group service dhcp_client
port-range 68
exit
object-group service dhcp_server
port-range 67
exit
object-group service dns
port-range 53
exit
object-group service ntp
port-range 123
exit
object-group service ssh
port-range 22
exit
object-group network trusted
ip prefix 10.12.19.0/24
exit
syslog max-files 3
syslog file-size 512
syslog file tmpsys:syslog/default
severity info
exit
username admin
password encrypted $6$t/ucQIE0uLzBIiUB$k6VyaeZjrhJzrTB4MgasrspRiJJB8FiEgpI9UdRvq.q8yRu4ycrc0IPE..tifWJai0a17Zqzvndy/bDGQs89n0
exit
vlan 2
name "WAN"
exit
vlan 10
name "lan-podved-10"
exit
vlan 11
name "lan-podved-11"
exit
vlan 12
name "lan-podved-12"
exit
no spanning-tree
domain lookup enable
domain nameserver 10.10.51.1
domain nameserver 10.10.52.1
domain nameserver 10.12.19.1
security zone trusted
exit
security zone untrusted
exit
bridge 1
description "lan-factory"
vlan 1
security-zone trusted
ip address 192.168.1.1/24
no spanning-tree
enable
exit
bridge 2
description "WAN"
vlan 2
security-zone untrusted
ip address 10.12.19.5/24
no spanning-tree
enable
exit
bridge 10
description "lan-podved-10"
vlan 10
security-zone trusted
ip address 10.112.22.1/24
no spanning-tree
enable
exit
bridge 11
description "lan-podved-11"
vlan 11
security-zone trusted
ip address 172.28.22.1/24
no spanning-tree
enable
exit
bridge 12
description "lan-podved-12"
vlan 12
security-zone trusted
ip address 172.30.22.1/24
no spanning-tree
enable
exit
interface gigabitethernet 1/0/1
mode switchport
switchport mode trunk
switchport trunk native-vlan 2
switchport trunk allowed vlan add 10-12
exit
interface gigabitethernet 1/0/2
mode switchport
switchport mode trunk
switchport trunk native-vlan 2
switchport trunk allowed vlan add 10-12
exit
interface gigabitethernet 1/0/3
mode switchport
exit
interface gigabitethernet 1/0/4
mode switchport
exit
interface gigabitethernet 1/0/5
mode switchport
exit
interface gigabitethernet 1/0/6
mode switchport
switchport access vlan 2
exit
snmp-server
snmp-server community public 10.12.19.25 rw
snmp-server community public rw
security zone-pair trusted self
rule 10
action permit
match protocol tcp
match destination-port object-group ssh
enable
exit
rule 20
action permit
match protocol icmp
enable
exit
rule 30
action permit
match protocol udp
match source-port object-group dhcp_client
match destination-port object-group dhcp_server
enable
exit
rule 40
action permit
match protocol udp
match destination-port object-group ntp
enable
exit
rule 50
action permit
match protocol tcp
match destination-port object-group dns
enable
exit
rule 60
action permit
match protocol udp
match destination-port object-group dns
enable
exit
exit
security zone-pair trusted trusted
rule 1
action permit
enable
exit
exit
security zone-pair trusted untrusted
rule 1
action permit
enable
exit
exit
security zone-pair untrusted self
rule 1
action permit
match protocol udp
match source-port object-group dhcp_server
match destination-port object-group dhcp_client
enable
exit
rule 10
action permit
match source-address object-group trusted
enable
exit
exit
security passwords default-expired
nat source
ruleset factory
to zone untrusted
rule 11
description "vlan11"
match source-address prefix 172.28.22.0/24
action source-nat netmap 10.112.22.251/32
enable
exit
rule 12
description "vlan12"
match source-address prefix 172.30.22.0/24
action source-nat netmap 10.112.22.252/32
enable
exit
exit
exit
ip dhcp-server
ip dhcp-server pool lan-pool
network 192.168.1.0/24
address-range 192.168.1.2-192.168.1.254
default-router 192.168.1.1
dns-server 192.168.1.1
exit
ip dhcp-server pool lan-pool-11
network 172.28.22.0/24
address-range 172.28.22.10-172.28.22.50
default-router 172.28.22.1
dns-server 172.28.22.1
exit
ip dhcp-server pool lan-pool-12
network 172.30.22.0/24
address-range 172.30.22.10-172.30.22.50
default-router 172.30.22.1
dns-server 172.30.22.1
exit
ip dhcp-server pool lan-pool-10
network 10.112.22.0/24
address-range 10.112.22.10-10.112.22.50
default-router 10.112.22.1
dns-server 10.112.22.1
exit
ip route 0.0.0.0/0 10.12.19.1
ip ssh server
ntp enable
ntp broadcast-client enable
ntp server 10.10.51.1
exit