Showing posts with label openbsd. Show all posts
Showing posts with label openbsd. Show all posts
Saturday, December 24, 2011
Wednesday, March 23, 2011
unable to build ports in OpenBSD 4.8 - SOLVED
From root's .profile, comment this out:
...
if [ -x /usr/bin/tset ]; then
if [ X"$XTERM_VERSION" = X"" ]; then
eval `/usr/bin/tset -sQ '-munknown:?vt220' $TERM`
else
eval `/usr/bin/tset -IsQ '-munknown:?vt220' $TERM`
fi
fi
...
and add this:
export TERM=vt100
...
if [ -x /usr/bin/tset ]; then
if [ X"$XTERM_VERSION" = X"" ]; then
eval `/usr/bin/tset -sQ '-munknown:?vt220' $TERM`
else
eval `/usr/bin/tset -IsQ '-munknown:?vt220' $TERM`
fi
fi
...
and add this:
export TERM=vt100
reinstall openbsd ports
tar -xvzpf base48.tgz -C/
tar -xvzpf comp48.tgz -C/
tar -xvzpf xbase48.tgz -C/
tar -xvzpf comp48.tgz -C/
tar -xvzpf xbase48.tgz -C/
Monday, September 20, 2010
Friday, July 30, 2010
symon/symux/syweb installation on openbsd 4.4
mkdir /mnt/cdrom
mount /dev/cd0c /mnt/cdrom/
cd /
tar -zxvf /mnt/cdrom/4.4/i386/xbase44.tgz
ldconfig /usr/X11R6/lib /usr/local/lib
pkg_add -v http://ftp.openbsd.org/pub/OpenBSD/4.4/packages/i386/libart-2.3.20p0.tgz
pkg_add -v http://ftp.openbsd.org/pub/OpenBSD/4.4/packages/i386/png-1.2.28.tgz
pkg_add -v http://ftp.openbsd.org/pub/OpenBSD/4.4/packages/i386/rrdtool-1.2.23p0.tgz
pkg_add -v http://ftp.openbsd.org/pub/OpenBSD/4.4/packages/i386/wget-1.11.3.tgz
pkg_add -v http://ftp.openbsd.org/pub/OpenBSD/4.4/packages/i386/pcre-7.7p0.tgz
pkg_add -v http://ftp.openbsd.org/pub/OpenBSD/4.4/packages/i386/php5-fastcgi-5.2.6.tgz
pkg_add -v http://ftp.openbsd.org/pub/OpenBSD/4.4/packages/i386/php5-mbstring-5.2.6.tgz
echo "env -i PHP_FCGI_CHILDREN=5 PHP_FCGI_MAX_REQUESTS=1000 /usr/local/bin/php-fastcgi -q -c /var/www/conf/ -b 127.0.0.1:8888 &" > /root/run_php-fastcgi.sh && chmod 700 /root/run_php-fastcgi.sh
ln -s /var/www/conf/modules.sample/php5.conf /var/www/conf/modules
ln -fs /var/www/conf/php5.sample/mbstring.ini /var/www/conf/php5/mbstring.ini
mkdir /var/www/tmp
tar zxvf ./syweb-0.59.tar.gz
tar zxvf ./symon-2.80.tar.gz
cd symon
make && make install
cp ./symon/symon.conf /etc/symon.conf
cp ./symux/symux.conf /etc/symux.conf
cp ./symon/hifn_test.layout /var/www/symon/
useradd -d /var/empty -L daemon -c 'symon Account' -s /sbin/nologin _symon
/usr/local/libexec/symon
mkdir /var/www/symon /var/www/symon/rrds /var/www/symon/rrds/localhost
#fix up symux.conf here
./symux/c_smrrds.sh all
echo > /etc/symon.conf <#
# Demo configuration for symon. See symon(8) for BNF.
#
monitor { cpu(0), mem,
if(lo0),
pf,
mbuf,
# sensor(0),
proc(sshd),
if(em0),
io(wd0)
} stream to 127.0.0.1 2100
EOF
echo > /etc/symux.conf <#
mux 127.0.0.1 2100
source 127.0.0.1 {
accept { cpu(0), mem, pf,
if(em0),
if(lo0),
io(wd0),
df(sd0a) }
datadir "/var/www/symon/rrds/localhost"
}
EOF
Saturday, April 24, 2010
backup your failing system hard drive and mount it under ubuntu
i heard some clicking coming from the hard drive of my openbsd firewall the other day. i have put a lot of time into this thing and i dont want to lose it. I have more hard drives, but i dont want to lose everything on this one. this system run on an an old Dell b733r, PIII w/256MB RAM. I love it. Its Perfect.
#on failing host, do not skip this critical step
disklabel -v wd0c > failing_host_disklabel.info && scp ./failing_host_disklabel.info root@stable_host:.
#on stable host
nc -p 2222 -l | bzip2 -d | dd of=/root/failing_host.img
#on failing host
bzip2 -c /dev/wd0c | nc stable_host 2222
#wait for completion ...
#on stable host
#test to see if image is good
sfdisk -l failing_host.img
sfdisk -d failing_host.img
fdisk -l -u failing_host.img
#take offset from disklabel.info: offset * bytes/sector = [value]
#default value for dd block size (bytes/sector) is 512, adjust as necessary
mount -v -o ro,loop,offset=[value],ufstype=44bsd -t ufs ./failing_host.img /mnt/failing_host
#if it fails and you get a message in dmesg that says:
#
#[some.date] ufs_read_super: bad magic number
#
# it means you have the wrong offset value
Monday, April 5, 2010
resolve IP's of established connections using pfctl
pfctl -s state | grep 'EST' | grep -v '<-' | awk '{print $6}' | cut -d":" -f1 | xargs dig +short -x
Thursday, January 14, 2010
import dshield block list for pf
/usr/local/bin/wget -q -O - http://feeds.dshield.org/block.txt | egrep -v '#|Start' | awk '{print $1 "/24"}' | sed -n '4,50p;50p' > /etc/pf.blocklist.dshield && pfctl -f /etc/pf.conf
Friday, August 14, 2009
slowloris ddos aversion
use Nginx and openBSD/pf to protect Apache.
http://nginx.net/
here's some configuration help.
https://calomel.org/nginx.html
http://nginx.net/
here's some configuration help.
https://calomel.org/nginx.html
Wednesday, February 4, 2009
How to view pflog
Viewing the pflog file:
# tcpdump -n -e -ttt -r /var/log/pflog
A real-time display of logged packets:
# tcpdump -n -e -ttt -i pflog0
# tcpdump -n -e -ttt -r /var/log/pflog
A real-time display of logged packets:
# tcpdump -n -e -ttt -i pflog0
Wednesday, November 19, 2008
SSH Remote Command Execution
The following example allows you to execute a command on a remote system and return the results of the command without a shell session.
Simply include the command immediately after the normal ssh session request. Here's an easy one for a periodic secure rule integrity check on openBSD using pf.
ssh someuser@ip.add.re.ss 'pfctl -s rules | openssl sha1'
Simply include the command immediately after the normal ssh session request. Here's an easy one for a periodic secure rule integrity check on openBSD using pf.
ssh someuser@ip.add.re.ss 'pfctl -s rules | openssl sha1'
Friday, November 7, 2008
Use sshfs to Securely Mount Remote File Systems
The following commands can be used on *BSD systems.
# pkg_add -r fusefs-sshfs
# kldload /usr/local/modules/fuse.ko
# sysctl vfs.usermount=1
# mkdir /mnt/docs
# sshfs user@x.x.x.x:/some/remote.dir /mnt/local.dir
# pkg_add -r fusefs-sshfs
# kldload /usr/local/modules/fuse.ko
# sysctl vfs.usermount=1
# mkdir /mnt/docs
# sshfs user@x.x.x.x:/some/remote.dir /mnt/local.dir
Monday, November 3, 2008
Increase the size of the history buffer in openBSD
Add the following lines to ./.profile
HISTSIZE=50;export HISTSIZE
HISTFILE=.ksh_history;export HISTFILE
Saturday, November 1, 2008
How to Manually Install the Ports Collection
# cd /usr
# ftp ftp://ftp.openbsd.org/pub/OpenBSD/4.4/ports.tar.gz
# tar zxvf ./ports.tar.gz
# ftp ftp://ftp.openbsd.org/pub/OpenBSD/4.4/ports.tar.gz
# tar zxvf ./ports.tar.gz
Reset the root password on OpenBSD or FreeBSD
Start or reboot the system.
At the boot prompt:
At the boot prompt:
boot> boot -s
# mount -uw / #make / writable
# mount /usr #mount /usr
# passwd #change the password
#reboot
How to add a permanant route in OpenBSD
add a line to /etc/hostname.[if_name]
!route add -net [network_ip/cidr] [gateway_ip]
!route add -host [host_ip] [gateway_ip]
# Add a network
!route add -net 10.10.1.0/24 172.18.1.1
#Add a host
!route add -host 10.10.1.18 172.18.1.1
!route add -net [network_ip/cidr] [gateway_ip]
!route add -host [host_ip] [gateway_ip]
# Add a network
!route add -net 10.10.1.0/24 172.18.1.1
#Add a host
!route add -host 10.10.1.18 172.18.1.1
How to use Ports
If you want to add packages to FreeBSD or OpenBSD (others?), you'll want to use the package collection called 'ports'.
# mkdir /usr/ports && cd /usr/ports
# portsnap fetch
# portsnap extract
This creates the directory heirarchy under /usr/ports and downloads the header files among other files for each package. When installing new packages, after the ports collection has been created on a given system, execute the following command to update the collection.
# portsnap fetch update
for more information, go here.
# mkdir /usr/ports && cd /usr/ports
# portsnap fetch
# portsnap extract
This creates the directory heirarchy under /usr/ports and downloads the header files among other files for each package. When installing new packages, after the ports collection has been created on a given system, execute the following command to update the collection.
# portsnap fetch update
for more information, go here.
Subscribe to:
Posts (Atom)