Код: Выделить всё
# jexec 1 csh
www# cd /usr/ports/databases/mysql51-server;make install
=> mysql-5.1.61.tar.gz doesn't seem to exist in /var/ports/distfiles/.
=> Attempting to fetch ftp://ftp.fi.muni.cz/pub/mysql/Downloads/MySQL-5.1/mysql- 5.1.61.tar.gz
fetch: ftp://ftp.fi.muni.cz/pub/mysql/Downloads/MySQL-5.1/mysql-5.1.61.tar.gz: Protocol not supported
=> Attempting to fetch http://mysql.mirrors.cybercity.dk/Downloads/MySQL-5.1/mysql-5.1.61.tar.gz
fetch: http://mysql.mirrors.cybercity.dk/Downloads/MySQL-5.1/mysql-5.1.61.tar.gz: No route to host
www# ping ftp.fi.muni.cz
PING odysseus.fi.muni.cz (147.251.48.205): 56 data bytes
64 bytes from 147.251.48.205: icmp_seq=0 ttl=53 time=73.951 ms
64 bytes from 147.251.48.205: icmp_seq=1 ttl=53 time=73.312 ms
64 bytes from 147.251.48.205: icmp_seq=2 ttl=53 time=73.133 ms
64 bytes from 147.251.48.205: icmp_seq=3 ttl=53 time=73.246 ms
Код: Выделить всё
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 00:00:23:b1:1d:48
inet YY.YY.1.7 netmask 0xffffff00 broadcast XX.XX.1.255
inet YY.YY.2.10 netmask 0xffffff00 broadcast YY.YY.2.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
fwe0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:0c:f3:bd:bd:1e
ch 1 dma -1
fwip0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
lladdr 0.c.f1.0.0.bd.bd.1e.a.2.ff.f3.0.0.0.0
fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=2009<RXCSUM,VLAN_MTU,WOL_MAGIC>
ether 00:0c:f1:bd:bd:1e
inet XX.XX.XX.19 netmask 0xfffffff8 broadcast XX.XX.XX.23
media: Ethernet autoselect (100baseTX <half-duplex>)
status: active
rc.conf:
Код: Выделить всё
hostname="xxx.org.ua"
defaultrouter="X.X.X.17"
ifconfig_fxp0="inet X.X.X.19/29"
ifconfig_rl0="inet Y.Y.1.7 netmask 255.255.255.0"
ifconfig_rl0_alias0="inet Y.Y.2.10 netmask 255.255.255.0"
ezjail_enable="YES"
gateway_enable="YES"
sshd_enable="YES"
ntpdate_enable="YES"
ntpd_enable="YES"
ipnat_enable="NO"
ipnat_rules="/etc/ipnat.rules"
firewall_enable="YES"
firewall_nat_enable="YES"
firewall_type="/etc/ipfw"
rinetd_enable=NO
named_enable="YES"
named_program="/usr/sbin/named"
named_flags="-u bind -c /etc/namedb/named.conf"
Код: Выделить всё
domain xxx.org.ua
nameserver 127.0.0.1
search userserver.local
domain userserver.local
Код: Выделить всё
add 1040 allow ip from any to any via rl0
add 1044 deny all from any to 127.0.0.0/8
add 1048 deny ip from 127.0.0.0/8 to any
# Запрещаем частные сети на внешнем интерфейса
add 10101 deny log ip from any to 192.168.0.0/16 in recv fxp0
add 10102 deny log ip from 192.168.0.0/16 to any in recv fxp0
add 10103 deny log ip from any to 172.16.0.0/12 in recv fxp0
add 10104 deny log ip from 172.16.0.0/12 to any in recv fxp0
add 10110 deny log ip from any to 169.254.0.0/16 in recv fxp0
add 10120 deny log ip from 169.254.0.0/16 to any in recv fxp0
# Incoming Pings
add 10135 allow icmp from any to me icmptypes 8 in recv rl0
#add 10135 allow icmp from any to me icmptypes 8 in recv rl1
add 10138 allow icmp from any to me icmptypes 8 in recv fxp0
# Настройка NAT
nat 1 config log if fxp0 reset same_ports deny_in
add 10162 nat 1 ip from any to any via fxp0
#Deny all
add 65534 deny log all from any to any
Код: Выделить всё
security.jail.allow_raw_sockets=1
security.jail.chflags_allowed=1
rc.conf
Код: Выделить всё
network_interfaces=""
cron_flags="$cron_flags -J 15"
syslogd_flags="-ss"
sshd_enable="YES"
named_enable="NO"
Код: Выделить всё
search userserver.local
domain userserver.local
