Port di FReeBSD

| Saturday, August 25, 2007

cd /usr/ports/ports-mgmt/portupgrade
make install clean
It's now possible to update all the software on the system by running the command:
portupgrade -ai

portaudit
which shows the published vulnerabilities affecting the packages installed on your system
As the superuser root, run:
cd /usr/ports/ports-mgmt/portaudit
and then
make install clean

It's now possible to update the vulnerabilities database and audit the installed packages by running the command:
portaudit -Fa

Those are some tricks you may find useful:
to show the differences between the version of the installed packages and the ones of the ports collection currently present on the system, run:
pkg_version -v

to print some informations of a port, like it's dependencies, for example of asterisk, run, in the /usr/ports folder, the command:
make search name=asterisk

to print the dependencies of an installed package, for example of gmake, run:
pkg_info -xr gmake


to print the dependencies of a package, even not installed, for example of proftpd, run, in the folder of it's port, the command:
make pretty-print-build-depends-list
but first you have to run, in the /usr/ports folder, the command:
make index
which, after a while, will build an index with the informations of the packages

And if, for example, the package portupgrade is installed, it's manual can be viewed by running:
man portupgrade

bwD

| Thursday, August 23, 2007

libpcap from http://www.tcpdump.org/
libpng from http://www.libpng.org/
libgd from http://www.boutell.com/gd/

Download libcap in http://www.tcpdump.org/ and install

zlib – Free open source compression library
fetch http://www.zlib.net/zlib-1.2.3.tar.gz
tar xvf zlib-1.2.3.tar.gz
cd zlib-1.2.3
./configure
make && make install

libpng – PNG reference library for creating graphics / images

fetch http://easynews.dl.sourceforge.net/sourceforge/libpng/libpng-1.2.10.tar.gz
tar xvf libpng-1.2.10.tar.gz
cd libpng-1.2.10
./configure
make && make install

fetch http://www.boutell.com/gd/http/gd-2.0.33.tar.gz
tar xvf gd-2.0.33.tar.gz
cd gd-2.0.33
./configure --disable-shared --with-gd-lib=/usr/local/lib --with-gd-inc=/usr/local/include/
make
make install

Download bandwidthd-2.0.1.tgz
./configure && make && make install
ee /usr/local/bandwidthd/etc/bandwidthd.conf
subnet 10.10.10.0/25
dev "rl0"

/usr/local/bandwidthd/bandwidthd, akan mengcreate /usr/local/bandwidthd/htdocs
arahkan document directory webserver ke folder tsb & aktifkan webserver.

^___________^

FreeRadius dan my SQL

|

INSTALL mySQL:
Pertama install dulu mysql, saya menggunakan mySql 5.
Jika sudah jalankan dan otomatisasi shg berjalan sewaktu reboot.

INSTALL FreeRadius:
cd /usr/ports/net/freeradius
% make && make install
Pilih mySQL support dan SNMP (optional).

CONFIGURE freeRADIUS:
% cd /usr/local/etc/raddb
Pastikan file² berikut ada

% clients.conf (basic config cukup & memakai localhost)

% users
Untuk pengetesan pertama tambahkan baris
ainoer Auth-Type := Local, User-Password == "testpass"

% cp snmp.conf.sample snmp.conf
% cp sql.conf.sample sql.conf
% cp huntgroups.sample huntgroups
% cp dictionary.sample dictionary
% cp hints.sample hints
% cp acct_users.sample acct_users
% cp preproxy_users.sample preproxy_users


% cp radiusd.conf.sample radiusd.conf
Edit radiusd.conf,
log_auth = yes
log_auth_badpass = yes
log_auth_goodpass = yes

% radiusd -X &
% radtest ainoer testpass localhost 1812 testing123

Jika berhasil ada indikasi sbb :
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=119, length=20


CREATE DATABASE & TABEL
Login ke mysql dan create database dengan nama radius.
Carilah file dengan nama db_mysql.sql kemudian import ke database.
/bin/mysql -u root radius < /usr/local/share/examples/freeradius/db_mysql.sql

Masukkan record² berikut :
INSERT INTO radcheck (UserName, Attribute, Value) VALUES ('rahma', 'Password', 'passku');
INSERT INTO radgroupcheck (GroupName, Attribute, Value) VALUES ('dynamic', 'Auth-Type', 'Local');
INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES ('dynamic', 'Framed-Compression', ':=', 'Van-Jacobsen-TCP-IP');
INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES ('dynamic', 'Framed-Protocol', ':=', 'PPP');
INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES ('dynamic', 'Service-Type', ':=', 'Framed-User');
INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES ('dynamic', 'Framed-MTU', ':=', '1500');
INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES ('dynamic', 'X-Ascend-Assign-IP-Pool', ':=', '0');
INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES ('dynamic', 'X-Ascend-Maximum-Time', ':=', '7200');
INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES ('dynamic', 'X-Ascend-Route-IP', ':=', 'Route-IP-Yes');
INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES ('dynamic', 'Idle-Timeout', ':=', '1800');
INSERT INTO usergroup (UserName, GroupName) VALUES ('rahma', 'dynamic');

select * from radcheck;
+----+----------+-----------+----+--------+
| id | UserName | Attribute | op | Value |
+----+----------+-----------+----+--------+
| 1 | rahma | Password | == | passku |
+----+----------+-----------+----+--------+

mysql> select * from radgroupcheck;
+----+-----------+-----------+----+-------+
| id | GroupName | Attribute | op | Value |
+----+-----------+-----------+----+-------+
| 1 | dynamic | Auth-Type | := | Local |
+----+-----------+-----------+----+-------+

select * from radgroupreply;
+----+-----------+-------------------------+----+---------------------+------+
| id | GroupName | Attribute | op | Value | prio |
+----+-----------+-------------------------+----+---------------------+------+
| 1 | dynamic | Framed-Compression | := | Van-Jacobsen-TCP-IP | 0 |
| 2 | dynamic | Framed-Protocol | := | PPP | 0 |
| 3 | dynamic | Service-Type | := | Framed-User | 0 |
| 4 | dynamic | Framed-MTU | := | 1500 | 0 |
| 5 | dynamic | X-Ascend-Assign-IP-Pool | := | 0 | 0 |
| 6 | dynamic | X-Ascend-Maximum-Time | := | 7200 | 0 |
| 7 | dynamic | X-Ascend-Route-IP | := | Route-IP-Yes | 0 |
| 8 | dynamic | Idle-Timeout | := | 1800 | 0 |
+----+-----------+-------------------------+----+---------------------+------+

select * from usergroup;
+----------+-----------+----------+
| UserName | GroupName | priority |
+----------+-----------+----------+
| rahma | dynamic | 1 |
+----------+-----------+----------+


% cd /usr/local/etc/raddb/
Edit sql.conf
Isikan password database( root dgn pass = "" jika masih belum diberi password)

Edit radiusd.conf.
Pada bagian authorize{}:
Hilangkan # pada 'sql'
Pada bagian accounting {}:
Hilangkan # pada 'sql' accounting{}.

Pada post-auth ():
Hilangkan # pada 'sql'
Hilangkan # 3 baris terkahir dari post-auth dan ganti ke sql modul.

Post-Auth-Type REJECT {
sql
}
kill & restart in debug.
% radiusd -X

Selamat mencoba ;)

Edited :

Ternyata ada yang kurang, settingan di atas kan database mysqlnya masih belum diberi password..
Setelah diberi password kmudain dijalankan la koq error...
rlm_sql_mysql: Mysql error 'Client does not support authentication please upgrade mysql client dst..

Coba cek librarynya :
# ldd /usr/local/lib/rlm_sql_mysql.so/usr/local/lib/rlm_sql_mysql.so:
libmysqlclient.so.12 => /usr/local/lib/mysql/libmysqlclient.so.12 (0x28157000)
libz.so.2 => /lib/libz.so.2 (0x28177000)
libcrypt.so.2 => /lib/libcrypt.so.2 (0x28187000)
libm.so.3 => /lib/libm.so.3 (0x2819f000)
libc.so.5 => /lib/libc.so.5 (0x28079000)
Udah sip tuw.. but why.. masak harus upgrade mysql clientnya kan versine udah 5.0 ach ngga harus dech kayaknya.. jgn percaya begitu saja sama warning :P .. googling dulu ach..
Setelah berpusing² eh jadi ingat instalasi pureftpd dgn mysql.. so aku coba dey..
# cd /usr/local/mysql/lib/mysql/
# cp * /usr/local/lib

Cihuy! Alhamdulillah..berhasil pemirsa..