Archive for December, 2009

This tutorial cover how to install lighttpd + mysql + php-cgi in freebsd

Must update port

[root@bsd ~]#  portsnap fetch

[root@bsd ~]#  portsnap update

1. Install Lighttpd

cd /usr/ports/www/lighttpd

make

make install

make clean

2. Mysql server

cd /usr/ports/databases/mysql150-server/

make

make install

make clean

Mysql client

cd /usr/ports/databases/mysql150-client

make

make install

make clean

Mysq script

cd /usr/ports/databases/mysql150-scripts

make

make install

make clean

3. Install php5 for Lighttpd

cd /usr/ports/lang/php5

make

make install

make clean

Php5 must install with this module .

  • ctype: The ctype shared extension for php
  • curl: The curl shared extension for php
  • dom: The dom shared extension for php
  • gd: The gd shared extension for php
  • imap: The imap shared extension for php
  • mbstring: The mbstring shared extension for php
  • mcrypt: The mcrypt shared extension for php
  • mysql: The mysql shared extension for php
  • mysqli: The mysqli shared extension for php
  • pcre: The pcre shared extension for php
  • posix: The posix shared extension for php
  • session: The session shared extension for php
  • simplexml: The simplexml shared extension for php
  • xml: The xml shared extension for php
  • xmlreader: The xmlreader shared extension for php
  • xmlwriter: The xmlwriter shared extension for php
  • zlib: The zlib shared extension for php

4. Install php5 for Lighttpd

cd /usr/ports/lang/php5-extensions

make

make install

make clean

Auto start lighttpd and mysql service

[root@bsd ~]# pico /etc/rc.conf

mysql_enable="YES"
lighttpd_enable="YES"

Start Mysql Server Under FreeBSD

[root@bsd ~]# /usr/local/etc/rc.d/mysql-server start

Start Lighttpd Server Under FreeBSD

[root@bsd ~]# /usr/local/etc/rc.d/lighttpd start

try and good luck ;p

freebsd Squid

Posted: December 4, 2009 in Freebsd

Install squid

cd /usr/ports/www/squid21

make install

You need to build the Cache directory first.  The default is 100MB so if you don’t have that much room, or want more, modify /usr/local/etc/squid/squid.conf appropriately

# /usr/local/sbin/squid -z

after build the cache directory test the squid

# /usr/local/sbin/squid -NCd1

(Type Control C – to exit the squid)

after that put squid to rc.conf

squid_enable=”yes”

One more thing if you using squid as a proxy than dont let anyone by pass you proxy ;p

edo = your lan

ipfw add 220 deny tcp from any to any 80 via ed0

ipfw add 230 deny udp from any to any 80 via ed0

freebsd nmap

Posted: December 4, 2009 in Freebsd
Very good portscanner
pkg_add -r nmap

“Port scanning utility for large networks”

freebsd Network traffic monitoring

Posted: December 4, 2009 in Freebsd

Network traffic monitoring (TCP/UDP)

install using pkg

pkg_add -r trafshow

Test it by running:
trafshow

Select the correct network interface to monitor, and if there is any network traffic, you should see it.
If you get an error:
No packet capture device available (no permission?)
You are not running it as root. Get root privileges, or change the (read) permissions of the /dev/bpf0 and /dev/bpf1 devices. Don’t make it world-readable (o+r), or else anyone with access to your computer can sniff on your network traffic, capture ftp-passwords and compromise your security!

natd (internet sharing)

Posted: December 4, 2009 in Freebsd
When you get just 1 internet IP address from your ISP, and you want to allow more computers access to the internet (without using proxy servers) you need NAT (Network Address Translation). Setting it up is easy, if you pay attention 🙂
You need 2 network cards/interfaces installed in your machine:

When you get just 1 internet IP address from your ISP, and you want to allow more computers access to the internet (without using proxy servers) you need NAT (Network Address Translation). Setting it up is easy, if you pay attention 🙂
You need 2 network cards/interfaces installed in your machine:

/dev/pub0 is my network interface connected to the internet,

/dev/priv0 is my network interface conencted to the internal network.

Replace occurences of <pub0> and <priv0> with your network interface device names and remove the < > characters too. You can find your network interface names with the command:

ifconfig -a

Edit /etc/rc.conf, and check if your network cards are set up correctly, If your ‘public’ network card is connected to the internet an DSL- or Cable modem, it might be that your ISP provides you with an IP address, in this case, you’ll probably already have ‘ifconfig_pub0=”DHCP”’ in your rc.conf. My ISP gave me a fixed ip address (actually, a complete range), so in my case it’s different:

ifconfig_pub0=”inet <my.public.ip.address> netmask <my.public.net.mask>”

Now for the second network card, that is connected to your internal network:

ifconfig_priv0=”inet 10.0.0.1 netmask 255.0.0.0″

You can choose any private network range (10.0.0.0/8, 192.168.0.0/16, 172.16.0.0/…) as long as it’s not alreay used in your network.

nano /etc/rc.conf

Make sure the following lines are there (replace <pub0> with your own network interface, e.g. ‘rl0’):

gateway_enable=”YES”                # enable gateway

firewall_enable=”YES”               # and firewall

firewall_script=”/etc/rc.firewall”  # firewall configuration file

firewall_type=”open”                # firewall type

firewall_quiet=”NO”                 # show all firewall rules

natd_enable=”YES”                   # enable natd

natd_program=”/sbin/natd”           # path to natd

natd_interface=”<pub0>”             # public/external network interface

natd_flags=”-f /etc/natd.conf”      # extra options to natd

Test it (by starting natd manually):

natd -n <pub0>

ipfw -q add 00050 divert natd ip4 from any to any via <pub0>

= Setting up the client = Set up a computer (’client’) on your internal network, ip address 10.0.0.2, netmask 255.0.0.0, gateway 10.0.0.1, and DNS servers from your ISP (you can probably find them with ‘cat /etc/resolv.conf’)

= Testing natd connectivity = On this client pc, go to a shell, (that’s: Start → Run → cmd → [ok] for you windows people, or WindowsKey-R → cmd → [ok] for Vista unfortunates):

ping 10.0.0.1

If everything is ok (no firewalls in the way) you should get ‘Response from 10.0.0.1 …’.

Next, ping another IP address (you can use the DNS server you found a moment ago):

ping 194.109.6.66

If this works, natd works. Note: some servers/internetsites block ‘ping’: test if you can ping the address from your server, if this works, it should work from any client too.

Now test if you can ping a website by it’s name.

ping google.com

If this works, you can start your internet browser, and use the internet with multiple computers.

Reboot, to make sure natd is started automatically/correctly upon the next boot.

put colours in shell bash freebsd

Posted: December 3, 2009 in Freebsd

just copy this script to .

[root@bsd ~]# pico .bash_profile
##################################################################################
DIR=Ex
SYM_LINK=Gx
SOCKET=Fx
PIPE=dx
EXE=Cx
BLOCK_SP=Dx
CHAR_SP=Dx
EXE_SUID=hb
EXE_GUID=ad
DIR_STICKY=Ex
DIR_WO_STICKY=Ex

export LSCOLORS=”$DIR$SYM_LINK$SOCKET$PIPE$EXE\
$BLOCK_SP$CHAR_SP$EXE_SUID$EXE_GUID\
$DIR_STICKY$DIR_WO_STICKY”

export CLICOLOR=”YES”
#alias ls=’ls -FGl’
##################################################################################
log out
ssh again and you will see colours ;p

Bash in freebsd

Posted: December 3, 2009 in Freebsd

bash or sh is shell for freebsd

but i will use bash rather than sh

install bash using this command

pkg_add -r bash

To test it, you must enter the full path to bash:

/usr/local/bin/bash

Your prompt will change, as a sign you are using a different shell now
Change root shell from ‘/bin/sh’ to ‘/usr/local/bin/bash’
pw usermod user_name -s /usr/local/bin/bash

show the user
pw usershow user_name

or you can use this command but be carefull
env SHELL=/usr/local/bin/bash /usr/local/bin/bash -l

change
shell : /bin/sh
to
shell : /usr/local/bin/bash

last change the vi or ee editor in .profile

[root@bsd ~]# pico .profile

change from

export EDITOR=ee or vi

to

export EDITOR=nano