Adding tls support to pure-ftp in FreeBSD

Log for adding tls support in ure-ftp in FreeBSD :

>>>>=================  Make directory for certificate

edp# mkdir -p /etc/ssl/private

>>>>=================  Make certificate

edp# openssl req -x509 -nodes -newkey rsa:1024 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem

Generating a 1024 bit RSA private key
……..++++++
……++++++
writing new private key to ‘/etc/ssl/private/pure-ftpd.pem’
—–
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [AU]:ID
State or Province Name (full name) [Some-State]:Sumsel
Locality Name (eg, city) []:Palembang
Organization Name (eg, company) [Internet Widgits Pty Ltd]:PalComTech
Organizational Unit Name (eg, section) []:STMIK/POLTEK PalComTech
Common Name (eg, YOUR name) []:PalComTech
Email Address []:info@palcomtech.com

>>>>=================  chmod 600 certificate

edp# chmod 600 /etc/ssl/private/*.pem

>>>>=================  Restart  FTP Server

edp# /usr/local/etc/rc.d/pure-ftpd restart

==========================================================================================

Running: /usr/local/sbin/pure-ftpd -A -c50 -B -C8 -D -fftp -H -I15 -L2000:8 -m4 -s -U133:022 -u100 -k99 -Z –Y2

Y2 => TLS level 2

Testing from ftp client :

20———- Welcome to Pure-FTPd [TLS] ———- 
AUTH TLS 
234 AUTH TLS OK. 
TLSv1, cipher TLSv1/SSLv3 (AES256-SHA) – 256 bit
USER palcom 
331 User palcom OK. Password required 
PASS ********** 
230-User palcom has group access to:  palcom   
230 OK. Current restricted directory is / 

Good :-)

 

Updating Clamav

I install clamav from ports and get error message that said my definition older than 7 days.

After trying manual update, I see something :-)

jedimaster# /usr/local/bin/freshclam –verbose
Current working dir is /var/db/clamav
Max retries == 3
ClamAV update process started at Mon Jul 23 16:44:22 2007
Querying current.cvd.clamav.net
TTL: 300
WARNING: DNS record is older than 3 hours.
WARNING: Invalid DNS reply. Falling back to HTTP mode.
If-Modified-Since: Fri, 13 Jul 2007 15:01:34 GMT
Reading CVD header (main.cvd): Connected to database.clamav.net (IP: 222.124.18.201).
Trying to retrieve CVD header of http://database.clamav.net/main.cvd
OK
Retrieving http://database.clamav.net/main-44.cdiff
Trying to download http://database.clamav.net/main-44.cdiff (IP: 222.124.18.201)
Downloading main-44.cdiff [100%]
cdiff_apply: Parsed 28691 lines and executed 28691 commands
main.cvd updated (version: 44, sigs: 133163, f-level: 20, builder: sven)
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Current functionality level = 16, recommended = 20
DON’T PANIC! Read http://www.clamav.net/support/faq
Assuming modification time in the past
If-Modified-Since: Mon, 27 Dec 2004 03:52:10 GMT
Reading CVD header (daily.cvd): Connected to database.clamav.net (IP: 222.124.18.201).
Trying to retrieve CVD header of http://database.clamav.net/daily.cvd
OK
Retrieving http://database.clamav.net/daily-3697.cdiff
Trying to download http://database.clamav.net/daily-3697.cdiff (IP: 222.124.18.201)
ERROR: getfile: daily-3697.cdiff not found on remote server (IP: 222.124.18.201)
ERROR: getpatch: Can’t download daily-3697.cdiff from database.clamav.net
Retrieving http://database.clamav.net/daily-3697.cdiff
Trying to download http://database.clamav.net/daily-3697.cdiff (IP: 222.124.18.201)
ERROR: getfile: daily-3697.cdiff not found on remote server (IP: 222.124.18.201)
ERROR: getpatch: Can’t download daily-3697.cdiff from database.clamav.net
Retrieving http://database.clamav.net/daily-3697.cdiff
Trying to download http://database.clamav.net/daily-3697.cdiff (IP: 222.124.18.201)
ERROR: getfile: daily-3697.cdiff not found on remote server (IP: 222.124.18.201)
ERROR: getpatch: Can’t download daily-3697.cdiff from database.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
Retrieving http://database.clamav.net/daily.cvd
Trying to download http://database.clamav.net/daily.cvd (IP: 222.124.18.201)
Downloading daily.cvd [100%]
Removing incremental directory daily.inc
Removing backup directory ./clamav-0fe9f7e2e016493cc3a194fb862a06f7
daily.inc updated (version: 3741, sigs: 6959, f-level: 16, builder: ccordes)
Database updated (140122 signatures) from database.clamav.net (IP: 222.124.18.201)

WARNING: Clamd was NOT notified: Can’t connect to clamd through /var/run/clamav/clamd
connect(): No such file or directory

jedimaster# cd /var/run/clamav/
jedimaster# ls
jedimaster# whereis clamd
clamd: /usr/local/sbin/clamd /usr/local/man/man8/clamd.8.gz /usr/ports/security/clamav/work/clamav-0.90.3/clamd
jedimaster# ln -s /usr/local/sbin/clamd /var/run/clamav/clamd
jedimaster#

Trying update :
jedimaster# /usr/local/bin/freshclam –verbose
Current working dir is /var/db/clamav
Max retries == 3
ClamAV update process started at Mon Jul 23 16:46:16 2007
Querying current.cvd.clamav.net
TTL: 187
WARNING: DNS record is older than 3 hours.
WARNING: Invalid DNS reply. Falling back to HTTP mode.
Assuming modification time in the past
If-Modified-Since: Mon, 27 Dec 2004 03:52:10 GMT
Reading CVD header (main.cvd): Ignoring mirror 222.124.18.201 (too often connections with outdated version)
Trying host database.clamav.net (193.1.193.64)…
Connected to database.clamav.net (IP: 193.1.193.64).
Trying to retrieve CVD header of http://database.clamav.net/main.cvd
OK
main.inc is up to date (version: 44, sigs: 133163, f-level: 20, builder: sven)
WARNING: Current functionality level = 16, recommended = 20
Please check if ClamAV tools are linked against proper version of libclamav
DON’T PANIC! Read http://www.clamav.net/support/faq
If-Modified-Since: Mon, 23 Jul 2007 16:44:32 GMT
Reading CVD header (daily.cvd): Connected to database.clamav.net (IP: 193.1.193.64).
Trying to retrieve CVD header of http://database.clamav.net/daily.cvd
OK
daily.cvd is up to date (version: 3741, sigs: 6959, f-level: 16, builder: ccordes)

Make symlink to clamd fixed the problem.

Hmmm… it’s work, other message will be identified soon :-)

 

trying portsnap

With recent freebsd 6.2 stable installation I like to try portsnap. Since it’s already in base, no need to install this program :-)

Just trying it :-)

alamster# portsnap fetch
Looking up portsnap.FreeBSD.org mirrors… 3 mirrors found.
Fetching public key from portsnap3.FreeBSD.org… done.
Fetching snapshot tag from portsnap3.FreeBSD.org… done.
Fetching snapshot metadata… done.
Fetching snapshot generated at Sun Jul 22 00:35:13 UTC 2007:
488520ca868e6c935f35667a1c969541f0996cb51776fc100% of   48 MB   66 kBps 00m00s
Extracting snapshot… done.
Verifying snapshot integrity… done.
Fetching snapshot tag from portsnap3.FreeBSD.org… done.
Fetching snapshot metadata… done.
Updating from Sun Jul 22 00:35:13 UTC 2007 to Sun Jul 22 11:58:18 UTC 2007.
Fetching 3 metadata patches.. done.
Applying metadata patches… done.
Fetching 0 metadata files… done.
Fetching 43 patches…..10….20….30….40. done.
Applying patches… done.
Fetching 0 new ports or files… done.

alamster# portsnap extract
……………………..
………………

/usr/ports/audio/cplay/
/usr/ports/audio/cpp-xmms2/
/usr/ports/audio/crip/
/usr/ports/audio/csound-manual/
/usr/ports/audio/csound/
/usr/ports/audio/cue2toc/
/usr/ports/audio/cuetools/
/usr/ports/audio/cymbaline/
/usr/ports/audio/cynthiune/
/usr/ports/audio/daapd/
/usr/ports/audio/daaplib/
/usr/ports/audio/dagrab/
/usr/ports/audio/dap/
/usr/ports/audio/darkice/
/usr/ports/audio/dekagen/
………………………
……………………
/usr/ports/x11/yalias/
/usr/ports/x11/yelp/
/usr/ports/x11/zenity/
Building new INDEX files… done.

alamster# pkg_info
pkg_info: no packages installed

great, I don’t have to install cvsup for updating ports :-)

but hey, csup already in base too. Only need ports-supfile and stable-supfile.

Let portsnap work for ports and csup work for source file.

Very handy end neat tools

thanks FreeBSD :-)

Install gd support in php without xorg

Recent upgrade to php 5.2.3 require to install gd support too but it always need xorg. Here’s a lttle note on how to add gd support in php5 ports in freebsd without xorg.

1. Checking installed php extension

proxy# pkg_info | grep php5
php5-5.2.3          PHP Scripting Language (Apache Module and CLI)
php5-bz2-5.2.3      The bz2 shared extension for php
php5-ctype-5.2.3    The ctype shared extension for php
php5-curl-5.2.3     The curl shared extension for php
php5-dom-5.2.3      The dom shared extension for php
php5-ftp-5.2.3      The ftp shared extension for php
php5-iconv-5.2.3    The iconv shared extension for php
php5-imap-5.2.3     The imap shared extension for php
php5-pcre-5.2.3     The pcre shared extension for php
php5-simplexml-5.2.3 The simplexml shared extension for php
php5-spl-5.2.3      The spl shared extension for php

2. Find php5-gd and install it.

proxy# whereis php5-gd
php5-gd: /usr/ports/graphics/php5-gd
proxy# cd /usr/ports/graphics/php5-gd && make clean
===>  Cleaning for php5-gd-5.2.3

proxy# cd /usr/ports/graphics/php5-gd && make install

===>  Vulnerability check disabled, database not found
===>  Found saved configuration for php5-gd-5.2.3
===>  Extracting for php5-gd-5.2.3
=> MD5 Checksum OK for php-5.2.3.tar.bz2.
=> SHA256 Checksum OK for php-5.2.3.tar.bz2.
===>  Patching for php5-gd-5.2.3
===>  Applying FreeBSD patches for php5-gd-5.2.3
===>   php5-gd-5.2.3 depends on executable in : phpize – found
===>   php5-gd-5.2.3 depends on file: /usr/local/bin/autoconf259 – found
===>   php5-gd-5.2.3 depends on shared library: freetype.9 – not found
===>    Verifying install for freetype.9 in /usr/ports/print/freetype2

wow, alot of things it will installed and tend to install xorg :-(

Continue reading

PC-BSD 1.4 beta – Release name: da Vinci

After months of hard work, the PC-BSD team is pleased to make available the 1.4 BETA release. This version includes many exciting new features and software, such as:

  • 3D desktop support via Beryl
  • KDE 3.5.7
  • FreeBSD 6.2
  • Xorg 7.2
  • New GUI tools & utilities
  • Optional Components, and much more

Changelog :

PCBSD 1.4 BETA  – Changelog
7-20-07 (Kris Moore)
————————–
 * Updated FreeBSD base OS to 6.2-STABLE
 * Updated Xorg to version 7.2
 * Updated KDE to 3.5.7
 * Includes support for Flash7 in native BSD browsers. (Konq, Opera, FireFox)
 * Includes official NVIDIA drivers to simplify activating HW acceleration.
 * Optional 3D desktop using Beryl
 * Improved & Simplified system installer, now with the ability to load optional components from CD2
 * NEW! Network configuration manager, including tray apps for WIFI and ethernet connections
 * NEW! Firewall Manager, enables easy GUI configuration of firewall Settings
 * NEW! Xorg GUI Configuration tool, allows easy setup of screen resolution & 3D support
 * NEW! Added support to Add / Remove programs tool to easily install optional KDE / System components
 * NEW! User manager GUI
 * NEW! Battery Tray Application for Laptops
 * Numerous fixes / tweaks to KDE configuration, making downloading & running PBIs easier
 * Numerous other fixes / improvements to the core OS.


Download Link for ISO :

For other mirror, click here