From owner-freebsd-questions@FreeBSD.ORG Thu Jun 27 09:17:59 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 7014C389 for ; Thu, 27 Jun 2013 09:17:59 +0000 (UTC) (envelope-from jack.mclauren@yahoo.com) Received: from nm18-vm0.bullet.mail.bf1.yahoo.com (nm18-vm0.bullet.mail.bf1.yahoo.com [98.139.213.138]) by mx1.freebsd.org (Postfix) with ESMTP id 23F8315FC for ; Thu, 27 Jun 2013 09:17:58 +0000 (UTC) Received: from [66.196.81.174] by nm18.bullet.mail.bf1.yahoo.com with NNFMP; 27 Jun 2013 09:17:51 -0000 Received: from [98.139.212.234] by tm20.bullet.mail.bf1.yahoo.com with NNFMP; 27 Jun 2013 09:17:51 -0000 Received: from [127.0.0.1] by omp1043.mail.bf1.yahoo.com with NNFMP; 27 Jun 2013 09:17:51 -0000 X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 899180.46481.bm@omp1043.mail.bf1.yahoo.com Received: (qmail 3772 invoked by uid 60001); 27 Jun 2013 09:17:51 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1372324671; bh=79gAIxi36AwSb1sAMC/Gf5H1gT6U1t/CDcgzmVWPw1k=; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:Message-ID:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type; b=S2Uk+6FyY9AWrugiwWk5e6Vk74dfDOUBwwjJmTuXQsXTJVg16XaSBu9F1bHDdkNLfzAbAQ8X1bLRkvq7pqCTXRN2IqJ/jJ+5kaW7btfkZ2TBQHmGBsf5klUcPFcOnbP5UP9xrve2wCmPd7rmkVh/a1/On/Cb5QrLve9vCJoFxCA= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:Message-ID:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type; b=C5dQNnbg7znlL49WlmtnQxyrln5Du54y7WfDhCBj/11Ts/j/yNod2JX082oWzSe00lGWssoJ0nv222SvcdKtUc9MjuyR96uZicnAg99VkLZknigAmsATPt5lxNrSMTeWQU6uZ1wCcJb6gtGe6pqB32Ak3KKY/htkTEmonlEsazI=; X-YMail-OSG: iFssJz8VM1lw0YudlsLEHBfxBsAzBsKkattyQiHysfjkIQ5 T_x65Za8P1QWk1vp9r43CAClRzM05uTqdE59L3s5iS9MlbgKotQdbpm2y2um LBDkNwfcBQ1MrsXy4KAgal33bLHF2rSI9LHp66VyseQtGeCkn0rCibpQrJ36 .16WcHju_U99RN3EzPCDdjjYFstTowaTLjkOgUag2g1FBJcQB3lbRpcTKlFE FsrUg2lZfA1vc5VPMJTjENDQNiPvFisbFoh53Bpb0DaL6F6MgJi0wdIY2dlv Fy7AJAhbdBxMJMJP01f6Aw7yCpUCqJ_oZMbd.SAuKu.hLS34li616sEquflV VozabrunfYfGaM1iAPsJh8F051teIiH3yIAw2rDDDJouIW3MNnbCoclUoq_W sEBlsPZ5X5MGdORtPvOkczxLIcKv5KpwUa5SviXnSYSV0kHi7dAbdwOGeHCc 9Hjdf44u10tJAru5g4ZsCkdsOw_9j9ms1OjTo_pVSpaZpr2Mrv6w_bbrlFU4 uQ7MXA9T4BYYKo0ZOWqxM0vHnKkaBHzZPacJ06WrfijLcQmoR.LHjGjasCVq EC2nE Received: from [89.165.120.140] by web160102.mail.bf1.yahoo.com via HTTP; Thu, 27 Jun 2013 02:17:51 PDT X-Rocket-MIMEInfo: 002.001, SGkgYWxsCkhhdmUgeW91IGd1eXMgZXZlciB0cmllZCB0aGlzIGNvbWJpbmF0aW9uPyBVc2luZyBzbm9ydCBpbiBpbmxpbmUgbW9kZSBhbmQgSVBGVyBhcyBkYXEuwqAKSSBoYXZlIGFkZGVkIHRoZSBmb2xsb3dpbmcgbGluZXMgdG8gdGhlIGRlZmF1bHQgL3Vzci9sb2NhbC9ldGMvc25vcnQvc25vcnQuY29uZiBmaWxlIDoKCmNvbmZpZyBkYXE6IGlwZncKY29uZmlnIGRhcV9tb2RlOiBpbmxpbmUKY29uZmlnIHBvbGljeV9tb2RlOiBpbmxpbmUKCkFuZCBJIHVzZSB0aGUgZm9sbG93aW5nIHNjcmlwdCB0byBydW4BMAEBAQE- X-Mailer: YahooMailWebService/0.8.148.557 Message-ID: <1372324671.3493.YahooMailNeo@web160102.mail.bf1.yahoo.com> Date: Thu, 27 Jun 2013 02:17:51 -0700 (PDT) From: Jack Mc Lauren Subject: Using snort in inline mode with IPFW To: FreeBSD Global Users Mailing List MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.14 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: Jack Mc Lauren List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Jun 2013 09:17:59 -0000 Hi all=0AHave you guys ever tried this combination? Using snort in inline m= ode and IPFW as daq.=A0=0AI have added the following lines to the default /= usr/local/etc/snort/snort.conf file :=0A=0Aconfig daq: ipfw=0Aconfig daq_mo= de: inline=0Aconfig policy_mode: inline=0A=0AAnd I use the following script= to run snort:=0A=0A#!/bin/sh=0Aipfw -q delete set 10 >/dev/null 1>/dev/nul= l 2>/dev/null=0Aipfw -q delete 401 >/dev/null 1>/dev/null 2>/dev/null=0Aipf= w -q delete 402 >/dev/null 1>/dev/null 2>/dev/null=0Aipfw -q delete 403 >/d= ev/null 1>/dev/null 2>/dev/null=0Aipfw -q add 401 allow all from 224.0.0.0/= 24 to any >/dev/null 1>/dev/null 2>/dev/null=0Aipfw -q add 402 allow all fr= om any to 224.0.0.0/24 >/dev/null 1>/dev/null 2>/dev/null=0Aipfw -q add 403= allow all from me to me >/dev/null 1>/dev/null 2>/dev/null=0A/bin/snort --= daq ipfw --daq-var port=3D1500 -N -A full -l /var/log/snort/ -c /usr/local/= etc/snort/snort.conf >/dev/null 1>/dev/null 2>/dev/null -q &=0Aipfw -q add = 451 set 10 divert 1500 all from any to any >/dev/null 1>/dev/null 2>/dev/nu= ll=0A=0ABut it does not drop the packets.=0AAny suggestions or experiences = ?=0A=0AThanks in advance=A0 From owner-freebsd-questions@FreeBSD.ORG Thu Jun 27 09:21:30 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id B04E46E1 for ; Thu, 27 Jun 2013 09:21:30 +0000 (UTC) (envelope-from trond@fagskolen.gjovik.no) Received: from smtp.fagskolen.gjovik.no (smtp.fagskolen.gjovik.no [IPv6:2001:700:1100:1:200:ff:fe00:b]) by mx1.freebsd.org (Postfix) with ESMTP id 11BEF1628 for ; Thu, 27 Jun 2013 09:21:29 +0000 (UTC) Received: from mail.fig.ol.no (localhost [127.0.0.1]) by mail.fig.ol.no (8.14.7/8.14.7) with ESMTP id r5R9LM0J090788 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 27 Jun 2013 11:21:22 +0200 (CEST) (envelope-from trond@fagskolen.gjovik.no) Received: from localhost (trond@localhost) by mail.fig.ol.no (8.14.7/8.14.7/Submit) with ESMTP id r5R9LMim090785; Thu, 27 Jun 2013 11:21:22 +0200 (CEST) (envelope-from trond@fagskolen.gjovik.no) X-Authentication-Warning: mail.fig.ol.no: trond owned process doing -bs Date: Thu, 27 Jun 2013 11:21:22 +0200 (CEST) From: =?ISO-8859-1?Q?Trond_Endrest=F8l?= Sender: Trond.Endrestol@fagskolen.gjovik.no To: "C. L. Martinez" Subject: Re: Errors building mysql55-client In-Reply-To: Message-ID: References: User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) Organization: Fagskolen Innlandet OpenPGP: url=http://fig.ol.no/~trond/trond.key MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="2055831798-1502390906-1372324882=:1345" X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on mail.fig.ol.no Cc: freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Jun 2013 09:21:30 -0000 This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --2055831798-1502390906-1372324882=:1345 Content-Type: TEXT/PLAIN; charset=ISO-8859-1 Content-Transfer-Encoding: 8BIT On Thu, 27 Jun 2013 07:55-0000, C. L. Martinez wrote: > Hi all, > > There is an error when poudriere tries to build mysql55-client: > > ===> License GPLv2 accepted by the user > ===> Fetching all distfiles required by mysql-client-5.5.32 for building > => SHA256 Checksum mismatch for mysql-5.5.32.tar.gz. > ===> Refetch for 1 more times files: mysql-5.5.32.tar.gz > ===> License GPLv2 accepted by the user > => mysql-5.5.32.tar.gz doesn't seem to exist in /distfiles/. > => Attempting to fetch > ftp://ftp.fi.muni.cz/pub/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: ftp://ftp.fi.muni.cz/pub/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > Unknown FTP error > => Attempting to fetch > http://mysql.mirrors.cybercity.dk/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: http://mysql.mirrors.cybercity.dk/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > No route to host > => Attempting to fetch > ftp://ftp.fh-wolfenbuettel.de/pub/database/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: ftp://ftp.fh-wolfenbuettel.de/pub/database/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > Unknown FTP error > => Attempting to fetch > ftp://ftp.gwdg.de/pub/misc/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: mysql-5.5.32.tar.gz: local file (24625029 bytes) is longer than > remote file (24589274 bytes) > => Attempting to fetch > http://netmirror.org/mirror/mysql.com/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: http://netmirror.org/mirror/mysql.com/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > Operation timed out > => Attempting to fetch > ftp://netmirror.org/mysql.com/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: ftp://netmirror.org/mysql.com/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > Protocol error > => Attempting to fetch > http://mirrors.ntua.gr/MySQL/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: http://mirrors.ntua.gr/MySQL/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > Requested Range Not Satisfiable > => Attempting to fetch > ftp://ftp.ntua.gr/pub/databases/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: mysql-5.5.32.tar.gz: local file (24625029 bytes) is longer than > remote file (24589274 bytes) > => Attempting to fetch > http://mysql.sote.hu/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: http://mysql.sote.hu/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > No address record > => Attempting to fetch > ftp://ftp.rhnet.is/pub/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: ftp://ftp.rhnet.is/pub/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > File unavailable (e.g., file not found, no access) > => Attempting to fetch > ftp://mirror.widexs.nl/pub/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: ftp://mirror.widexs.nl/pub/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > File unavailable (e.g., file not found, no access) > => Attempting to fetch > ftp://mirror.switch.ch/mirror/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: mysql-5.5.32.tar.gz: local file (24625029 bytes) is longer than > remote file (24589274 bytes) > => Attempting to fetch > http://mysql.dp.ua/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: http://mysql.dp.ua/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: No > address record > => Attempting to fetch > http://mysql.mirrored.ca/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: http://mysql.mirrored.ca/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > size mismatch: expected 24589274, actual 51 > => Attempting to fetch > ftp://mirror.services.wisc.edu/mirrors/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: ftp://mirror.services.wisc.edu/mirrors/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > No address record > => Attempting to fetch > http://mysql.mirrors.pair.com/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: http://mysql.mirrors.pair.com/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > Requested Range Not Satisfiable > => Attempting to fetch > ftp://ftp.linorg.usp.br/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: ftp://ftp.linorg.usp.br/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > No address record > => Attempting to fetch > ftp://ftp.cbn.net.id/mirror/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: ftp://ftp.cbn.net.id/mirror/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > File unavailable (e.g., file not found, no access) > => Attempting to fetch > ftp://ftp.easynet.be/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: ftp://ftp.easynet.be/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > Unknown FTP error > => Attempting to fetch > http://download.softagency.net/MySQL/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: mysql-5.5.32.tar.gz: local file (24625029 bytes) is longer than > remote file (24589274 bytes) > => Attempting to fetch > ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/mysql-5.5.32.tar.gz > fetch: ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/mysql-5.5.32.tar.gz: > size mismatch: expected 24589274, actual 24625029 > => Couldn't fetch it - please try to retrieve this > => port manually into /distfiles/ and try again. > *** Error code 1 > > Stop in /usr/ports/databases/mysql55-client. > *** Error code 1 > > Stop in /usr/ports/databases/mysql55-client. > ===> Cleaning for mysql-client-5.5.32 > > Any idea why?? Either the file named distinfo is messed up, or the maintainer has access to a different file than the rest of us. Maybe you should wait until the MySQL mirrors catches up. Here's contents of /usr/ports/databases/mysql55-server/distinfo on one of my systems as of r321850: root@enterprise:~>cat /usr/ports/databases/mysql55-server/distinfo SHA256 (mysql-5.5.32.tar.gz) = babb19a1e58f6b285ff75e876f550a798d37fb72b5a548ffb411e8a4a51f6890 SIZE (mysql-5.5.32.tar.gz) = 24589274 Here's info on the file itself: root@enterprise:~>stat -x /usr/ports/distfiles/mysql-5.5.32.tar.gz File: "/usr/ports/distfiles/mysql-5.5.32.tar.gz" Size: 24625029 FileType: Regular File Mode: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ wheel) Device: 129,129302626 Inode: 4958 Links: 1 Access: Thu Jun 27 11:03:49 2013 Modify: Fri May 17 07:44:35 2013 Change: Fri Jun 14 09:20:22 2013 root@enterprise:~>sha256 /usr/ports/distfiles/mysql-5.5.32.tar.gz SHA256 (/usr/ports/distfiles/mysql-5.5.32.tar.gz) = 20930c3d934937f3863073af0a54cb014a4c6469e5460a81e2ff75062755377e Neither the file's length nor its SHA256 hash matches what's stored in the distinfo file. If you accept the risks, you could perform some surgery on the /usr/ports/databases/mysql55-server/distinfo file, changing its contents to: SHA256 (mysql-5.5.32.tar.gz) = 20930c3d934937f3863073af0a54cb014a4c6469e5460a81e2ff75062755377e SIZE (mysql-5.5.32.tar.gz) = 24625029 You should probably generate/verify these values yourself. I updated both mysql55-server and mysql55-client on June 14th, 2013. root@enterprise:~>mysql --version mysql Ver 14.14 Distrib 5.5.32, for FreeBSD9.1 (amd64) using 5.2 -- +-------------------------------+------------------------------------+ | Vennlig hilsen, | Best regards, | | Trond Endrestøl, | Trond Endrestøl, | | IT-ansvarlig, | System administrator, | | Fagskolen Innlandet, | Gjøvik Technical College, Norway, | | tlf. mob. 952 62 567, | Cellular...: +47 952 62 567, | | sentralbord 61 14 54 00. | Switchboard: +47 61 14 54 00. | +-------------------------------+------------------------------------+ --2055831798-1502390906-1372324882=:1345--