Date: Thu, 27 Jun 2013 02:17:51 -0700 (PDT) From: Jack Mc Lauren <jack.mclauren@yahoo.com> To: FreeBSD Global Users Mailing List <freebsd-questions@freebsd.org> Subject: Using snort in inline mode with IPFW Message-ID: <1372324671.3493.YahooMailNeo@web160102.mail.bf1.yahoo.com>
next in thread | raw e-mail | index | archive | help
Hi all=0AHave you guys ever tried this combination? Using snort in inline m= ode and IPFW as daq.=A0=0AI have added the following lines to the default /= usr/local/etc/snort/snort.conf file :=0A=0Aconfig daq: ipfw=0Aconfig daq_mo= de: inline=0Aconfig policy_mode: inline=0A=0AAnd I use the following script= to run snort:=0A=0A#!/bin/sh=0Aipfw -q delete set 10 >/dev/null 1>/dev/nul= l 2>/dev/null=0Aipfw -q delete 401 >/dev/null 1>/dev/null 2>/dev/null=0Aipf= w -q delete 402 >/dev/null 1>/dev/null 2>/dev/null=0Aipfw -q delete 403 >/d= ev/null 1>/dev/null 2>/dev/null=0Aipfw -q add 401 allow all from 224.0.0.0/= 24 to any >/dev/null 1>/dev/null 2>/dev/null=0Aipfw -q add 402 allow all fr= om any to 224.0.0.0/24 >/dev/null 1>/dev/null 2>/dev/null=0Aipfw -q add 403= allow all from me to me >/dev/null 1>/dev/null 2>/dev/null=0A/bin/snort --= daq ipfw --daq-var port=3D1500 -N -A full -l /var/log/snort/ -c /usr/local/= etc/snort/snort.conf >/dev/null 1>/dev/null 2>/dev/null -q &=0Aipfw -q add = 451 set 10 divert 1500 all from any to any >/dev/null 1>/dev/null 2>/dev/nu= ll=0A=0ABut it does not drop the packets.=0AAny suggestions or experiences = ?=0A=0AThanks in advance=A0 From owner-freebsd-questions@FreeBSD.ORG Thu Jun 27 09:21:30 2013 Return-Path: <owner-freebsd-questions@FreeBSD.ORG> Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id B04E46E1 for <freebsd-questions@freebsd.org>; Thu, 27 Jun 2013 09:21:30 +0000 (UTC) (envelope-from trond@fagskolen.gjovik.no) Received: from smtp.fagskolen.gjovik.no (smtp.fagskolen.gjovik.no [IPv6:2001:700:1100:1:200:ff:fe00:b]) by mx1.freebsd.org (Postfix) with ESMTP id 11BEF1628 for <freebsd-questions@freebsd.org>; Thu, 27 Jun 2013 09:21:29 +0000 (UTC) Received: from mail.fig.ol.no (localhost [127.0.0.1]) by mail.fig.ol.no (8.14.7/8.14.7) with ESMTP id r5R9LM0J090788 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 27 Jun 2013 11:21:22 +0200 (CEST) (envelope-from trond@fagskolen.gjovik.no) Received: from localhost (trond@localhost) by mail.fig.ol.no (8.14.7/8.14.7/Submit) with ESMTP id r5R9LMim090785; Thu, 27 Jun 2013 11:21:22 +0200 (CEST) (envelope-from trond@fagskolen.gjovik.no) X-Authentication-Warning: mail.fig.ol.no: trond owned process doing -bs Date: Thu, 27 Jun 2013 11:21:22 +0200 (CEST) From: =?ISO-8859-1?Q?Trond_Endrest=F8l?= <Trond.Endrestol@fagskolen.gjovik.no> Sender: Trond.Endrestol@fagskolen.gjovik.no To: "C. L. Martinez" <carlopmart@gmail.com> Subject: Re: Errors building mysql55-client In-Reply-To: <CAEjQA5LZfFo4MxijZhD+zjnAkxX7OoBiWFX8X91Y2wsFLLyk0w@mail.gmail.com> Message-ID: <alpine.BSF.2.00.1306271106090.1345@mail.fig.ol.no> References: <CAEjQA5LZfFo4MxijZhD+zjnAkxX7OoBiWFX8X91Y2wsFLLyk0w@mail.gmail.com> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) Organization: Fagskolen Innlandet OpenPGP: url=http://fig.ol.no/~trond/trond.key MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="2055831798-1502390906-1372324882=:1345" X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on mail.fig.ol.no Cc: freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions <freebsd-questions.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions> List-Post: <mailto:freebsd-questions@freebsd.org> List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, <mailto:freebsd-questions-request@freebsd.org?subject=subscribe> X-List-Received-Date: Thu, 27 Jun 2013 09:21:30 -0000 This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --2055831798-1502390906-1372324882=:1345 Content-Type: TEXT/PLAIN; charset=ISO-8859-1 Content-Transfer-Encoding: 8BIT On Thu, 27 Jun 2013 07:55-0000, C. L. Martinez wrote: > Hi all, > > There is an error when poudriere tries to build mysql55-client: > > ===> License GPLv2 accepted by the user > ===> Fetching all distfiles required by mysql-client-5.5.32 for building > => SHA256 Checksum mismatch for mysql-5.5.32.tar.gz. > ===> Refetch for 1 more times files: mysql-5.5.32.tar.gz > ===> License GPLv2 accepted by the user > => mysql-5.5.32.tar.gz doesn't seem to exist in /distfiles/. > => Attempting to fetch > ftp://ftp.fi.muni.cz/pub/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: ftp://ftp.fi.muni.cz/pub/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > Unknown FTP error > => Attempting to fetch > http://mysql.mirrors.cybercity.dk/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: http://mysql.mirrors.cybercity.dk/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > No route to host > => Attempting to fetch > ftp://ftp.fh-wolfenbuettel.de/pub/database/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: ftp://ftp.fh-wolfenbuettel.de/pub/database/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > Unknown FTP error > => Attempting to fetch > ftp://ftp.gwdg.de/pub/misc/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: mysql-5.5.32.tar.gz: local file (24625029 bytes) is longer than > remote file (24589274 bytes) > => Attempting to fetch > http://netmirror.org/mirror/mysql.com/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: http://netmirror.org/mirror/mysql.com/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > Operation timed out > => Attempting to fetch > ftp://netmirror.org/mysql.com/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: ftp://netmirror.org/mysql.com/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > Protocol error > => Attempting to fetch > http://mirrors.ntua.gr/MySQL/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: http://mirrors.ntua.gr/MySQL/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > Requested Range Not Satisfiable > => Attempting to fetch > ftp://ftp.ntua.gr/pub/databases/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: mysql-5.5.32.tar.gz: local file (24625029 bytes) is longer than > remote file (24589274 bytes) > => Attempting to fetch > http://mysql.sote.hu/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: http://mysql.sote.hu/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > No address record > => Attempting to fetch > ftp://ftp.rhnet.is/pub/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: ftp://ftp.rhnet.is/pub/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > File unavailable (e.g., file not found, no access) > => Attempting to fetch > ftp://mirror.widexs.nl/pub/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: ftp://mirror.widexs.nl/pub/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > File unavailable (e.g., file not found, no access) > => Attempting to fetch > ftp://mirror.switch.ch/mirror/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: mysql-5.5.32.tar.gz: local file (24625029 bytes) is longer than > remote file (24589274 bytes) > => Attempting to fetch > http://mysql.dp.ua/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: http://mysql.dp.ua/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: No > address record > => Attempting to fetch > http://mysql.mirrored.ca/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: http://mysql.mirrored.ca/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > size mismatch: expected 24589274, actual 51 > => Attempting to fetch > ftp://mirror.services.wisc.edu/mirrors/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: ftp://mirror.services.wisc.edu/mirrors/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > No address record > => Attempting to fetch > http://mysql.mirrors.pair.com/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: http://mysql.mirrors.pair.com/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > Requested Range Not Satisfiable > => Attempting to fetch > ftp://ftp.linorg.usp.br/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: ftp://ftp.linorg.usp.br/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > No address record > => Attempting to fetch > ftp://ftp.cbn.net.id/mirror/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: ftp://ftp.cbn.net.id/mirror/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > File unavailable (e.g., file not found, no access) > => Attempting to fetch > ftp://ftp.easynet.be/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: ftp://ftp.easynet.be/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: > Unknown FTP error > => Attempting to fetch > http://download.softagency.net/MySQL/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz > fetch: mysql-5.5.32.tar.gz: local file (24625029 bytes) is longer than > remote file (24589274 bytes) > => Attempting to fetch > ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/mysql-5.5.32.tar.gz > fetch: ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/mysql-5.5.32.tar.gz: > size mismatch: expected 24589274, actual 24625029 > => Couldn't fetch it - please try to retrieve this > => port manually into /distfiles/ and try again. > *** Error code 1 > > Stop in /usr/ports/databases/mysql55-client. > *** Error code 1 > > Stop in /usr/ports/databases/mysql55-client. > ===> Cleaning for mysql-client-5.5.32 > > Any idea why?? Either the file named distinfo is messed up, or the maintainer has access to a different file than the rest of us. Maybe you should wait until the MySQL mirrors catches up. Here's contents of /usr/ports/databases/mysql55-server/distinfo on one of my systems as of r321850: root@enterprise:~>cat /usr/ports/databases/mysql55-server/distinfo SHA256 (mysql-5.5.32.tar.gz) = babb19a1e58f6b285ff75e876f550a798d37fb72b5a548ffb411e8a4a51f6890 SIZE (mysql-5.5.32.tar.gz) = 24589274 Here's info on the file itself: root@enterprise:~>stat -x /usr/ports/distfiles/mysql-5.5.32.tar.gz File: "/usr/ports/distfiles/mysql-5.5.32.tar.gz" Size: 24625029 FileType: Regular File Mode: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ wheel) Device: 129,129302626 Inode: 4958 Links: 1 Access: Thu Jun 27 11:03:49 2013 Modify: Fri May 17 07:44:35 2013 Change: Fri Jun 14 09:20:22 2013 root@enterprise:~>sha256 /usr/ports/distfiles/mysql-5.5.32.tar.gz SHA256 (/usr/ports/distfiles/mysql-5.5.32.tar.gz) = 20930c3d934937f3863073af0a54cb014a4c6469e5460a81e2ff75062755377e Neither the file's length nor its SHA256 hash matches what's stored in the distinfo file. If you accept the risks, you could perform some surgery on the /usr/ports/databases/mysql55-server/distinfo file, changing its contents to: SHA256 (mysql-5.5.32.tar.gz) = 20930c3d934937f3863073af0a54cb014a4c6469e5460a81e2ff75062755377e SIZE (mysql-5.5.32.tar.gz) = 24625029 You should probably generate/verify these values yourself. I updated both mysql55-server and mysql55-client on June 14th, 2013. root@enterprise:~>mysql --version mysql Ver 14.14 Distrib 5.5.32, for FreeBSD9.1 (amd64) using 5.2 -- +-------------------------------+------------------------------------+ | Vennlig hilsen, | Best regards, | | Trond Endrestøl, | Trond Endrestøl, | | IT-ansvarlig, | System administrator, | | Fagskolen Innlandet, | Gjøvik Technical College, Norway, | | tlf. mob. 952 62 567, | Cellular...: +47 952 62 567, | | sentralbord 61 14 54 00. | Switchboard: +47 61 14 54 00. | +-------------------------------+------------------------------------+ --2055831798-1502390906-1372324882=:1345--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1372324671.3493.YahooMailNeo>