Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 27 Jun 2013 02:17:51 -0700 (PDT)
From:      Jack Mc Lauren <jack.mclauren@yahoo.com>
To:        FreeBSD Global Users Mailing List <freebsd-questions@freebsd.org>
Subject:   Using snort in inline mode with IPFW
Message-ID:  <1372324671.3493.YahooMailNeo@web160102.mail.bf1.yahoo.com>

Next in thread | Raw E-Mail | Index | Archive | Help
Hi all=0AHave you guys ever tried this combination? Using snort in inline m=
ode and IPFW as daq.=A0=0AI have added the following lines to the default /=
usr/local/etc/snort/snort.conf file :=0A=0Aconfig daq: ipfw=0Aconfig daq_mo=
de: inline=0Aconfig policy_mode: inline=0A=0AAnd I use the following script=
 to run snort:=0A=0A#!/bin/sh=0Aipfw -q delete set 10 >/dev/null 1>/dev/nul=
l 2>/dev/null=0Aipfw -q delete 401 >/dev/null 1>/dev/null 2>/dev/null=0Aipf=
w -q delete 402 >/dev/null 1>/dev/null 2>/dev/null=0Aipfw -q delete 403 >/d=
ev/null 1>/dev/null 2>/dev/null=0Aipfw -q add 401 allow all from 224.0.0.0/=
24 to any >/dev/null 1>/dev/null 2>/dev/null=0Aipfw -q add 402 allow all fr=
om any to 224.0.0.0/24 >/dev/null 1>/dev/null 2>/dev/null=0Aipfw -q add 403=
 allow all from me to me >/dev/null 1>/dev/null 2>/dev/null=0A/bin/snort --=
daq ipfw --daq-var port=3D1500 -N -A full -l /var/log/snort/ -c /usr/local/=
etc/snort/snort.conf >/dev/null 1>/dev/null 2>/dev/null -q &=0Aipfw -q add =
451 set 10 divert 1500 all from any to any >/dev/null 1>/dev/null 2>/dev/nu=
ll=0A=0ABut it does not drop the packets.=0AAny suggestions or experiences =
?=0A=0AThanks in advance=A0
From owner-freebsd-questions@FreeBSD.ORG  Thu Jun 27 09:21:30 2013
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 by hub.freebsd.org (Postfix) with ESMTP id B04E46E1
 for <freebsd-questions@freebsd.org>; Thu, 27 Jun 2013 09:21:30 +0000 (UTC)
 (envelope-from trond@fagskolen.gjovik.no)
Received: from smtp.fagskolen.gjovik.no (smtp.fagskolen.gjovik.no
 [IPv6:2001:700:1100:1:200:ff:fe00:b])
 by mx1.freebsd.org (Postfix) with ESMTP id 11BEF1628
 for <freebsd-questions@freebsd.org>; Thu, 27 Jun 2013 09:21:29 +0000 (UTC)
Received: from mail.fig.ol.no (localhost [127.0.0.1])
 by mail.fig.ol.no (8.14.7/8.14.7) with ESMTP id r5R9LM0J090788
 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
 Thu, 27 Jun 2013 11:21:22 +0200 (CEST)
 (envelope-from trond@fagskolen.gjovik.no)
Received: from localhost (trond@localhost)
 by mail.fig.ol.no (8.14.7/8.14.7/Submit) with ESMTP id r5R9LMim090785;
 Thu, 27 Jun 2013 11:21:22 +0200 (CEST)
 (envelope-from trond@fagskolen.gjovik.no)
X-Authentication-Warning: mail.fig.ol.no: trond owned process doing -bs
Date: Thu, 27 Jun 2013 11:21:22 +0200 (CEST)
From: =?ISO-8859-1?Q?Trond_Endrest=F8l?= <Trond.Endrestol@fagskolen.gjovik.no>
Sender: Trond.Endrestol@fagskolen.gjovik.no
To: "C. L. Martinez" <carlopmart@gmail.com>
Subject: Re: Errors building mysql55-client
In-Reply-To: <CAEjQA5LZfFo4MxijZhD+zjnAkxX7OoBiWFX8X91Y2wsFLLyk0w@mail.gmail.com>
Message-ID: <alpine.BSF.2.00.1306271106090.1345@mail.fig.ol.no>
References: <CAEjQA5LZfFo4MxijZhD+zjnAkxX7OoBiWFX8X91Y2wsFLLyk0w@mail.gmail.com>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
Organization: Fagskolen Innlandet
OpenPGP: url=http://fig.ol.no/~trond/trond.key
MIME-Version: 1.0
Content-Type: MULTIPART/MIXED;
 BOUNDARY="2055831798-1502390906-1372324882=:1345"
X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00
 autolearn=ham version=3.3.2
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on mail.fig.ol.no
Cc: freebsd-questions@freebsd.org
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>;
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Jun 2013 09:21:30 -0000

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

--2055831798-1502390906-1372324882=:1345
Content-Type: TEXT/PLAIN; charset=ISO-8859-1
Content-Transfer-Encoding: 8BIT

On Thu, 27 Jun 2013 07:55-0000, C. L. Martinez wrote:

> Hi all,
> 
>  There is an error when poudriere tries to build mysql55-client:
> 
> ===>  License GPLv2 accepted by the user
> ===> Fetching all distfiles required by mysql-client-5.5.32 for building
> => SHA256 Checksum mismatch for mysql-5.5.32.tar.gz.
> ===>  Refetch for 1 more times files: mysql-5.5.32.tar.gz
> ===>  License GPLv2 accepted by the user
> => mysql-5.5.32.tar.gz doesn't seem to exist in /distfiles/.
> => Attempting to fetch
> ftp://ftp.fi.muni.cz/pub/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz
> fetch: ftp://ftp.fi.muni.cz/pub/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz:
> Unknown FTP error
> => Attempting to fetch
> http://mysql.mirrors.cybercity.dk/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz
> fetch: http://mysql.mirrors.cybercity.dk/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz:
> No route to host
> => Attempting to fetch
> ftp://ftp.fh-wolfenbuettel.de/pub/database/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz
> fetch: ftp://ftp.fh-wolfenbuettel.de/pub/database/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz:
> Unknown FTP error
> => Attempting to fetch
> ftp://ftp.gwdg.de/pub/misc/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz
> fetch: mysql-5.5.32.tar.gz: local file (24625029 bytes) is longer than
> remote file (24589274 bytes)
> => Attempting to fetch
> http://netmirror.org/mirror/mysql.com/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz
> fetch: http://netmirror.org/mirror/mysql.com/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz:
> Operation timed out
> => Attempting to fetch
> ftp://netmirror.org/mysql.com/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz
> fetch: ftp://netmirror.org/mysql.com/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz:
> Protocol error
> => Attempting to fetch
> http://mirrors.ntua.gr/MySQL/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz
> fetch: http://mirrors.ntua.gr/MySQL/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz:
> Requested Range Not Satisfiable
> => Attempting to fetch
> ftp://ftp.ntua.gr/pub/databases/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz
> fetch: mysql-5.5.32.tar.gz: local file (24625029 bytes) is longer than
> remote file (24589274 bytes)
> => Attempting to fetch
> http://mysql.sote.hu/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz
> fetch: http://mysql.sote.hu/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz:
> No address record
> => Attempting to fetch
> ftp://ftp.rhnet.is/pub/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz
> fetch: ftp://ftp.rhnet.is/pub/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz:
> File unavailable (e.g., file not found, no access)
> => Attempting to fetch
> ftp://mirror.widexs.nl/pub/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz
> fetch: ftp://mirror.widexs.nl/pub/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz:
> File unavailable (e.g., file not found, no access)
> => Attempting to fetch
> ftp://mirror.switch.ch/mirror/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz
> fetch: mysql-5.5.32.tar.gz: local file (24625029 bytes) is longer than
> remote file (24589274 bytes)
> => Attempting to fetch
> http://mysql.dp.ua/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz
> fetch: http://mysql.dp.ua/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz: No
> address record
> => Attempting to fetch
> http://mysql.mirrored.ca/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz
> fetch: http://mysql.mirrored.ca/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz:
> size mismatch: expected 24589274, actual 51
> => Attempting to fetch
> ftp://mirror.services.wisc.edu/mirrors/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz
> fetch: ftp://mirror.services.wisc.edu/mirrors/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz:
> No address record
> => Attempting to fetch
> http://mysql.mirrors.pair.com/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz
> fetch: http://mysql.mirrors.pair.com/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz:
> Requested Range Not Satisfiable
> => Attempting to fetch
> ftp://ftp.linorg.usp.br/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz
> fetch: ftp://ftp.linorg.usp.br/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz:
> No address record
> => Attempting to fetch
> ftp://ftp.cbn.net.id/mirror/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz
> fetch: ftp://ftp.cbn.net.id/mirror/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz:
> File unavailable (e.g., file not found, no access)
> => Attempting to fetch
> ftp://ftp.easynet.be/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz
> fetch: ftp://ftp.easynet.be/mysql/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz:
> Unknown FTP error
> => Attempting to fetch
> http://download.softagency.net/MySQL/Downloads/MySQL-5.5/mysql-5.5.32.tar.gz
> fetch: mysql-5.5.32.tar.gz: local file (24625029 bytes) is longer than
> remote file (24589274 bytes)
> => Attempting to fetch
> ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/mysql-5.5.32.tar.gz
> fetch: ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/mysql-5.5.32.tar.gz:
> size mismatch: expected 24589274, actual 24625029
> => Couldn't fetch it - please try to retrieve this
> => port manually into /distfiles/ and try again.
> *** Error code 1
> 
> Stop in /usr/ports/databases/mysql55-client.
> *** Error code 1
> 
> Stop in /usr/ports/databases/mysql55-client.
> ===>  Cleaning for mysql-client-5.5.32
> 
> Any idea why??

Either the file named distinfo is messed up, or the maintainer has 
access to a different file than the rest of us. Maybe you should wait 
until the MySQL mirrors catches up.

Here's contents of /usr/ports/databases/mysql55-server/distinfo on one 
of my systems as of r321850:

root@enterprise:~>cat /usr/ports/databases/mysql55-server/distinfo
SHA256 (mysql-5.5.32.tar.gz) = babb19a1e58f6b285ff75e876f550a798d37fb72b5a548ffb411e8a4a51f6890
SIZE (mysql-5.5.32.tar.gz) = 24589274

Here's info on the file itself:

root@enterprise:~>stat -x /usr/ports/distfiles/mysql-5.5.32.tar.gz
  File: "/usr/ports/distfiles/mysql-5.5.32.tar.gz"
  Size: 24625029     FileType: Regular File
  Mode: (0644/-rw-r--r--)         Uid: (    0/    root)  Gid: (    0/   
wheel)
Device: 129,129302626   Inode: 4958    Links: 1
Access: Thu Jun 27 11:03:49 2013
Modify: Fri May 17 07:44:35 2013
Change: Fri Jun 14 09:20:22 2013

root@enterprise:~>sha256 /usr/ports/distfiles/mysql-5.5.32.tar.gz
SHA256 (/usr/ports/distfiles/mysql-5.5.32.tar.gz) = 20930c3d934937f3863073af0a54cb014a4c6469e5460a81e2ff75062755377e

Neither the file's length nor its SHA256 hash matches what's stored in 
the distinfo file.

If you accept the risks, you could perform some surgery on the 
/usr/ports/databases/mysql55-server/distinfo file, changing its 
contents to:

SHA256 (mysql-5.5.32.tar.gz) = 20930c3d934937f3863073af0a54cb014a4c6469e5460a81e2ff75062755377e
SIZE (mysql-5.5.32.tar.gz) = 24625029

You should probably generate/verify these values yourself.

I updated both mysql55-server and mysql55-client on June 14th, 2013.

root@enterprise:~>mysql --version
mysql  Ver 14.14 Distrib 5.5.32, for FreeBSD9.1 (amd64) using  5.2

-- 
+-------------------------------+------------------------------------+
| Vennlig hilsen,               | Best regards,                      |
| Trond Endrestøl,              | Trond Endrestøl,                   |
| IT-ansvarlig,                 | System administrator,              |
| Fagskolen Innlandet,          | Gjøvik Technical College, Norway,  |
| tlf. mob.   952 62 567,       | Cellular...: +47 952 62 567,       |
| sentralbord 61 14 54 00.      | Switchboard: +47 61 14 54 00.      |
+-------------------------------+------------------------------------+
--2055831798-1502390906-1372324882=:1345--



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?1372324671.3493.YahooMailNeo>