After for a long time not posting blogspot. In my spare time making documentation for upgrading FreeBSD release to stable. This is old topic and so many documentation around but it's still important who is consider for upgrading FreeBSD to Stable one.
So whats the different between Current and Stable? Well, I think you should read this link :)
http://www.freebsd.org/doc/en/books/handbook/current-stable.html
This is my email server.
mail# uname -a
FreeBSD mail.myserver.com 8.2-RELEASE FreeBSD 8.2-RELEASE #0: Tue Dec 25 00:22:30 WIT 2012 root@mail.myserver.com:/usr/obj/usr/src/sys/PAE-PF-ALTQ i386
mail#
As we can see, is using FreeBSD 8.2-RELEASE, and I need to upgrade to STABLE one.
First, install cvsup using ports.
/usr/ports/net/cvsup
mail#make install clean
....
cp `cat ../M3TARGET`/cvpasswd.1 /usr/local/man/man1/cvpasswd.1
chmod 644 /usr/local/man/man1/cvpasswd.1
===> Compressing manual pages for cvsup-without-gui-16.1h_4
===> Registering installation for cvsup-without-gui-16.1h_4
===> SECURITY REPORT:
This port has installed the following files which may act as network
servers and may therefore pose a remote security risk to the system.
/usr/local/sbin/cvsupd
/usr/local/bin/cvsup
/usr/local/bin/cvpasswd
If there are vulnerabilities in these programs there may be a security
risk to the system. FreeBSD makes no guarantee about the security of
ports included in the Ports Collection. Please type 'make deinstall'
to deinstall the port if this is a concern.
For more information, and contact details about the security
status of this software, see the following webpage:
http://www.cvsup.org/
mail#
After everything is OK, copy the default configuration of stable supfile in :
mail# cp /usr/share/examples/cvsup/stable-supfile /root/
Edit stable-supfile.
Here is for example :
*default host=CHANGE.TO.NEAREST.SERVER
*default base=/var/db
*default prefix=/usr
*default release=cvs tag=RELENG_8
*default delete use-rel-suffix
# If you seem to be limited by CPU rather than network or disk bandwidth, try
# commenting out the following line. (Normally, today's CPUs are fast enough
# that you want to run compression.)
*default compress
## Main Source Tree.
#
# The easiest way to get the main source tree is to use the "src-all"
# mega-collection. It includes all of the individual "src-*" collections.
# Please note: If you want to track -STABLE, leave this uncommented.
src-all
mail# cvsup -g -L 2 stable-supfile &
Checkout src/usr.sbin/zzz/Makefile
Checkout src/usr.sbin/zzz/zzz.8
Checkout src/usr.sbin/zzz/zzz.sh
Shutting down connection to server
Finished successfully
[1] Done cvsup -g -L 2 stable-supfile
Remove OLD obj in directory /usr/obj if needed.
Now is time to buildworld, because I custimize my kernel options, so I have to build kernel too.
You can skip this, if using default kernel options.
mail#cd /usr/src
mail# make buildworld
mail# make buildkernel KERNCONF=MYKERNEL
After for awhile, compile kernel is complete
text data bss dec hex filename
8465186 752516 608536 9826238 95efbe kernel.debug
objcopy --only-keep-debug kernel.debug kernel.symbols
objcopy --strip-debug --add-gnu-debuglink=kernel.symbols kernel.debug kernel
--------------------------------------------------------------
>>> Kernel build for MYKERNEL completed on Fri Dec 28 06:49:32 WIT 2012
--------------------------------------------------------------
mail# make installkernel KERNCONF=MYKERNELmail# make installworld
mail# reboot
Check server using this command below.
mail# uname -a
FreeBSD mail.myserver.com 8.3-STABLE FreeBSD 8.3-STABLE #0: Fri Dec 28 06:49:27 WIT 2012 root@mail.myserver.com:/usr/obj/usr/src/sys/PAE-PF-ALTQ i386
mail#
Done.
Friday, December 28, 2012
Tuesday, December 25, 2012
Simple command and very useful in Windows
I use this command for administering My server, Microsft Windows 2003 Enterprise.
xcopy /c /e /f /h /i /a /s /v /D /z /Y Z:\ E:\share
FORFILES /P D:\Backup /S /M *.bak /D 01/06/2012 /C "cmd /c xcopy @file F:\DB1011\2011 /Y"
FORFILES /P %backupgl% /S /M *.bak /D -366 /C "cmd /c del @file"
Robocopy X:\*.* C:\temp /E /Z /SEC /MIR /R:1 /LOG:%log%
Robocopy command you can download it from microsoft website.
xcopy /c /e /f /h /i /a /s /v /D /z /Y Z:\ E:\share
FORFILES /P D:\Backup /S /M *.bak /D 01/06/2012 /C "cmd /c xcopy @file F:\DB1011\2011 /Y"
FORFILES /P %backupgl% /S /M *.bak /D -366 /C "cmd /c del @file"
Robocopy X:\*.* C:\temp /E /Z /SEC /MIR /R:1 /LOG:%log%
Robocopy command you can download it from microsoft website.
Saturday, December 1, 2012
viperbsd# uname -a
FreeBSD viperbsd.org 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Sat Jun 7 01:50:54 WIT 2008 root@viperbsd.org:/usr/src/sys/i386/compile/viperbsd i386
viperbsd#
#cd /usr/src
# make buildworld
# make buildkernel KERNCONF=ROUTER
# make installkernel KERNCONF= ROUTER
# make installworld
# reboot
FreeBSD viperbsd.org 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Sat Jun 7 01:50:54 WIT 2008 root@viperbsd.org:/usr/src/sys/i386/compile/viperbsd i386
viperbsd#
#cd /usr/src
# make buildworld
# make buildkernel KERNCONF=ROUTER
# make installkernel KERNCONF= ROUTER
# make installworld
# reboot
DTrace on FreeBSD
DTrace, also known as Dynamic Tracing, was developed by Sun™ as a tool for locating performance bottlenecks in production and pre-production systems. It is not, in any way, a debugging tool, but a tool for real time system analysis to locate performance and other issues. (http://www.freebsd.org/doc/en/books/handbook/dtrace.html)
Well, I am trying to install on my old machine, FreeBSD 7.1
Add this following options to your configuration kernel.
options KDTRACE_HOOKS # Kernel DTrace hooks
options DDB_CTF
Compile your kernel with this options WITH_CTF=1
This articel is out of date. Not open my blog for long time, still in draft.
Well, I am trying to install on my old machine, FreeBSD 7.1
Add this following options to your configuration kernel.
options KDTRACE_HOOKS # Kernel DTrace hooks
options DDB_CTF
Compile your kernel with this options WITH_CTF=1
This articel is out of date. Not open my blog for long time, still in draft.
Friday, June 8, 2012
Installing Spamassassin Postfix/Dovecot on FreeBSD 8.2
I decided to install SpamAssassin in my email
server. Actually, I already using spamcop, for at least more than 6 months our email
server never get SPAM, fight using header_check, upgrading to pcre support. Well now I need install SpamAssassin.
On 2012 until this day we got huge traffic email. I have to protect the users from SPAM.
Email Traffic
| Mails successfully sent | 1,028,599 | 448.49 GB (457.2 KB/Mails) | ||
| Mails failed/refused | 936,173 | 23.55 GB |
First, I upgrade my ports collections using cvsup.
#cvsup –L 2 port-supfiles
My old perl version is 5.8, so I have to upgrade to new one.
Don’t forget to read the UPDATING in /usr/ports/UPDATING
(20110517)
This file, will explain many thinks.
#cd /usr/ports/mail/p5-Mail-SpamAssassin
#make clean
#make install
And I got these error :
NOTE: the optional HTTP::Date module is not installed.
The
"sa-update" program requires this module to make HTTP
If-Modified-Since
GET requests.
REQUIRED module missing: HTML::Parser
REQUIRED module missing: Net::DNS
REQUIRED module missing: NetAddr::IP
optional module missing: Digest::SHA1
optional module missing: Mail::SPF
optional module missing: IP::Country
optional module missing: Razor2
optional module missing: Net::Ident
optional module missing: IO::Socket::INET6
optional module missing: IO::Socket::SSL
optional module missing: Mail::DKIM
optional module missing: DBI
optional module missing: LWP::UserAgent
optional module missing: HTTP::Date
warning: some functionality may not be available,
please read the above report before continuing!
Can't open Makefile: No such file or directory.
===> Building for
p5-Mail-SpamAssassin-3.3.2_6
make: cannot open Makefile.
*** Error code 1
Stop in /usr/ports/mail/p5-Mail-SpamAssassin.
*** Error code 1
Stop in /usr/ports/mail/p5-Mail-SpamAssassin.
So I have to install perl module.
#perl –MCPAN –e shell
….
cpan[1]> install HTML::Parser Net::DNS NetAddr::IP
Digest::SHA1 Mail::SPF IP::Country Razor2 Net::Ident IO::Socket::INET6
IO::Socket::SSL Mail::DKIM DBI LWP::UserAgent HTTP::Date
#cd /usr/ports/mail/p5-Mail-SpamAssassin
#make clean (Don’t
forget always make clean after getting error)
#make install
Some package maybe just already installs with older version,
just make deinstall, make clean then, start again.
sa-update now places state files in /var/db/spamassassin and
not
/var/lib/spamassassin.
This is to be consistant with Freebsd file
directory conventions.
If you run sa-compile, you will notice that files are in
/var/db/spamassassin/compiled//
instead of
/var/db/spamassassin/compiled/.
No attempts have been made to move old versions over. You
must recomp ile.
If you are running with spamd, you must add the following to
rc.conf:
spamd_enable="YES"
Security Note: If you
did NOT deselected AS_ROOT, spamd will be runn ing
as root. To change this, also add this to rc.conf:
spamd_flags="-u spamd -H /var/spool/spamd"
===> Correct pkg-plist sequence to create group(s) and
user(s)
===> Compressing
manual pages for p5-Mail-SpamAssassin-3.3.2_6
===> Running
ldconfig
/sbin/ldconfig -m /usr/local/lib
===> Registering
installation for p5-Mail-SpamAssassin-3.3.2_6
# netstat -a |grep LISTEN
tcp4 0 0 localhost.783 *.* LISTEN
….
Before configure main.cf and master.cf please READ CAREFULLY
this http://www.postfix.org/FILTER_README.html
Spamassasin configuration local.cf
rewrite_header Subject **SPAM**
required_score 6.0
report_safe 1
use_bayes 1
bayes_path /var/spool/spamd/.spamassassin/bayes
skip_rbl_checks 0
use_razor2 0
use_dcc 0
use_pyzor 0
dns_available yes
header LOCAL_RCVD Received =~ /.*\(\S+\.mydomain\.com\s+\[.*\]\)/
describe LOCAL_RCVD Received: from mydomain.com
score LOCAL_RCVD -50
score BAYES_99 4.300
score BAYES_90 3.500
score BAYES_80 3.000
required_score 6.0
report_safe 1
use_bayes 1
bayes_path /var/spool/spamd/.spamassassin/bayes
skip_rbl_checks 0
use_razor2 0
use_dcc 0
use_pyzor 0
dns_available yes
header LOCAL_RCVD Received =~ /.*\(\S+\.mydomain\.com\s+\[.*\]\)/
describe LOCAL_RCVD Received: from mydomain.com
score LOCAL_RCVD -50
score BAYES_99 4.300
score BAYES_90 3.500
score BAYES_80 3.000
I want to pool, all spam to one email account.here is a script :
filter.sh
#!/bin/sh
#Filter Script
SENDMAIL="/usr/sbin/sendmail -i"
EGREP=/usr/bin/egrep
EX_UNAVAILABLE=69
SPAMLIMIT=6
trap "rm -f /var/spool/spamd/filter/out.$$" 0 1 2 3 15
cat | /usr/local/bin/spamc -u spamd | sed 's/^\.$/../' > /var/spool/spamd/filter /out.$$
if $EGREP -q "^X-Spam-Level: \*{$SPAMLIMIT,}" < /var/spool/spamd/filter/out.$$
then
$SENDMAIL spampooler@mydomain.com < /var/spool/spamd/filter/out.$$
else
$SENDMAIL "$@" < /var/spool/spamd/filter/out.$$
fi
exit $?
#Filter Script
SENDMAIL="/usr/sbin/sendmail -i"
EGREP=/usr/bin/egrep
SPAMLIMIT=6
cat | /usr/local/bin/spamc -u spamd | sed 's/^\.$/../' > /var/spool/spamd/filter /out.$$
if $EGREP -q "^X-Spam-Level: \*{$SPAMLIMIT,}" < /var/spool/spamd/filter/out.$$
then
$SENDMAIL spampooler@mydomain.com < /var/spool/spamd/filter/out.$$
else
$SENDMAIL "$@" < /var/spool/spamd/filter/out.$$
fi
exit $?
edit the master.cf
#smtp inet n - n - - smtpd
smtp inet n - n - - smtpd
# -o content_filter=filter:dummy
-o content_filter=spamassassin:dummy
#
smtp inet n - n - - smtpd
# -o content_filter=filter:dummy
-o content_filter=spamassassin:dummy
#
#SPAMFILTERi/SPAMASSASSIN
spamassassin unix - n n - 10 pipe
flags=Rq user=spamd argv=/usr/sbin/filter.sh -f ${sender} -- ${recipient}
spamassassin unix - n n - 10 pipe
flags=Rq user=spamd argv=/usr/sbin/filter.sh -f ${sender} -- ${recipient}
maillog
Jun 8 16:52:36 blade postfix/qmgr[49965]: C8F22F7550: from=, size=1345, nrcpt=1 (queue active)
Jun 8 16:52:36 blade postfix/smtpd[96866]: disconnect from smtp.example.com[10.1.1.201]
Jun 8 16:52:36 blade spamd[86197]: spamd: connection from localhost [127.0.0.1] at port 17055
Jun 8 16:52:36 blade spamd[86197]: spamd: processing message <4FD1CB80.6080506@example.com> for spamd:58
Jun 8 16:52:36 blade spamd[86197]: spamd: clean message (-2.9/6.0) for spamd:58 in 0.1 seconds, 1353 bytes.
Jun 8 16:52:36 blade spamd[86197]: spamd: result: . -2 - ALL_TRUSTED,BAYES_00,T_RP_MATCHES_RCVD scantime=0.1,size=1353,user=spamd,uid=58,required_score=6.0,rhost=localhost,raddr=127.0.0.1,rport=17055,mid=<4FD1CB80.6080506@example.com>,bayes=0.000000,autolearn=ham
Jun 8 16:52:37 blade postfix/pickup[94779]: 002A3F7574: uid=58 from=
Jun 8 16:52:37 blade postfix/cleanup[97102]: 002A3F7574: message-id=<4FD1CB80.6080506@example.com>
Jun 8 16:52:37 blade postfix/pipe[97103]: C8F22F7550: to=, relay=spamassassin, delay=0.18, delays=0.02/0/0/0.16, dsn=2.0.0, status=sent (delivered via spamassassin service)
Jun 8 16:52:37 blade postfix/qmgr[49965]: C8F22F7550: removed
Jun 8 16:52:37 blade spamd[1622]: prefork: child states: II
Jun 8 16:52:37 blade postfix/qmgr[49965]: 002A3F7574: from=, size=1683, nrcpt=1 (queue active)
Jun 8 16:52:37 blade postfix/virtual[97142]: 002A3F7574: to=, relay=virtual, delay=0.13, delays=0.06/0/0/0.07, dsn=2.0.0, status=sent (delivered to maildir)
Jun 8 16:52:37 blade postfix/qmgr[49965]: 002A3F7574: removed
Header
Subject: **SPAM** =?GB2312?B?16jStcPYyunQ0NX+yMvUsby8xNzM4cn9?=
Date: Thu, 7 Jun 2012 05:44:11 +0800
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
smtp.mydomain.com
X-Spam-Flag: YES
X-Spam-Level: **************
X-Spam-Status: Yes, score=15.0 required=6.0 tests=BAYES_99,DOS_OE_TO_MX,
FORGED_MUA_OUTLOOK,MISSING_MID,RCVD_IN_BRBL_LASTEXT,RCVD_IN_PSBL,
RCVD_IN_SORBS_WEB,RDNS_NONE,TO_NO_BRKTS_MSFT autolearn=spam version=3.3.2
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------=_4FCFCF20.8B19D0B7"
Message-Id: <20120606214400.8012FF7551@smtp.mydomain.com>
Jun 8 16:52:36 blade postfix/qmgr[49965]: C8F22F7550: from=
Jun 8 16:52:36 blade postfix/smtpd[96866]: disconnect from smtp.example.com[10.1.1.201]
Jun 8 16:52:36 blade spamd[86197]: spamd: connection from localhost [127.0.0.1] at port 17055
Jun 8 16:52:36 blade spamd[86197]: spamd: processing message <4FD1CB80.6080506@example.com> for spamd:58
Jun 8 16:52:36 blade spamd[86197]: spamd: clean message (-2.9/6.0) for spamd:58 in 0.1 seconds, 1353 bytes.
Jun 8 16:52:36 blade spamd[86197]: spamd: result: . -2 - ALL_TRUSTED,BAYES_00,T_RP_MATCHES_RCVD scantime=0.1,size=1353,user=spamd,uid=58,required_score=6.0,rhost=localhost,raddr=127.0.0.1,rport=17055,mid=<4FD1CB80.6080506@example.com>,bayes=0.000000,autolearn=ham
Jun 8 16:52:37 blade postfix/pickup[94779]: 002A3F7574: uid=58 from=
Jun 8 16:52:37 blade postfix/cleanup[97102]: 002A3F7574: message-id=<4FD1CB80.6080506@example.com>
Jun 8 16:52:37 blade postfix/pipe[97103]: C8F22F7550: to=
Jun 8 16:52:37 blade postfix/qmgr[49965]: C8F22F7550: removed
Jun 8 16:52:37 blade spamd[1622]: prefork: child states: II
Jun 8 16:52:37 blade postfix/qmgr[49965]: 002A3F7574: from=
Jun 8 16:52:37 blade postfix/virtual[97142]: 002A3F7574: to=
Jun 8 16:52:37 blade postfix/qmgr[49965]: 002A3F7574: removed
Header
Subject: **SPAM** =?GB2312?B?16jStcPYyunQ0NX+yMvUsby8xNzM4cn9?=
Date: Thu, 7 Jun 2012 05:44:11 +0800
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
smtp.mydomain.com
X-Spam-Flag: YES
X-Spam-Level: **************
X-Spam-Status: Yes, score=15.0 required=6.0 tests=BAYES_99,DOS_OE_TO_MX,
FORGED_MUA_OUTLOOK,MISSING_MID,RCVD_IN_BRBL_LASTEXT,RCVD_IN_PSBL,
RCVD_IN_SORBS_WEB,RDNS_NONE,TO_NO_BRKTS_MSFT autolearn=spam version=3.3.2
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------=_4FCFCF20.8B19D0B7"
Message-Id: <20120606214400.8012FF7551@smtp.mydomain.com>
Subscribe to:
Posts (Atom)