Журнал лабораторных работ

--- /tmp/l3-saved-1491.480.19417	2012-04-04 14:21:26.000000000 +0300
+++ /etc/namedb/named.conf	2012-04-04 14:22:06.000000000 +0300
@@ -8,6 +8,11 @@
 // simple mistakes, you can break connectivity for affected parties,
 // or cause huge amounts of useless Internet traffic.
 
+key "rndc-key" {
+        algorithm hmac-md5;
+        secret "AlvQ2g22Z3Jn1hjvpkGu/tbw3qe+Ztx7YX6B+RS8o68=";
+};
+
 options {
 	// All file and path names are relative to the chroot directory,
 	// if any, and should be fully qualified.
@@ -18,10 +23,7 @@
 
 	listen-on	{ 127.0.0.1; 192.168.13.21; };
 	version		"Microsoft DNS v6.1";
-key "rndc-key" {
-        algorithm hmac-md5;
-        secret "AlvQ2g22Z3Jn1hjvpkGu/tbw3qe+Ztx7YX6B+RS8o68=";
-};
+
 
 	disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
 	disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";

--- /tmp/l3-saved-1491.18993.684	2012-04-04 14:22:12.000000000 +0300
+++ /etc/rc.conf	2012-04-04 14:22:18.000000000 +0300
@@ -23,4 +23,4 @@
 pflog_enable="YES"
 pflog_logfile="/var/log/pf.log"
 named_enable="YES"
-named_flags="-u bind -g bind"
+#named_flags="-u bind -g bind"

Starting named.

bind     1824  0.0  2.4 17444 12388  ??  Ss    2:22PM   0:00.10 /usr/sbin/named

USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS
bind     named      1824  20 tcp4   192.168.13.21:53      *:*
bind     named      1824  21 tcp4   127.0.0.1:53          *:*
bind     named      1824  22 tcp4   127.0.0.1:953         *:*
bind     named      1824  512 udp4  192.168.13.21:53      *:*
bind     named      1824  513 udp4  127.0.0.1:53          *:*
root     sshd       1450  3  tcp4   192.168.13.21:22      192.168.13.253:34805
root     sendmail   1357  4  tcp4   127.0.0.1:25          *:*
root     sshd       1349  4  tcp4   *:22                  *:*
root     syslogd    984   9  udp4   *:514                 *:*

PING ya.ru (213.180.204.3): 56 data bytes
64 bytes from 213.180.204.3: icmp_seq=0 ttl=57 time=22.811 ms
64 bytes from 213.180.204.3: icmp_seq=1 ttl=57 time=22.410 ms
^C
--- ya.ru ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 22.410/22.611/22.811/0.200 ms

--- /tmp/l3-saved-1491.13767.10624	2012-04-04 14:25:10.000000000 +0300
+++ /etc/namedb/named.conf	2012-04-04 14:25:37.000000000 +0300
@@ -292,5 +292,5 @@
 zone "wilen.net.nt" {
 	type master;
 	file "/etc/namedb/master/wilen.net.nt";
-	allow-query { 192.168.13.0/24; };
+//	allow-query { 192.168.13.0/24; };
 };

server reload successful

Stopping named.
Starting named.

PING localhost.net.nt (127.0.0.1): 56 data bytes
64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.034 ms
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.040 ms
^C
--- localhost.net.nt ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.034/0.037/0.040/0.003 ms

PING wilen.net.nt (192.168.13.21): 56 data bytes
64 bytes from 192.168.13.21: icmp_seq=0 ttl=64 time=0.028 ms
64 bytes from 192.168.13.21: icmp_seq=1 ttl=64 time=0.045 ms
64 bytes from 192.168.13.21: icmp_seq=2 ttl=64 time=0.047 ms
64 bytes from 192.168.13.21: icmp_seq=3 ttl=64 time=0.043 ms
64 bytes from 192.168.13.21: icmp_seq=4 ttl=64 time=0.048 ms
64 bytes from 192.168.13.21: icmp_seq=5 ttl=64 time=0.052 ms
^C
--- wilen.net.nt ping statistics ---
6 packets transmitted, 6 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.028/0.044/0.052/0.008 ms

--- /tmp/l3-saved-1491.5060.23140	2012-04-04 14:27:08.000000000 +0300
+++ /etc/namedb/named.conf	2012-04-04 14:28:08.000000000 +0300
@@ -292,5 +292,5 @@
 zone "wilen.net.nt" {
 	type master;
 	file "/etc/namedb/master/wilen.net.nt";
-//	allow-query { 192.168.13.0/24; };
+	allow-query { 192.168.13/24; };
 };

Stopping named.
Starting named.

--- /tmp/l3-saved-1491.6448.13662	2012-04-04 14:28:19.000000000 +0300
+++ /etc/namedb/named.conf	2012-04-04 14:28:27.000000000 +0300
@@ -292,5 +292,5 @@
 zone "wilen.net.nt" {
 	type master;
 	file "/etc/namedb/master/wilen.net.nt";
-	allow-query { 192.168.13/24; };
+//	allow-query { 192.168.13/24; };
 };

Stopping named.
Starting named.

--- /tmp/l3-saved-1491.26361.3836	2012-04-04 14:29:43.000000000 +0300
+++ /etc/namedb/named.conf	2012-04-04 14:33:39.000000000 +0300
@@ -294,3 +294,9 @@
 	file "/etc/namedb/master/wilen.net.nt";
 //	allow-query { 192.168.13/24; };
 };
+
+
+zone "13.168.192.in-addr.arpa" {
+	type master;
+	file "/etc/namedb/master/192.168.13.in-addr.arpa"
+};

.bash_history   .cshrc          .l3rc           .profile
.bash_profile   .history        .lilalo         .ssh
.bashrc         .k5login        .login          install

dynamic         named.conf      rndc.key        working
master          named.root      slave

empty.db                localhost-reverse.db
localhost-forward.db    wilen.net.nt

--- /tmp/l3-saved-1491.19824.471	2012-04-04 14:34:19.000000000 +0300
+++ 192.168.13.in-addr.arpa	2012-04-04 14:36:47.000000000 +0300
@@ -1,13 +1,14 @@
-
-; $FreeBSD: src/etc/namedb/master/localhost-reverse.db,v 1.1.12.1.6.1 2010/12/21 17:09:25 kensmith Exp $
-
 $TTL 3h
-@ SOA localhost. nobody.localhost. 42 1d 12h 1w 3h
-	; Serial, Refresh, Retry, Expire, Neg. cache TTL
 
-	NS	localhost.
+@	SOA	ns.wilen.net.nt. root.wilen.net.nt (
+			42
+			1d
+			12h
+			1w
+			3h )
 
-1.0.0	PTR	localhost.
+@	NS	ns.wilen.net.nt.
 
-1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR localhost.
+21	PTR	wilen.net.nt.
+22	PTR	mail
 

--- /tmp/l3-saved-1491.21697.1734	2012-04-04 14:37:42.000000000 +0300
+++ /etc/namedb/named.conf	2012-04-04 14:38:04.000000000 +0300
@@ -298,5 +298,5 @@
 
 zone "13.168.192.in-addr.arpa" {
 	type master;
-	file "/etc/namedb/master/192.168.13.in-addr.arpa"
+	file "/etc/namedb/master/192.168.13.in-addr.arpa";
 };

named not running? (check /var/run/named/pid).
Starting named.

; <<>> DiG 9.6.-ESV-R3 <<>> -x 192.168.13.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54668
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;21.13.168.192.in-addr.arpa.    IN      PTR
;; ANSWER SECTION:
21.13.168.192.in-addr.arpa. 10800 IN    PTR     wilen.net.nt.
;; AUTHORITY SECTION:
13.168.192.in-addr.arpa. 10800  IN      NS      ns.wilen.net.nt.
;; ADDITIONAL SECTION:
ns.wilen.net.nt.        3600    IN      A       192.168.13.21
;; Query time: 29 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Apr  4 14:38:16 2012
;; MSG SIZE  rcvd: 103

wilen.net.nt.

--- /tmp/l3-saved-1491.24081.25942	2012-04-04 14:43:38.000000000 +0300
+++ /etc/resolv.conf	2012-04-04 14:45:04.000000000 +0300
@@ -1,3 +1,3 @@
 search net.nt unix.nt
 nameserver 127.0.0.1
-#nameserver 192.168.13.253
+nameserver 192.168.13.253

PING fobos.net.nt (192.168.13.253): 56 data bytes
64 bytes from 192.168.13.253: icmp_seq=0 ttl=64 time=0.414 ms
64 bytes from 192.168.13.253: icmp_seq=1 ttl=64 time=0.394 ms
64 bytes from 192.168.13.253: icmp_seq=2 ttl=64 time=0.412 ms
^C
--- fobos.net.nt ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.394/0.407/0.414/0.009 ms

PING fobos.net.nt (192.168.13.253): 56 data bytes
64 bytes from 192.168.13.253: icmp_seq=0 ttl=64 time=0.391 ms
64 bytes from 192.168.13.253: icmp_seq=1 ttl=64 time=0.362 ms
64 bytes from 192.168.13.253: icmp_seq=2 ttl=64 time=0.531 ms
64 bytes from 192.168.13.253: icmp_seq=3 ttl=64 time=0.806 ms
^C
--- fobos.net.nt ping statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.362/0.522/0.806/0.176 ms

PING wilen.net.nt (192.168.13.21): 56 data bytes
64 bytes from 192.168.13.21: icmp_seq=0 ttl=64 time=0.028 ms
64 bytes from 192.168.13.21: icmp_seq=1 ttl=64 time=0.048 ms
64 bytes from 192.168.13.21: icmp_seq=2 ttl=64 time=0.045 ms
64 bytes from 192.168.13.21: icmp_seq=3 ttl=64 time=0.044 ms
^C
--- wilen.net.nt ping statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.028/0.041/0.048/0.008 ms

--- /tmp/l3-saved-1491.11460.8523	2012-04-04 14:45:39.000000000 +0300
+++ /etc/resolv.conf	2012-04-04 14:48:58.000000000 +0300
@@ -1,3 +1,6 @@
 search net.nt unix.nt
+domain net.nt
 nameserver 127.0.0.1
 nameserver 192.168.13.253
+nameserver 8.8.8.8
+options timeout 10

PING ya.ru (77.88.21.3): 56 data bytes
64 bytes from 77.88.21.3: icmp_seq=0 ttl=57 time=22.435 ms
64 bytes from 77.88.21.3: icmp_seq=1 ttl=57 time=24.799 ms
^C
--- ya.ru ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 22.435/23.617/24.799/1.182 ms

87.250.251.11
93.158.134.11
213.180.193.11
213.180.204.11
77.88.21.11
87.250.250.11

10 mx.yandex.ru.

; <<>> DiG 9.6.-ESV-R3 <<>> mx yandex.ru
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35843
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 10
;; QUESTION SECTION:
;yandex.ru.                     IN      MX
;; ANSWER SECTION:
yandex.ru.              2041    IN      MX      10 mx.yandex.ru.
;; AUTHORITY SECTION:
...
mx.yandex.ru.           615     IN      A       213.180.193.89
ns1.yandex.ru.          239918  IN      A       213.180.193.1
ns1.yandex.ru.          1217    IN      AAAA    2a02:6b8::1
ns2.yandex.ru.          239918  IN      A       213.180.199.34
ns4.yandex.ru.          239918  IN      A       77.88.19.60
ns5.yandex.ru.          239918  IN      A       213.180.204.1
;; Query time: 33 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Apr  4 14:56:24 2012
;; MSG SIZE  rcvd: 290

; <<>> DiG 9.6.-ESV-R3 <<>> -x 195.182.202.50
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5182
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 11
;; QUESTION SECTION:
;50.202.182.195.in-addr.arpa.   IN      PTR
;; ANSWER SECTION:
50.202.182.195.in-addr.arpa. 86400 IN   PTR     mvd.skm.com.ua.
;; AUTHORITY SECTION:
...
d.root-servers.net.     527494  IN      AAAA    2001:500:2d::d
e.root-servers.net.     527494  IN      A       192.203.230.10
f.root-servers.net.     527494  IN      A       192.5.5.241
f.root-servers.net.     527494  IN      AAAA    2001:500:2f::f
g.root-servers.net.     527494  IN      A       192.112.36.4
h.root-servers.net.     527494  IN      A       128.63.2.53
;; Query time: 87 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Apr  4 14:58:20 2012
;; MSG SIZE  rcvd: 496

195.182.202.50

bind     2742  0.0  2.9 20516 14592  ??  Is    2:38PM   0:00.14 /usr/sbin/named

Port:   postfix-2.8.0,1
Path:   /usr/ports/mail/postfix
Info:   A secure alternative to widely-used Sendmail
Maint:  sahil@FreeBSD.org
B-deps: pcre-8.12 perl-5.10.1_3
R-deps: pcre-8.12
WWW:    http://www.postfix.org/
Port:   postfix-current-2.8.20101108,4
Path:   /usr/ports/mail/postfix-current
Info:   A secure alternative to widely-used Sendmail
...
Date:   2009-03-09
Reason: Has expired: Not supported anymore by vendor. Please choose a new one version.
Port:   mail/postfix-gps-devel
Moved:
Date:   2009-11-19
Reason: Has expired: Older than main port, no sign of maintainer activity beyond port creation 4+ years ago
Port:   mail/postfix23
Moved:
Date:   2010-05-02
Reason: Has expired: it's no longer maintened by upstream developer

#cd mail/post

postfinger/                 postfix-postfwd/
postfix/                    postfix24/
postfix-current/            postfix25/
postfix-gps/                postfix26/
postfix-policyd-sf/         postfix27/
postfix-policyd-spf/        postfixadmin/
postfix-policyd-spf-perl/   postgrey/
postfix-policyd-spf-python/ postpals/
postfix-policyd-weight/

#cd mail/postfi

postfinger/                 postfix-policyd-weight/
postfix/                    postfix-postfwd/
postfix-current/            postfix24/
postfix-gps/                postfix25/
postfix-policyd-sf/         postfix26/
postfix-policyd-spf/        postfix27/
postfix-policyd-spf-perl/   postfixadmin/
postfix-policyd-spf-python/

#cd mail/postfi

postfinger/                 postfix-policyd-weight/
postfix/                    postfix-postfwd/
postfix-current/            postfix24/
postfix-gps/                postfix25/
postfix-policyd-sf/         postfix26/
postfix-policyd-spf/        postfix27/
postfix-policyd-spf-perl/   postfixadmin/
postfix-policyd-spf-python/

#cd mail/postfi

postfinger/                 postfix-policyd-weight/
postfix/                    postfix-postfwd/
postfix-current/            postfix24/
postfix-gps/                postfix25/
postfix-policyd-sf/         postfix26/
postfix-policyd-spf/        postfix27/
postfix-policyd-spf-perl/   postfixadmin/
postfix-policyd-spf-python/

#cd mail/postfix

postfix/                    postfix-policyd-weight/
postfix-current/            postfix-postfwd/
postfix-gps/                postfix24/
postfix-policyd-sf/         postfix25/
postfix-policyd-spf/        postfix26/
postfix-policyd-spf-perl/   postfix27/
postfix-policyd-spf-python/ postfixadmin/

#cd mail/postfix

postfix/                    postfix-policyd-weight/
postfix-current/            postfix-postfwd/
postfix-gps/                postfix24/
postfix-policyd-sf/         postfix25/
postfix-policyd-spf/        postfix26/
postfix-policyd-spf-perl/   postfix27/
postfix-policyd-spf-python/ postfixadmin/

[src/postalias]
cat ../../conf/makedefs.out Makefile.in >Makefile
[src/postcat]
cat ../../conf/makedefs.out Makefile.in >Makefile
[src/postconf]
cat ../../conf/makedefs.out Makefile.in >Makefile
[src/postdrop]
cat ../../conf/makedefs.out Makefile.in >Makefile
[src/postkick]
cat ../../conf/makedefs.out Makefile.in >Makefile
...
      these network services to be started at boot time.
/usr/local/etc/rc.d/postfix
      If there are vulnerabilities in these programs there may be a security
      risk to the system. FreeBSD makes no guarantee about the security of
      ports included in the Ports Collection. Please type 'make deinstall'
      to deinstall the port if this is a concern.
      For more information, and contact details about the security
      status of this software, see the following webpage:
http://www.postfix.org/
===>  Cleaning for postfix-2.8.0,1

LICENSE                 main.cf                 master.cf
TLS_LICENSE             main.cf.default
bounce.cf.default       makedefs.out

SHA256 (main.cf) = a54df67ebe8769d600e02c8e75b7276dcd597ced7e5e2172898f0b5f75dd3175
SHA256 (main.cf.default) = d6e2c0d8b98d67589f62d83cb9c6162e7c8eb6f36723bb0d325aefb3f00d266c

# $FreeBSD: src/etc/master.passwd,v 1.40.22.1.6.1 2010/12/21 17:09:25 kensmith Exp $
#
root:*:0:0:Charlie &:/root:/usr/local/bin/bash
toor:*:0:0:Bourne-again Superuser:/root:
daemon:*:1:1:Owner of many system processes:/root:/usr/sbin/nologin
operator:*:2:5:System &:/:/usr/sbin/nologin
bin:*:3:7:Binaries Commands and Source:/:/usr/sbin/nologin
tty:*:4:65533:Tty Sandbox:/:/usr/sbin/nologin
kmem:*:5:65533:KMem Sandbox:/:/usr/sbin/nologin
games:*:7:13:Games pseudo-user:/usr/games:/usr/sbin/nologin
...
proxy:*:62:62:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
_pflogd:*:64:64:pflogd privsep user:/var/empty:/usr/sbin/nologin
_dhcp:*:65:65:dhcp programs:/var/empty:/usr/sbin/nologin
uucp:*:66:66:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico
pop:*:68:6:Post Office Owner:/nonexistent:/usr/sbin/nologin
www:*:80:80:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
nobody:*:65534:65534:Unprivileged user:/nonexistent:/usr/sbin/nologin
user:*:1001:1001:User &:/home/user:/usr/local/bin/bash
dhcpd:*:136:136:DHCP Daemon:/nonexistent:/usr/sbin/nologin
postfix:*:125:125:Postfix Mail System:/var/spool/postfix:/usr/sbin/nologin

--- /tmp/l3-saved-1491.13933.28028	2012-04-04 17:43:38.000000000 +0300
+++ main.cf	2012-04-04 17:44:27.000000000 +0300
@@ -72,7 +72,7 @@
 # from gethostname(). $myhostname is used as a default value for many
 # other configuration parameters.
 #
-#myhostname = host.domain.tld
+myhostname = 
 #myhostname = virtual.domain.tld
 
 # The mydomain parameter specifies the local internet domain name.

--- /tmp/l3-saved-1491.1732.22815	2012-04-04 17:44:55.000000000 +0300
+++ /root/.vimrc	2012-04-04 17:45:06.000000000 +0300
@@ -17,7 +17,7 @@
 " Use Vim settings, rather than Vi settings (much better!).
 " This must be first, because it changes other options as a side effect.
 set nocompatible
-
+colorscheme ron
 " allow backspacing over everything in insert mode
 set backspace=indent,eol,start
 

--- /tmp/l3-saved-1491.4875.14949	2012-04-04 17:45:09.000000000 +0300
+++ main.cf	2012-04-04 17:46:44.000000000 +0300
@@ -72,7 +72,7 @@
 # from gethostname(). $myhostname is used as a default value for many
 # other configuration parameters.
 #
-myhostname = 
+myhostname = wilen.net.nt 
 #myhostname = virtual.domain.tld
 
 # The mydomain parameter specifies the local internet domain name.
@@ -80,7 +80,7 @@
 # $mydomain is used as a default value for many other configuration
 # parameters.
 #
-#mydomain = domain.tld
+mydomain = wilen.net.nt
 
 # SENDING MAIL
 # 
@@ -110,7 +110,7 @@
 #
 # Note: you need to stop/start Postfix when this parameter changes.
 #
-#inet_interfaces = all
+inet_interfaces = 192.168.13.21 
 #inet_interfaces = $myhostname
 #inet_interfaces = $myhostname, localhost
 

USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS
bind     named      2742  20 tcp4   192.168.13.21:53      *:*
bind     named      2742  21 tcp4   127.0.0.1:53          *:*
bind     named      2742  22 tcp4   127.0.0.1:953         *:*
bind     named      2742  512 udp4  192.168.13.21:53      *:*
bind     named      2742  513 udp4  127.0.0.1:53          *:*
root     sshd       1450  3  tcp4   192.168.13.21:22      192.168.13.253:34805
root     sendmail   1357  4  tcp4   127.0.0.1:25          *:*
root     sshd       1349  4  tcp4   *:22                  *:*
root     syslogd    984   9  udp4   *:514                 *:*