10:48:51

#mail -u user

Mail version 8.1.2 01/15/2001.  Type ? for help.
"/var/mail/user": 1 message 1 unread
>U  1 root@evgen.net.nt  Fri Dec 21 11:40   17/616   test_subject
& ^CInterrupt
& 1
Message 1:
From root@evgen.net.nt  Fri Dec 21 11:40:03 2012
Date: Fri, 21 Dec 2012 11:36:24 +0200
From: root <root@evgen.net.nt>
To: user@evgen.net.nt
Subject: test_subject
test message
& q
Saved 1 message in /root/mbox

10:49:40

#mail -u user

No mail for user

10:49:43

#mail -u user

Mail version 8.1.2 01/15/2001.  Type ? for help.
"/var/mail/user": 1 message 1 new
>N  1 root@scale.net.nt  Fri Dec 21 11:49   19/786   test_reply
& 1
Message 1:
From root@scale.net.nt  Fri Dec 21 11:49:44 2012
Date: Fri, 21 Dec 2012 11:49:43 +0200
From: root <root@scale.net.nt>
To: user@evgen.net.nt
Subject: test_reply
OH HAI!--
& q
Saved 1 message in /root/mbox

10:50:00

#telnet localhost 25

Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
220 evgen.net.nt ESMTP Sendmail 8.14.3/8.14.3/Debian-9.4; Fri, 21 Dec 2012 11:50:37 +0200; (No UCE/UBE) logging access from: localhost.localdomain(OK)-localhost.localdomain [127.0.0.1]
helo
501 5.0.0 helo requires domain address
HELO
501 5.0.0 HELO requires domain address
MAIL FROM:
503 5.0.0 Polite people say HELO first
...
250 2.1.5 bessarabow@bk.ru... Recipient ok
data
354 Enter mail, end with "." on a line by itself
subject: you win
Hello! You win 1 000 000 $
.
250 2.0.0 qBL9ob8l004239 Message accepted for delivery
quit
221 2.0.0 evgen.net.nt closing connection
Connection closed by foreign host.

10:54:06

#ls -hl /var/spool/

итого 20K
drwxr-xr-x 2 root        root        4,0K Июл  5 12:10 anacron
drwxr-xr-x 5 root        root        4,0K Июн 11  2012 cron
drwxr-x--- 5 Debian-exim Debian-exim 4,0K Дек 21 11:21 exim4
lrwxrwxrwx 1 root        root           7 Июн 11  2012 mail -> ../mail
drwxr-s--- 2 smmta       smmsp       4,0K Дек 21 11:54 mqueue
drwxrws--- 2 smmsp       smmsp       4,0K Дек 21 11:48 mqueue-client

10:58:35

#apt-get install clamav clamav-daemon clamav-milter clamav-testfiles

Чтение списков пакетов... Готово
Построение дерева зависимостей
Чтение информации о состоянии... Готово
Следующие пакеты устанавливались автоматически и больше не требуются:
  mysql-common libperl5.10 libmysqlclient16 libpq5
Для их удаления используйте 'apt-get autoremove'.
Будут установлены следующие дополнительные пакеты:
  clamav-base clamav-freshclam libclamav6 libltdl7 libmilter1.0.1 libtommath0
Предлагаемые пакеты:
  clamav-docs daemon libclamunrar6
...
Starting ClamAV virus database updater: freshclam.
Настраивается пакет clamav (0.97.6+dfsg-1~squeeze1) ...
Настраивается пакет clamav-daemon (0.97.6+dfsg-1~squeeze1) ...
Clamav signatures not found in /var/lib/clamav ... failed!
Please retrieve them using freshclam ... failed!
Then run '/etc/init.d/clamav-daemon start' ... failed!
Настраивается пакет clamav-testfiles (0.97.5+dfsg-6~squeeze1) ...
Настраивается пакет libmilter1.0.1 (8.14.3-9.4) ...
Настраивается пакет clamav-milter (0.97.6+dfsg-1~squeeze1) ...
Starting Sendmail milter plugin for ClamAV: clamav-milter.

11:00:40

#mail -u user

Mail version 8.1.2 01/15/2001.  Type ? for help.
"/var/mail/user": 2 messages 2 new
>N  1 root@andrey.net.n  Fri Dec 21 12:02   21/867   test_subject
 N  2 root@andrey.net.n  Fri Dec 21 12:03   21/873   test_subject
& 1
Message 1:
From root@andrey.net.nt  Fri Dec 21 12:02:56 2012
Date: Fri, 21 Dec 2012 14:02:53 +0200 (EET)
From: Charlie Root <root@andrey.net.nt>
To: user@evgen.net.nt
...
& 2
Message 2:
From root@andrey.net.nt  Fri Dec 21 12:03:05 2012
Date: Fri, 21 Dec 2012 14:03:02 +0200 (EET)
From: Charlie Root <root@andrey.net.nt>
To: root@evgen.net.nt
Subject: test_subject
test message
& q
Saved 2 messages in /root/mbox

11:03:31

#mail -u user

No mail for user

11:03:47

#/etc/init.d/clamav-daemon

Usage: /etc/init.d/clamav-daemon {start|stop|restart|force-reload|reload-log|reload-database|status} ... failed!

11:04:21

#/etc/init.d/clamav-daemon start

Clamav signatures not found in /var/lib/clamav ... failed!
Please retrieve them using freshclam ... failed!
Then run '/etc/init.d/clamav-daemon start' ... failed!

11:04:24

#freshclam

ClamAV update process started at Fri Dec 21 12:04:48 2012

11:05:59

#/etc/init.d/clamav-daemon start

Starting ClamAV daemon: clamd .

11:06:29

#ps ax|grep clam

 4689 ?        Ss     0:00 /usr/bin/freshclam -d --quiet
 5630 ?        Ssl    0:00 /usr/sbin/clamav-milter
 6452 ?        Ssl    0:00 /usr/sbin/clamd
 6467 pts/1    S+     0:00 grep clam

11:06:34

#locate clamav-testfiles

11:06:57

#locate clamav-testfiles

/usr/share/clamav-testfiles
/usr/share/clamav-testfiles/clam-aspack.exe
/usr/share/clamav-testfiles/clam-fsg.exe
/usr/share/clamav-testfiles/clam-mew.exe
/usr/share/clamav-testfiles/clam-nsis.exe
/usr/share/clamav-testfiles/clam-pespin.exe
/usr/share/clamav-testfiles/clam-petite.exe
/usr/share/clamav-testfiles/clam-upack.exe
/usr/share/clamav-testfiles/clam-upx.exe
/usr/share/clamav-testfiles/clam-v2.rar
...
/usr/share/doc/clamav-testfiles/FAQ
/usr/share/doc/clamav-testfiles/NEWS.Debian.gz
/usr/share/doc/clamav-testfiles/README.Debian.gz
/usr/share/doc/clamav-testfiles/README.gz
/usr/share/doc/clamav-testfiles/changelog.Debian.gz
/usr/share/doc/clamav-testfiles/changelog.gz
/usr/share/doc/clamav-testfiles/copyright
/var/cache/apt/archives/clamav-testfiles_0.97.5+dfsg-6~squeeze1_all.deb
/var/lib/dpkg/info/clamav-testfiles.list
/var/lib/dpkg/info/clamav-testfiles.md5sums

11:06:59

#clamscan /usr/share/clamav-testfiles/

/usr/share/clamav-testfiles/clam-upack.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.zip: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-v2.rar: OK
/usr/share/clamav-testfiles/clam.d64.zip: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe.rtf: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe.mbox.base64: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.7z: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe.mbox.uu: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.tar.gz: ClamAV-Test-File FOUND
...
/usr/share/clamav-testfiles/clam.cab: ClamAV-Test-File FOUND
----------- SCAN SUMMARY -----------
Known viruses: 1421987
Engine version: 0.97.6
Scanned directories: 1
Scanned files: 46
Infected files: 44
Data scanned: 12.48 MB
Data read: 6.21 MB (ratio 2.01:1)
Time: 12.817 sec (0 m 12 s)

11:07:27

#locate clamav-milter/README

/usr/share/doc/clamav-milter/README.Debian.gz
/usr/share/doc/clamav-milter/README.gz

11:08:56

#less /usr/share/doc/clamav-milter/README.Debian.gz

11:13:41

# define(`confINPUT_MAIL_FILTERS', `clamav')

  Non-Debian documentation has been removed (I.e how to install on UnixXXX
  etc.)  The original documentation is still available in the source
  package. Download the source using the command 'apt-get source clamav'.
CONFIGURATION
  There are several changes made to the default configuration provided by
  upstream.  Both the autogenerated configuration files and the ones
  shi This removes a socket file left over from a previous clamd that had
      an unclean shutdown.  This allows for easier restarting
  for things like logfiles, pidfiles, and sockets.  The autogenerated
    L Setting this to 0 disables truncation of the logfile.  As the default
...
  arr in and of themselves, but may cause end users to worry that they
      received something their A/V scanner identifies.
    A This makes the assumptions that if you are setting the various
  In  Archive* options, you would rather block than pass through if one of
      those conditions is met.
  default configurations than the upstream defaults:
    FixStaleSocket
  All ClamAV configuration files (in other words, all files under /etc/)
"/usr/share/doc/clamav-milter/README.Debian.gz" [noeol] 23L, 4853C
  are handled by ucf, as they are dynamically generated.  If you want

11:13:47

# to affect ucf's behavior with regard to conffile handling, please see

FEATURE(`greet_pause', `1000')dnl 1 seconds
dnl #
dnl # Delay_checks allows sender<->recipient checking
FEATURE(`delay_checks', `friend', `n')dnl
dnl #
dnl # If we get too many bad recipients, slow things down...
define(`confBAD_RCPT_THROTTLE',`3')dnl
dnl #
dnl # Stop connections that overflow our concurrent and time connection rates
FEATURE(`conncontrol', `nodelay', `terminate')dnl
...
  INPUT_(AIL_FILTER(`clamav', `S=local:/var)run/clamav/clamav-milter.ctl, F=, T=S:4m;R:4m')dnl
  define(`confINPUT_MAIL_FILTERS', `clamav')
dnl # Dialup/LAN connection overrides
dnl #
include(`/etc/mail/m4/dialup.m4')dnl
include(`/etc/mail/m4/provider.m4')dnl
dnl #
dnl # Default Mailer setup
MAILER_DEFINITIONS
                                                                                    92,30         94%

11:17:48

#pwd

/etc/mail

11:17:50

#grep milter.ctl /etc/mail/sendmail.mc /etc/clamav/clamav-milter.conf

/etc/clamav/clamav-milter.conf:MilterSocket /var/run/clamav/clamav-milter.ctl

11:18:29

#make

Updating databases ...
Reading configuration from /etc/mail/sendmail.conf.
Validating configuration.
Creating /etc/mail/databases...
Updating auth ...
sasl2-bin not installed, not configuring sendmail support.
To enable sendmail SASL2 support at a later date, invoke "/usr/share/sendmail/update_auth"
Creating /etc/mail/relay-domains
# Optional file...
Updating Makefile ...
Reading configuration from /etc/mail/sendmail.conf.
Validating configuration.
Creating /etc/mail/Makefile...
Updating sendmail.cf ...
The following file(s) have changed:
  /etc/mail/sendmail.cf
** ** You should issue `/etc/init.d/sendmail reload` ** **

11:18:44

#/etc/init.d/sendmail

Invalid command <>
Usage: /etc/init.d/sendmail <command>
        Where <command> is one of the following
          start|stop|restart|restart-if-running
          reload-if-running|reload|force-reload
          newaliases|hoststat|purgestat|mailstats|mailq|runq|control
          status|debug|clean

11:18:57

#/etc/init.d/sendmail restart

Restarting Mail Transport Agent (MTA): sendmail.

11:19:04

#netstat -nlp

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:7               0.0.0.0:*               LISTEN      1214/xinetd
tcp        0      0 127.0.0.1:587           0.0.0.0:*               LISTEN      6785/sendmail: MTA:
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN      3789/popa3d
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      697/portmap
tcp        0      0 0.0.0.0:19              0.0.0.0:*               LISTEN      1214/xinetd
tcp        0      0 172.16.0.1:53           0.0.0.0:*               LISTEN      915/named
tcp        0      0 192.168.13.1:53         0.0.0.0:*               LISTEN      915/named
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      915/named
...
udp        0      0 192.168.13.1:53         0.0.0.0:*                           915/named
udp        0      0 127.0.0.1:53            0.0.0.0:*                           915/named
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node   PID/Program name    Path
unix  2      [ ACC ]     STREAM     LISTENING     11075    6785/sendmail: MTA: /var/run/sendmail/mta/smcontrol
unix  2      [ ACC ]     STREAM     LISTENING     3619     883/acpid           /var/run/acpid.socket
unix  2      [ ACC ]     STREAM     LISTENING     9626     5630/clamav-milter  /var/run/clamav/clamav-milter.ctl
unix  2      [ ACC ]     STREAM     LISTENING     10401    6452/clamd          /var/run/clamav/clamd.ctl
unix  2      [ ACC ]     STREAM     LISTENING     4070     1342/ssh-agent      /tmp/ssh-xOGyer1341/agent.1341
unix  2      [ ACC ]     STREAM     LISTENING     3716     935/apache2         /var/run/apache2/cgisock.933

11:19:17

#netstat -nlp|grep 25

tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      6785/sendmail: MTA:

11:19:25

#mail -u user

No mail for user

11:53:08

#echo 'Hello scale'|mail -s test_subject user@scale.net.nt

11:55:49

#ifconfig

eth0      Link encap:Ethernet  HWaddr 00:16:3e:00:00:01
          inet addr:192.168.13.1  Bcast:192.168.13.255  Mask:255.255.255.0
          inet6 addr: fe80::216:3eff:fe00:1/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:84254 errors:0 dropped:0 overruns:0 frame:0
          TX packets:69504 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:99800739 (95.1 MiB)  TX bytes:6524243 (6.2 MiB)
          Interrupt:72
eth2      Link encap:Ethernet  HWaddr 00:16:3e:00:02:01
...
          RX bytes:12552 (12.2 KiB)  TX bytes:10444 (10.1 KiB)
          Interrupt:74
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:156 errors:0 dropped:0 overruns:0 frame:0
          TX packets:156 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:12737 (12.4 KiB)  TX bytes:12737 (12.4 KiB)

14:16:11

#apt-get install squid

Чтение списков пакетов... Готово
Построение дерева зависимостей
Чтение информации о состоянии... Готово
Следующие пакеты устанавливались автоматически и больше не требуются:
  mysql-common libperl5.10 libmysqlclient16 libpq5
Для их удаления используйте 'apt-get autoremove'.
Будут установлены следующие дополнительные пакеты:
  squid-common squid-langpack
Предлагаемые пакеты:
  squidclient squid-cgi logcheck-database resolvconf smbclient winbind
НОВЫЕ пакеты, которые будут установлены:
  squid squid-common squid-langpack
обновлено 0, установлено 3 новых пакетов, для удаления отмечено 0 пакетов, и 20 пакетов не обновлено.
Необходимо скачать 1 345 kБ архивов.
После данной операции, объём занятого дискового пространства возрастёт на 8 356 kB.
Хотите продолжить [Д/н]? ^C

14:26:03

#apt-get install squid3

Чтение списков пакетов... Готово
Построение дерева зависимостей
Чтение информации о состоянии... Готово
Следующие пакеты устанавливались автоматически и больше не требуются:
  mysql-common libperl5.10 libmysqlclient16 libpq5
Для их удаления используйте 'apt-get autoremove'.
Будут установлены следующие дополнительные пакеты:
  squid-langpack squid3-common
Предлагаемые пакеты:
  squidclient squid-cgi resolvconf smbclient
...
Распаковывается пакет squid3 (из файла .../squid3_3.1.6-1.2+squeeze2_i386.deb)...
Обрабатываются триггеры для man-db ...
Настраивается пакет squid-langpack (20100628-1) ...
Настраивается пакет squid3-common (3.1.6-1.2+squeeze2) ...
Настраивается пакет squid3 (3.1.6-1.2+squeeze2) ...
Creating Squid HTTP proxy 3.x spool directory structure
2012/12/21 15:26:15| Creating Swap Directories
Restarting Squid HTTP Proxy 3.x: squid3Creating Squid HTTP Proxy 3.x cache structure ... (warning).
2012/12/21 15:26:18| Creating Swap Directories
.

14:26:18

#vim /etc/squid3/

14:26:18

#vim /etc/squid3/squid.conf

--- /tmp/l3-saved-1376.17138.20409	2012-12-21 15:26:38.000000000 +0200
+++ /etc/squid3/squid.conf	2012-12-21 15:27:16.000000000 +0200
@@ -2110,7 +2110,7 @@
 #
 
 # Uncomment and adjust the following to add a disk cache directory.
-#cache_dir ufs /var/spool/squid3 100 16 256
+cache_dir ufs /var/spool/squid3 100 16 256
 
 #  TAG: store_dir_select_algorithm
 #	Set this to 'round-robin' as an alternative.

14:27:16

#ls -hl /var/spool/

итого 24K
drwxr-xr-x 2 root        root        4,0K Июл  5 12:10 anacron
drwxr-xr-x 5 root        root        4,0K Июн 11  2012 cron
drwxr-x--- 5 Debian-exim Debian-exim 4,0K Дек 21 11:21 exim4
lrwxrwxrwx 1 root        root           7 Июн 11  2012 mail -> ../mail
drwxr-s--- 2 smmta       smmsp       4,0K Дек 21 12:59 mqueue
drwxrws--- 2 smmsp       smmsp       4,0K Дек 21 12:53 mqueue-client
drwxr-xr-x 2 proxy       proxy       4,0K Янв  6  2012 squid3

14:27:51

#chown squid:squid /var/spool/squid3/

chown: неверный пользователь: «squid:squid»

14:28:04

#useradd squid

14:28:13

#groupadd squid

groupadd: группа squid уже существует

14:28:18

#chown squid:squid /var/spool/squid3/

14:28:21

#squid3 -z

2012/12/21 15:28:26| WARNING cache_mem is larger than total disk cache space!
2012/12/21 15:28:26| Squid is already running!  Process ID 7229

14:28:26

#/etc/init.d/squid3 restart

Restarting Squid HTTP Proxy 3.x: squid3 Waiting.....................done.
Creating Squid HTTP Proxy 3.x cache structure ... (warning).
2012/12/21 15:29:09| WARNING cache_mem is larger than total disk cache space!
2012/12/21 15:29:09| Creating Swap Directories
2012/12/21 15:29:09| /var/spool/squid3 exists
FATAL: Failed to make swap directory /var/spool/squid3/00: (13) Permission denied
2012/12/21 15:29:09| WARNING cache_mem is larger than total disk cache space!
.

14:33:29

#ls -hl /var/log/squid3/

итого 16K
-rw-r----- 1 proxy proxy   0 Дек 21 15:26 access.log
-rw-r----- 1 proxy proxy 13K Дек 21 15:31 cache.log

14:33:35

#tail /var/log/squid3/cache.log

2012/12/21 15:31:00|         0 Objects expired.
2012/12/21 15:31:00|         0 Objects cancelled.
2012/12/21 15:31:00|         0 Duplicate URLs purged.
2012/12/21 15:31:00|         0 Swapfile clashes avoided.
2012/12/21 15:31:00|   Took 0.03 seconds (  0.00 objects/sec).
2012/12/21 15:31:00| Beginning Validation Procedure
2012/12/21 15:31:00|   Completed Validation Procedure
2012/12/21 15:31:00|   Validated 25 Entries
2012/12/21 15:31:00|   store_swap_size = 0
2012/12/21 15:31:01| storeLateRelease: released 0 objects

14:33:46

#telnet 127.0.0.1 3128

Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
^]
telnet> quit
Connection closed.

14:34:03

#cd /etc/squid3/

14:34:19

#ls -hl

итого 208K
-rw-r--r-- 1 root root 1,6K Янв  6  2012 errorpage.css
-rw-r--r-- 1 root root  421 Янв  6  2012 msntauth.conf
-rw-r--r-- 1 root root 195K Дек 21 15:33 squid.conf

14:34:20

#vim squid.conf

--- /tmp/l3-saved-1376.29847.2613	2012-12-21 15:34:32.000000000 +0200
+++ squid.conf	2012-12-21 15:41:33.000000000 +0200
@@ -642,6 +642,10 @@
 acl manager proto cache_object
 acl localhost src 127.0.0.1/32 ::1
 acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
+acl my_net src 192.168.13.0/24
+acl local_servers dst 192.168.13.253
+always_direct allow local_servers
+never_direct allow all !local_servers
 
 # Example rule allowing access from your local networks.
 # Adapt to list your (internal) IP networks from where browsing
@@ -765,6 +769,8 @@
 http_access allow manager localhost
 http_access deny manager
 
+http_access allow my_net
+
 # Deny requests to certain unsafe ports
 http_access deny !Safe_ports
 
@@ -1072,7 +1078,7 @@
 #
 
 # Squid normally listens to port 3128
-http_port 3128
+http_port 3128 8080
 
 #  TAG: https_port
 # Note: This option is only available if Squid is rebuilt with the
@@ -1818,6 +1824,7 @@
 #	
 #Default:
 # none
+cache_peer 192.168.15.254 parent 3128 3130 default no-query
 
 #  TAG: cache_peer_domain
 #	Use to limit the domains for which a neighbor cache will be
@@ -2653,6 +2660,7 @@
 #	(for example perl.com).
 #Default:
 # ftp_user Squid@
+ftp_user user@evgen.net.nt
 
 #  TAG: ftp_list_width
 #	Sets the width of ftp listings. This should be set to fit in
@@ -3516,6 +3524,7 @@
 #	mail if the cache dies.  The default is "webmaster."
 #Default:
 # cache_mgr webmaster
+cache_mgr user@evgen.net.nt
 
 #  TAG: mail_from
 #	From: email-address for mail sent when the cache dies.

14:41:33

#/etc/init.d/squid3 restart

Restarting Squid HTTP Proxy 3.x: squid3 Waiting.....................done.
FATAL: Bungled squid.conf line 1081: http_port 3128 8080
Squid Cache (Version 3.1.6): Terminated abnormally.
CPU Usage: 0.012 seconds = 0.008 user + 0.004 sys
Maximum Resident Size: 15744 KB
Page faults with physical i/o: 0
 failed!

Журнал лабораторных работ

Журнал

Пятница (12/21/12)