Журнал лабораторных работ

/usr/bin/m4 -D_CF_DIR_=/usr/share/sendmail/cf/   /usr/share/sendmail/cf/m4/cf.m4 fbsd1.xgu.ru.mc > fbsd1.xgu.ru.cf

Shutting down mimedefang:                                   [  OK  ]
Shutting down mimedefang-multiplexor:                       [  OK  ]
Waiting for daemons to exit......
Starting mimedefang-multiplexor:                            [  OK  ]
Starting mimedefang:                                        [  OK  ]

l3-agent is already running: pid=6110; pidfile=/home/devi/.lilalo/l3-agent.pid

Sep 28 21:05:57 fbsd1 sm-mta[6069]: gethostbyaddr(192.168.1.199) failed: 1
Sep 28 21:07:10 fbsd1 mimedefang-multiplexor[6032]: Received SIGTERM: Stopping slaves and terminating
Sep 28 21:07:10 fbsd1 mimedefang-multiplexor[6032]: Slave 1 resource usage: req=0, scans=0, user=3.315, sys=4.166, nswap=0, majflt=0, minflt=3658, maxrss=16032, bi=60, bo=0
Sep 28 21:07:10 fbsd1 mimedefang-multiplexor[6032]: Slave 0 resource usage: req=0, scans=0, user=4.285, sys=4.037, nswap=0, majflt=1, minflt=3657, maxrss=16032, bi=142, bo=0
Sep 28 21:07:15 fbsd1 mimedefang[6048]: MIMEDefang-2.56: mi_stop=1
Sep 28 21:07:18 fbsd1 mimedefang-multiplexor[6188]: started; minSlaves=2, maxSlaves=10, maxRequests=500, maxIdleTime=300, busyTimeout=600, clientTimeout=10
Sep 28 21:07:18 fbsd1 mimedefang-multiplexor[6188]: Starting slave 0 (pid 6190) (1 running): Bringing slaves up to minSlaves (2)
Sep 28 21:07:19 fbsd1 mimedefang[6204]: MIMEDefang alive. slavesReservedForLoopback=-1 AllowNewConnectionsToQueue=0 doRelayCheck=0 doHeloCheck=0 doSenderCheck=0 doRecipientCheck=0
Sep 28 21:07:19 fbsd1 mimedefang[6204]: Multiplexor alive - entering main loop
Sep 28 21:07:21 fbsd1 mimedefang-multiplexor[6188]: Starting slave 1 (pid 6210) (2 running): Bringing slaves up to minSlaves (2)

lnc0: flags=108843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,NEEDSGIANT> mtu 1500
        inet6 fe80::20c:29ff:fec1:7c41%lnc0 prefixlen 64 scopeid 0x1
        inet 192.168.1.199 netmask 0xffffff00 broadcast 192.168.1.255
        inet 217.27.159.219 netmask 0xffffff00 broadcast 217.27.159.255
        ether 00:0c:29:c1:7c:41
plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT> mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
        inet 127.0.0.1 netmask 0xff000000

PING mail.ru (194.67.57.26): 56 data bytes
64 bytes from 194.67.57.26: icmp_seq=0 ttl=114 time=102.467 ms
^C
--- mail.ru ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max/stddev = 102.467/102.467/102.467/0.000 ms

15c15,16
< ifconfig_lnc0="192.168.1.199/24"
---
> ifconfig_lnc0="217.27.159.219/24"
> ifconfig_lnc0_alias0="192.168.1.199/24"

sendmail not running? (check /var/run/sendmail.pid).
Starting sendmail.
554 5.0.0 /etc/mail/sendmail.cf: line 1690: Xmimedefang: unknown filter equate \=

sendmail not running? (check /var/run/sendmail.pid).
Starting sendmail.
554 5.0.0 /etc/mail/sendmail.cf: line 1690: Xmimedefang: unknown filter equate \=

Makefile                aliases.db              fbsd1.xgu.ru.submit.mc  freebsd.submit.mc       sendmail.cf
README                  fbsd1.xgu.ru.cf         freebsd.cf              helpfile                submit.cf
access.sample           fbsd1.xgu.ru.mc         freebsd.mc              mailer.conf             virtusertable.sample
aliases                 fbsd1.xgu.ru.submit.cf  freebsd.submit.cf       mailertable.sample

sendmail not running? (check /var/run/sendmail.pid).
Starting sendmail.

PING mail.ru (194.67.57.26): 56 data bytes
64 bytes from 194.67.57.26: icmp_seq=0 ttl=114 time=159.017 ms
64 bytes from 194.67.57.26: icmp_seq=1 ttl=114 time=212.412 ms
64 bytes from 194.67.57.26: icmp_seq=2 ttl=114 time=132.422 ms
^C
--- mail.ru ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 132.422/167.950/212.412/33.261 ms

Stopping network:
 lo0 lnc0.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
        inet 127.0.0.1 netmask 0xff000000
lnc0: flags=108843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,NEEDSGIANT> mtu 1500
        inet6 fe80::20c:29ff:fec1:7c41%lnc0 prefixlen 64 scopeid 0x1
        inet 217.27.159.219 netmask 0xffffff00 broadcast 217.27.159.255
        inet 192.168.1.199 netmask 0xffffff00 broadcast 192.168.1.255
        ether 00:0c:29:c1:7c:41

add net default: gateway 192.168.1.198
Additional routing options:.

PING mail.ru (194.67.57.26): 56 data bytes
64 bytes from 194.67.57.26: icmp_seq=0 ttl=114 time=266.012 ms
^C
--- mail.ru ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max/stddev = 266.012/266.012/266.012/0.000 ms

Stopping network: lo0 lnc0.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
        inet 127.0.0.1 netmask 0xff000000
lnc0: flags=108843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,NEEDSGIANT> mtu 1500
        inet6 fe80::20c:29ff:fec1:7c41%lnc0 prefixlen 64 scopeid 0x1
        inet 217.27.159.219 netmask 0xfffffff8 broadcast 217.27.159.223
        inet 192.168.1.199 netmask 0xffffff00 broadcast 192.168.1.255
        ether 00:0c:29:c1:7c:41

add net default: gateway 192.168.1.198
Additional routing options:.

Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.1-release/Latest/mrtg.tbz... Done.
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.1-release/All/p5-SNMP_Session-1.08.tbz... Done.
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.1-release/All/p5-Pod-Parser-1.34.tbz... Done.
pkg_add: warning: package 'p5-Pod-Parser-1.34' requires 'p5-PathTools-3.16', but 'p5-PathTools-3.19' is installed
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.1-release/All/jpeg-6b_4.tbz... Done.
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.1-release/All/gd-2.0.33_4,1.tbz... Done.
Added group "mrtg".
Added user "mrtg".
Created directory: /var/run/mrtg
pkg_add: warning: package 'mrtg-2.13.2,1' requires 'p5-PathTools-3.16', but 'p5-PathTools-3.19' is installed

Port:   p5-MailStats-0.02
Path:   /usr/ports/mail/p5-Mail-MailStats
Info:   Perl module to detect newer messages in procmail-generated mailboxes
Maint:  ports@FreeBSD.org
B-deps: p5-AppConfig-1.56 perl-5.8.8
R-deps: p5-AppConfig-1.56 perl-5.8.8
WWW:

spamstats.pl                                  100% of 1461  B   59 kBps

mrtg-mailstats.tgz                            100% of   14 kB   27 kBps

spam-stats.pl                                 100% of 1103  B  371 kBps

auth.log                dmesg.today             maillog.3.bz2           ppp.log                 setuid.today
auth.log.0.bz2          dmesg.yesterday         maillog.4.bz2           security                setuid.yesterday
clamav                  lastlog                 maillog.5.bz2           sendmail.st             slip.log
cron                    lpd-errs                maillog.6.bz2           sendmail.st.0           spam-stats
cron.0.bz2              maillog                 maillog.7.bz2           sendmail.st.1           userlog
cron.1.bz2              maillog.0.bz2           messages                sendmail.st.2           wtmp
cron.2.bz2              maillog.1.bz2           mount.today             sendmail.st.3           wtmp.0
debug.log               maillog.2.bz2           pf.today                sendmail.st.4           xferlog

/var/log/maillog

#log

logger   login    logins   logname  logout

/root/src

/usr/bin/tail

tail: /var/log/spam-stats/offset: No such file or directory
hostname: illegal option -- f
usage: hostname [-s] [name-of-host]
uptime: 10 hrs
hostname:

fbsd1.xgu.ru

tail: /var/log/spam-stats/offset: No such file or directory
uptime: 10 hrs
hostname: fbsd1.xgu.ru

tail: /var/log/spam-stats/offset: No such file or directory
uptime: 10 hrs
hostname: fbsd1.xgu.ru

Port:   mailmgr-1.2.3
Path:   /usr/ports/mail/mailmgr
Info:   Sendmail Analysis Report Generator
Maint:  sexbear@tmu.edu.tw
B-deps:
R-deps:
WWW:    http://sarg.sourceforge.net/mailmgr.php
Port:   vmailmgr-0.96.9_2
Path:   /usr/ports/mail/vmailmgr
Info:   Virtual MAIL ManaGeR for virtual mailboxes and domains
Maint:  sergei@FreeBSD.org
B-deps: apache-1.3.36 expat-2.0.0_1 perl-5.8.8
R-deps: apache-1.3.36 expat-2.0.0_1 perl-5.8.8 qmail-1.03_5
WWW:    http://www.vmailmgr.org/

===>  Vulnerability check disabled, database not found
=> mailmgr-1.2.3.tar.gz doesn't seem to exist in /usr/ports/distfiles/.
=> Attempting to fetch from http://sarg.sourceforge.net/.
mailmgr-1.2.3.tar.gz                          100% of   46 kB   28 kBps
===>  Extracting for mailmgr-1.2.3
=> MD5 Checksum OK for mailmgr-1.2.3.tar.gz.
=> SHA256 Checksum OK for mailmgr-1.2.3.tar.gz.
===>  Patching for mailmgr-1.2.3
===>  Configuring for mailmgr-1.2.3
creating cache ./config.cache
...
===>   Generating temporary packing list
===>  Checking if mail/mailmgr already installed
install  -o root -g wheel -m 444 /usr/ports/mail/mailmgr/work/mailmgr-1.2.3/mailmgr.conf /usr/local/etc/mailmgr.conf.default
install  -o root -g wheel -m 444 /usr/ports/mail/mailmgr/work/mailmgr-1.2.3/mailmgr.conf /usr/local/etc/mailmgr.conf
install  -s -o root -g wheel -m 555 /usr/ports/mail/mailmgr/work/mailmgr-1.2.3/mailmgr /usr/local/bin
---------------------------------------------------------------
You need to configure the /usr/local/etc/mailmgr.conf before using it.
See http://sarg.sourceforge.net/mailmgr.README.txt
---------------------------------------------------------------
===>   Registering installation for mailmgr-1.2.3

root      8191  0,0  0,2  1464   572  p3  RL+  22:38     0:00,05 grep l3-

tar: Removing leading '/' from member names
a usr/local/etc
a usr/local/etc/pam.d
a usr/local/etc/rc.d
a usr/local/etc/mail
a usr/local/etc/mimedefang
a usr/local/etc/clamd.conf.default
a usr/local/etc/freshclam.conf.default
a usr/local/etc/clamd.conf
a usr/local/etc/freshclam.conf
...
a usr/local/etc/mail/spamassassin/init.pre
a usr/local/etc/mail/spamassassin/v310.pre
a usr/local/etc/mail/spamassassin/v312.pre
a usr/local/etc/rc.d/sa-spamd
a usr/local/etc/rc.d/mrtg_daemon
a usr/local/etc/rc.d/clamav-clamd
a usr/local/etc/rc.d/clamav-freshclam
a usr/local/etc/rc.d/clamav-milter
a usr/local/etc/rc.d/openvpn
a usr/local/etc/rc.d/mimedefang.sh

a etc/rc.d/routing
a etc/rc.d/rpcbind
a etc/rc.d/rtadvd
a etc/rc.d/rwho
a etc/rc.d/savecore
a etc/rc.d/sdpd
a etc/rc.d/securelevel
a etc/rc.d/sendmail
a etc/rc.d/serial
a etc/rc.d/sppp
...
a etc/isdn/isdntel.alias.sample
a etc/gnats/freefall
a etc/bluetooth/hcsecd.conf
a etc/bluetooth/hosts
a etc/bluetooth/protocols
a etc/defaults/rc.conf
a etc/defaults/bluetooth.device.conf
a etc/defaults/devfs.rules
a etc/defaults/pccard.conf
a etc/defaults/periodic.conf

.bash_history                           .k5login                                fbsd1.xgu.ru-artem-etc.tar.gz
.bash_profile                           .l3rc                                   fbsd1.xgu.ru-artem-usr_local_etc.tar.gz
.bashrc                                 .lilalo                                 ports-supfile
.cshrc                                  .login                                  src
.history                                .profile

PING 192.168.1.198 (192.168.1.198): 56 data bytes
64 bytes from 192.168.1.198: icmp_seq=0 ttl=64 time=2.799 ms
^C
--- 192.168.1.198 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max/stddev = 2.799/2.799/2.799/0.000 ms

The authenticity of host '192.168.1.198 (192.168.1.198)' can't be established.
DSA key fingerprint is d7:01:0b:b0:76:3e:77:c9:1e:ae:22:ca:f8:04:d6:b1.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.198' (DSA) to the list of known hosts.
Password:
fbsd1.xgu.ru-artem-etc.tar.gz                                                                              100%  309KB 308.8KB/s   00:00
fbsd1.xgu.ru-artem-usr_local_etc.tar.gz                                                                    100%   79KB  78.8KB/s   00:00

wtmp begins ÞÅÔ×ÅÒÇ,  5 ÏËÔÑÂÒÑ 2006 Ç. 04:05:16 (EEST)
You have new mail in /var/mail/root

# -- sysinstall generated deltas -- # Tue Jul 25 16:08:49 2006
# Created: Tue Jul 25 16:08:49 2006
# Enable network daemons for user convenience.
# Please make all changes to this file, not to /etc/defaults/rc.conf.
# This file now contains just the overrides from /etc/defaults/rc.conf.
clamav_clamd_enable="YES"
clamav_freshclam_enable="YES"
clamav_freshclam_flags="-u mailnull --checks=1 --daemon-notify=/usr/local/etc/clamav.conf"
defaultrouter="192.168.1.198"
font8x14="cp866-8x14"
...
ifconfig_lnc0_alias0="192.168.1.199/24"
keymap="ru.koi8-r"
keyrate="fast"
mousechar_start="3"
moused_enable="YES"
saver="star"
sendmail_enable="YES"
scrnmap="koi8-r2cp866"
sshd_enable="YES"
usbd_enable="YES"

lnc0: flags=108843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,NEEDSGIANT> mtu 1500
        inet6 fe80::20c:29ff:fec1:7c41%lnc0 prefixlen 64 scopeid 0x1
        inet 217.27.159.219 netmask 0xfffffff8 broadcast 217.27.159.223
        inet 192.168.1.199 netmask 0xffffff00 broadcast 192.168.1.255
        ether 00:0c:29:c1:7c:41
plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT> mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
        inet 127.0.0.1 netmask 0xff000000

Routing tables
Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            192.168.1.198      UGS         0    24433   lnc0
127.0.0.1          127.0.0.1          UH          0     1087    lo0
192.168.1          link#1             UC          0        0   lnc0
192.168.1.68       00:c0:9f:12:31:3d  UHLW        1        0   lnc0   1196
192.168.1.198      00:0a:01:d4:d3:c5  UHLW        2     7448   lnc0   1196
217.27.159.216/29  link#1             UC          0        0   lnc0
217.27.159.217     00:0a:01:d4:d3:c5  UHLW        1        5   lnc0   1196
Internet6:
Destination                       Gateway                       Flags      Netif Expire
::1                               ::1                           UH          lo0
fe80::%lnc0/64                    link#1                        UC         lnc0
fe80::20c:29ff:fec1:7c41%lnc0     00:0c:29:c1:7c:41             UHL         lo0
fe80::%lo0/64                     fe80::1%lo0                   U           lo0
fe80::1%lo0                       link#3                        UHL         lo0
ff01:1::/32                       link#1                        UC         lnc0
ff01:3::/32                       ::1                           UC          lo0
ff02::%lnc0/32                    link#1                        UC         lnc0
ff02::%lo0/32                     ::1                           UC          lo0

PING 217.27.159.217 (217.27.159.217): 56 data bytes
64 bytes from 217.27.159.217: icmp_seq=0 ttl=64 time=3.429 ms
^C
--- 217.27.159.217 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max/stddev = 3.429/3.429/3.429/0.000 ms

PING 217.27.159.222 (217.27.159.222): 56 data bytes
64 bytes from 217.27.159.222: icmp_seq=0 ttl=64 time=2.716 ms
64 bytes from 217.27.159.222: icmp_seq=1 ttl=64 time=2.607 ms
^C
--- 217.27.159.222 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/stddev = 2.607/2.662/2.716/0.055 ms

delete net default: gateway 217.27.159.217

add net default: gateway 217.27.159.222

PING ya.ru (213.180.204.8): 56 data bytes
64 bytes from 213.180.204.8: icmp_seq=0 ttl=55 time=88.895 ms
64 bytes from 213.180.204.8: icmp_seq=1 ttl=55 time=167.402 ms
^C
--- ya.ru ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/stddev = 88.895/128.148/167.402/39.254 ms

fbsd1.xgu.ru

úÁÐÉÓØ... 20 (64%)
ïÓÔÁ×ÌÅÎÏ: 63, ÕÄÁÌÅÎÏ: 0.
   3 N   Jul 27 Charlie Root    (  36) fbsd1.xgu.ru security run output
   4 N   Jul 27 Charlie Root    (  55) fbsd1.xgu.ru daily run output
   5 N F Jul 28 To root@fbsd1.x (  76) fbsd1.xgu.ru security run output
   6 N F Jul 28 To root@fbsd1.x (  62) fbsd1.xgu.ru daily run output
   7 N F Jul 29 To root@fbsd1.x (  29) fbsd1.xgu.ru security run output
   8 N F Jul 29 To root@fbsd1.x (  54) fbsd1.xgu.ru daily run output
   9 N F Jul 29 To root@fbsd1.x (   8) fbsd1.xgu.ru weekly run output
  10 N F Jul 30 To root@fbsd1.x (  35) fbsd1.xgu.ru security run output
...
  14 N F Aug 01 To root@fbsd1.x (3016) fbsd1.xgu.ru security run output
  15 N F Aug 01 To root@fbsd1.x (  64) fbsd1.xgu.ru daily run output
  16 N F Aug 01 To root@fbsd1.x (   8) fbsd1.xgu.ru monthly run output
  17 N F Aug 04 To root@fbsd1.x ( 189) fbsd1.xgu.ru security run output
  18 N F Aug 04 To root@fbsd1.x (  65) fbsd1.xgu.ru daily run output
  19 N F Aug 05 To root@fbsd1.x (  61) fbsd1.xgu.ru security run output
  20 N F Aug 05 To root@fbsd1.x (  54) fbsd1.xgu.ru daily run output
  21 N F Aug 05 To root@fbsd1.x (   8) fbsd1.xgu.ru weekly run output
  22 N F Sep 29 To root@fbsd1.x ( 212) fbsd1.xgu.ru security run output
---Mutt: /var/mail/root [Msgs:63 New:63 472K]---(date/date)-------------(34%)---

l3-agent is already running: pid=6110; pidfile=/home/devi/.lilalo/l3-agent.pid

Port:   p5-Mail-ClamAV-0.17
Path:   /usr/ports/mail/p5-Mail-ClamAV
Info:   Perl extension for the clamav virus scanner
Maint:  j.koopmann@seceidos.de
B-deps: arc-5.21o arj-3.10.22 clamav-0.88.3 lha-1.14i_6 libgmp-4.2.1_1 p5-Digest-1.15 p5-Digest-MD5-2.36 p5-Inline-0.44 p5-MIME-Base64-3.07 p5-Parse-RecDescent-1.94 p5-Text-Balanced-1.98 perl-5.8.8 unrar-3.60.b6,3 unzip-5.52_2 unzoo-4.4
R-deps: arc-5.21o arj-3.10.22 clamav-0.88.3 lha-1.14i_6 libgmp-4.2.1_1 p5-Digest-1.15 p5-Digest-MD5-2.36 p5-Inline-0.44 p5-MIME-Base64-3.07 p5-Parse-RecDescent-1.94 p5-Text-Balanced-1.98 perl-5.8.8 unrar-3.60.b6,3 unzip-5.52_2 unzoo-4.4
WWW:    http://clamav.elektrapro.com/
Port:   clamav-0.88.3
Path:   /usr/ports/security/clamav
Info:   Command line virus scanner written entirely in C
...
B-deps: arc-5.21o arj-3.10.22 clamav-0.88.3 lha-1.14i_6 libgmp-4.2.1_1 python-2.4.3 unrar-3.60.b6,3 unzip-5.52_2 unzoo-4.4
R-deps: arc-5.21o arj-3.10.22 clamav-0.88.3 lha-1.14i_6 libgmp-4.2.1_1 python-2.4.3 unrar-3.60.b6,3 unzip-5.52_2 unzoo-4.4
WWW:    http://xael.org/norman/python/pyclamav/
Port:   mod_clamav-0.21
Path:   /usr/ports/www/mod_clamav
Info:   Scans content delivered by the Apache2 proxy module for viruses
Maint:  tmueko@kommunity.net
B-deps: apache-2.0.58_1 arc-5.21o arj-3.10.22 clamav-0.88.3 expat-2.0.0_1 lha-1.14i_6 libgmp-4.2.1_1 libiconv-1.9.2_2 perl-5.8.8 unrar-3.60.b6,3 unzip-5.52_2 unzoo-4.4
R-deps: apache-2.0.58_1 arc-5.21o arj-3.10.22 clamav-0.88.3 expat-2.0.0_1 lha-1.14i_6 libgmp-4.2.1_1 libiconv-1.9.2_2 perl-5.8.8 unrar-3.60.b6,3 unzip-5.52_2 unzoo-4.4
WWW:    http://software.othello.ch/mod_clamav/