How to install [Last update 29 Sep] インストール手順 [最終更新 9月29日]
Section1 psad
vyatta@vyatta:~$ configure [edit] vyatta@vyatta# set system package repository lenny components main vyatta@vyatta# set system package repository lenny url http://http.us.debian.org/debian vyatta@vyatta# set system package repository lenny distribution lenny vyatta@vyatta# commit vyatta@vyatta# save vyatta@vyatta# su - vyatta:~# aptitude update vyatta:~# aptitude install build-essential gcc autoconf make patch whois vyatta:~# aptitude install libcurses-perl libdate-calc-perl libiptables-chainmgr-perl vyatta:~# aptitude install libnet-ip-perl libbit-vector-perl libnet-ip-perl libunix-syslog-perl vyatta:~# aptitude install ssmtp bastille libiptables-parse-perl vyatta:~# ln -s /usr/sbin/ssmtp /usr/sbin/sendmail vyatta:~# ln -s /usr/sbin/ssmtp /bin/mail
vyatta:~# vi /etc/ssmtp/ssmtp.conf # # Config file for sSMTP sendmail # # The person who gets all mail for userids < 1000 # Make this empty to disable rewriting. root=your_email # The place where the mail goes. The actual machine name is required no # MX records are consulted. Commonly mailhosts are named mail.domain.com mailhub=your_smtp_server AuthUser=your_email AuthPass=your_password # Where will the mail seem to come from? #rewriteDomain= # The full hostname #hostname= # Are users allowed to set their own From: address? # YES - Allow the user to specify their own From: address # NO - Use the system generated From: address #FromLineOverride=YES
/etc/ssmtp/ssmtp.conf sample
root=example@gmail.com mailhub=smtp.gmail.com:587 rewriteDomain=gmail.com hostname=gmail.com AuthUser=example@gmail.com AuthPass=*********** UseSTARTTLS=YES AuthMethod=LOGIN FromLineOverride=YES
/etc/ssmtp/revaliases root:youraccount@gmail.com:smtp.gmail.com:587 vyatta:youraccount@gmail.com:smtp.gmail.com:587 ntop:youraccount@gmail.com:smtp.gmail.com:587 fail2ban:youraccount@gmail.com:smtp.gmail.com:587
test mail ssmtp
vyatta:~# iptables -L -n|mail -s iptables root@localhost send-mail: RCPT TO: (550 Invalid recipient: ) Can't send mail: sendmail process failed with error code 1 vyatta:~# iptables -L -n|mail -s iptables vyatta:~# iptables -L -n|mail -s iptables root vyatta:~# iptables -L -n|mail -s iptables vyatta
vyatta:~# wget http://www.cipherdyne.com/psad/download/psad-2.1.7.tar.gz vyatta:~# tar xzvf psad-2.1.7.tar.gz vyatta:~# cd psad-2.1.7 vyatta:~/psad-2.1.7# ./install.pl
If mistaken
would you like to again install script
vyatta:~/psad-2.1.7# ./install.pl
vyatta@vyatta:~$ su - vyatta:~# hostname vyatta.example.com vyatta:~#
Make sure set config /etc/psad/psad.conf your Email Hostname
[=red]/etc/psad/psad.conf ãÂ
Hello,
Please help me, error:
sloved. Thanks.
Hi all,
This script will apply for all port/IP???
Can i apply to some port of my server? because some server we don't use firewall
Thanks.
Hello,
This script can't help me block SYN Flood 80MB :(
My vyatta hardware:
IBM X3650 E5420
4GB RAM
RAID 0 - 2 x146G SAS
100Mbps network
My server:
IBM X3650 2 x E5420
4GB RAM
RAID1 - 2x 146G SAS
connect with eth1 of vyaata
but my vyatta server can't block 80MB SYN Flood :(, my server died now :(
Please help me :(
Keep getting the following error, and not really sure were to start looking.
Delivery to the following recipient failed permanently:
[psad-status] firewall setup warning on vyatta.cocoondata.com!@gmail.com
Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 550 550-5.1.1 The email account that you tried to reach does not exist. Please try
550-5.1.1 double-checking the recipient's email address for typos or
550-5.1.1 unnecessary spaces. Learn more at
550 5.1.1 http://mail.google.com/support/bin/answer.py?answer=6596 x1si2455675wfd.92 (state 17).
Let me see your ssmtp.conf
#
# Config file for sSMTP sendmail
#
# The person who gets all mail for userids < 1000
# Make this empty to disable rewriting.
#root=fail2ban@cocoondata.com
#root=stephen.thompson.au@gmail.com
# The place where the mail goes. The actual machine name is required no
# MX records are consulted. Commonly mailhosts are named mail.domain.com
mailhub=smtp.gmail.com:587
# Where will the mail seem to come from?
rewriteDomain=gmail.com
# The full hostname
hostname=gmail.com
# Are users allowed to set their own From: address?
# YES - Allow the user to specify their own From: address
# NO - Use the system generated From: address
FromLineOverride=YES
AuthUser=Username@gmail.com
AuthMethod=LOGIN
AuthPass=password
UseSTARTTLS=YES
should be check vyatta hostname then add user on /etc/ssmtp/revaliases
Hello,
Please help me error:
How was error? and then /etc/ssmtp/ssmtp.conf /etc/ssmtp/revaliases
I understand that some of your inqueries refers to a number of totally different issues in terms of stages of setup, modification or additional psad etc.
Mailhub
The host to send mail to, in the form host | IP_addr [
: port]. The default port is 25.
RewriteDomain
The domain from which mail seems to come. for user authentication.
Hostname
The full qualified name of the host. If not specified, the host is queried for its hostname.
FromLineOverride
Specifies whether the From header of an email, if any, may override the default domain. The default is ''no''.
UseTLS
Specifies whether ssmtp uses TLS to talk to the SMTP server. The default is ''no''.
UseSTARTTLS
Specifies whether ssmtp does a EHLO/STARTTLS before starting SSL negotiation. See RFC 2487.
TLSCert
The file name of an RSA certificate to use for TLS, if required.
AuthUser
The user name to use for SMTP AUTH. The default is blank, in which case SMTP AUTH is not used. sent without
AuthPass
The password to use for SMTP AUTH.
AuthMethod
The authorization method to use. If unset, plain text is used. May also be set to ''cram-md5''.
Thank you,
i already config
but still error:
AuthUser=your_email_account or account_ID
e.g.
Email
Account ID x3301
PASS *******
SMTP smtp1.example.com
Email
Account ID user_6771
PASS *******
SMTP mail.example.org
Perfect! Very nice! :lol:
Hello,
I have very mistake warrning:
root@vyatta:/etc/init.d# /etc/init.d/psad restart
[+] Stopping psadwatchd, pid: 24736
[+] Stopping psad, pid: 24734
Starting psad: mail: RCPT TO:<[psad-status] firewall setup warning on vyatta!@host.pl> (501 <[psad-status] firewall setup warning on vyatta!@host.pl>: missing or malformed local part)
root@vyatta:/etc/init.d#
How Can i solve it ?
Regards
Anyone ?
Hmmm.... "local part" seems to be related with either "hostname" or, better guess, with local part of e-mail, either FROM email, or TO email.
It's a guess in the wild, but you should check /etc/ssmtp/ssmtp.conf