$ cat .xinitrc jwm
see below .
ibus-anthy is going well and show state .
もちろん pkg_add -iu
2) /etc/nginx/nginx.conf
worker_processes 1;
worker_rlimit_nofile 1024;
events {
worker_connections 800;
}
#h>
http {
include mime.types;
default_type application/octet-stream;
index index.html index.htm;
keepalive_timeout 65;
server_tokens off;
server {
listen 80;
listen [::]:80;
server_name localhost; #<-for test
root /var/www/d1;
auth_basic "Restricted";
auth_basic_user_file /var/www/1/.htpasswd;
}
#0#
server {
listen 80;
listen [::]:80;
server_name a.mydns.jp;
root /var/www/d0;
#auth_basic "Restricted";
#auth_basic_user_file /var/www/1/.htpasswd;
}
#1
server {
listen 80;
listen [::]:80;
server_name s.sun.ddns.vc;
root /var/www/d1;
auth_basic "Restricted";
auth_basic_user_file /var/www/1/.htpasswd;
}
#2
server {
listen 80;
listen [::]:80;
server_name kko.sun.ddns.vc;
root /var/www/d2;
auth_basic "Restricted";
auth_basic_user_file /var/www/2/.htpasswd;
#11
server {
listen 80;
listen [::]:80;
server_name m.planex.ddns.vc;
root /var/www/d11;
auth_basic "Restricted";
auth_basic_user_file /var/www/11/.htpasswd;
}
#12
server {
listen 80;
listen [::]:80;
server_name n.luna.ddns.vc;
root /var/www/d12;
auth_basic "Restricted";
auth_basic_user_file /var/www/12/.htpasswd;
}
#h>
}
3)mount sda4(ext2)
mount /dev/sd0j /mnt
cd /mnt
dd bs=32786k if=/dev/rsd2c | gzip -c -9 > 32gUSBarch.gz
4)
pfctl -sr
5)md5
p5-Test-File-Contents
6)
/etc/rc.local
# $OpenBSD: rc.local,v 1.44 2011/04/22 06:08:14 ajacoutot Exp $
# Site-specific startup actions, daemons, and other things which
# can be done AFTER your system goes into securemode. For actions
# which should be done BEFORE your system has gone into securemode
# please see /etc/rc.securelevel.#if [ -x /root/mount-EXT2.bat ]; then
# echo 'Starting mount /EXT2 '; /root/mount-EXT2.bat
#fi
/usr/sbin/ntpd -s
#umount /var/www
#mount_ext2fs /dev/sd0a /var/www # <-----ext2fs
if [ -x /usr/sbin/nginx ];
then echo ' ----- Starting nginx ----- ';
/etc/rc.d/nginx -f start
fi
7)
gzip -c -9 X.img > X.img.gz
8)日本語入力
libreoffice
9) # cat /etc/rc.local
# cat /etc/rc.shutdown
10)cat x.bat access.log
x=`date | cut -d ' ' -f 4`
echo $x
y=`date | cut -d ' ' -f 2`
echo $y
z=`date | cut -d ' ' -f 7`
echo $z
A=$x/$y/$z
echo $A
cat /var/www/logs/access.log | grep $A >k1
cat k1
echo '111111111111111111111111111111111'
cat k1 | grep -v DoCoMo > k2
cat k2
ls -l /var/log/snort
cat /var/log/snort/alert
echo 'cd /var/log/snort '
snort自体は
wget https://www.snort.org/rules/snortrules-snapshot-2962.tar.gz?oinkcode=076d8a7。。。5bd5fba
cp snortrules-snapshot-2962.tar.gz\?oinkcode\=076d8a77eadd51。。。5fba /etc/snort/
cd /etc/snort/
# tar xvzf
snortrules-snapshot-2962.tar.gz\?oinkcode\=076d8a7。。。45bd5fba
を確か 2970 2972も繰り返した。
snort -D -d -c /etc/snort/snort.conf -u _snort -g _snort ; ps -ax| grep snort
10) top
load averages: 0.34, 0.35, 0.34 yuma.my.domain 19:51:24
59 processes: 2 running, 56 idle, 1 on processor
CPU states: 6.8% user, 0.0% nice, 0.2% system, 0.0% interrupt, 93.0% idle
Memory: Real: 296M/458M act/tot Free: 25M Cache: 96M Swap: 157M/1021M
PID USERNAME PRI NICE SIZE RES STATE WAIT TIME CPU COMMAND
11602 tusi 2 0 192M 186M run poll 4:04 0.00% firefox
24033 tusi 2 0 112M 13M sleep poll 2:06 0.00% midori
3018 tusi 2 0 20M 23M run - 0:40 0.00% Xorg
19218 tusi 2 0 3124K 3904K sleep poll 0:07 0.00% ibus-daemon
23443 tusi 2 0 3500K 10M idle poll 0:03 0.00% ibus-ui-gtk3
16713 tusi 2 0 6960K 8004K idle poll 0:02 0.00% python2.7
1 root 10 0 676K 120K sleep wait 0:01 0.00% init
21844 tusi 2 0 1328K 2480K idle poll 0:01 0.00% ibus-engine-simp
6833 tuysi 2 0 1008K 2040K idle select 0:00 0.00% fvwm
12)filemanager
rox-filer -> rox で開始
13) scim-anthy
http://d.hatena.ne.jp/nawolets/20110507/1304757336 をみるとよい。
$ vi .profile
export LANG=ja_JP.UTF-8
export LC_CTYPE=ja_JP.UTF-8
export GTK_IM_MODULE="scim"
export QT_IM_MODULE="scim"
export XMODIFIERS="@im=SCIM"
$ vi .xinitrc
/usr/local/bin/scim -d &
$ vi .inputrc
set convert-meta off
set meta-flag on
set output-meta on
13)ports memo
http://unosodoku638kam.hatenablog.com/entry/2013/12/27/192223
- http://www.openbsd.org/faq/faq15.html#Ports
$ cd /usr/ports $ make search key=rsnapshot$ cd /usr/ports/net/rsnapshot $ make install15.3.6 - Cleaning up after a build
You probably want to clean the port's default working directory after you have built the package and installed it.
In addition, you can also clean the working directories of all dependencies of the port with this make target:$ make clean ===> Cleaning for rsnapshot-1.2.9
If you wish to remove the source distribution set(s) of the port, you would use$ make clean=depends ===> Cleaning for rsync-2.6.9 ===> Cleaning for rsnapshot-1.2.9
In case you have been compiling multiple flavors of the same port, you can clear the working directories of all these flavors at once using$ make clean=dist ===> Cleaning for rsnapshot-1.2.9 ===> Dist cleaning for rsnapshot-1.2.9
You can also clean things up as they get built, by setting a special variable. Work directories will automatically be cleaned after packages have been created:$ make clean=flavors
$ make package BULK=Yes
- 辛抱できるterminal
1) roxterm
$ cat
/usr/local/bin/lll
ls $1 | cat -
2)
1st pkg_add colorls
ln -s /usr/local/bin/colorls /usr/local/bin/ll
use ll instead of ls
2nd from https://sites.google.com/site/teyasn001/home/uxterm
$ cat .Xdefaults
# XTerm*loginShell:true
XTerm*faceName:'Monospace'
XTerm*faceSize:13
XTerm*background:gray
XTerm*foreground:blac
UXTerm*faceName: Dejavu Sans Mono:style=book
UXTerm*faceNameDoublesize: IPAGothic:style=Regular
UXTerm*faceSize: 15
UXTerm*background: gray
UXTerm*foreground: black
3rd more .jwmrc<?xml version="1.0"?>
<JWM>
<!-- The root menu, if this is undefined you will not get a menu. -->
<!-- Additional RootMenu attributes: onroot, labeled, label -->
<RootMenu height="32" onroot="12">
<Program icon="terminal.png" label="uxterm"> uxterm </Program>
<Program icon="terminal.png" label="roxterm"> roxterm</Program>
<Program icon="ibun-anthy.png" label="IbusAnthy"> /usr/local/bin/ibus-daemon -d -x -r</Program>
<Program icon="xfce4-mixer.png" label="xfce4-mixer"> xfce4-mixer </Program>
<Program icon="rox.png" label="rox">rox </Program>
<Menu icon="folder.png" label="Applications">
<Program icon="word-processor.png" label="Libre Office">libreoffice </Program>
| さまざま sh /etc/netstart #cdio -f cd1c blank ; eject cd1c cdrecord -v dev=6,1,0 blank=all ; eject cd1c $ cat cd-iso-burn.bat #cdio -f cd0c tao $1 <--- うすくしか焼けない #cdio -f cd1c tao $1 <--- うすくしか焼けない ########################## #cdrecord dev=1,0,0 speed=2 -v $1 cdrecord dev=6,1,0 speed=2 -v $1 BLOCK teamviewer internet | | wifi router---windows81 | | urtwn0 dhcp openbsd fxp0 192.168.64.1/24(dhcpd) | | dhcp linux (firefox edit>preference>adavance>setting>http proxy 192.168.64.1 port 3128 # ./comment-out.bat /etc/squid/squid.conf acl localnet src 10.0.0.0/8 # RFC1918 possible internal network acl localnet src 172.16.0.0/12 # RFC1918 possible internal network acl localnet src 192.168.0.0/16 # RFC1918 possible internal network acl localnet src fc00::/7 # RFC 4193 local private network range acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost manager http_access deny manager http_access allow localnet http_access allow localhost http_access deny all http_port 3128 coredump_dir /var/squid/cache refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 # ./comment-out.bat /etc/pf.conf ext_if="urtwn0" int_if="fxp0" tcp_services="{ 22, 113 }" icmp_types="echoreq" set block-policy return set loginterface $ext_if set skip on lo set reassemble yes no-df pass in quick log on $ext_if inet proto tcp to port 80 divert-to 127.0.0.1 port 3128 pass out quick from 127.0.0.1 divert-reply anchor "ftp-proxy/*" pass in quick on $int_if inet proto tcp to any port ftp \ divert-to 127.0.0.1 port 8021 block in log pass out quick antispoof quick for { lo $int_if } pass in on $ext_if inet proto tcp from any to ( $ext_if:0 ) port $tcp_services pass in inet proto icmp all icmp-type $icmp_types pass in on $int_if すると win81 のteamviewer から linuxのteamviewer に接続しようとしても パートナーへの接続はありません となって接続を拒否される。 つまり openbsd firewall が侵入を食い止めた。 | ||||||
| snort | ||||||
| http://inaba-serverdesign.jp/blog/20140131/snort_inline_ips.html がいいサイトです。 最終的には cat snort.bat cd /usr/local/bin/# test-mode #snort -T -i urtwn0 -u _snort -g _snort -c /etc/snort/snort.conf snort -A fast -b -d -D -i urtwn0 -u _snort -g _snort -c /etc/snort/snort.conf -l /var/log/snort ポイントは 1) ルールは cd /etc/snort のところで解凍 2) touch /etc/snort/rules/white_list.rules /etc/snort/rules/black_list.rules
3)
# mkdir /usr/local/lib/snort_dynamicrules# cp /etc/snort/so_rules/precompiled/OpenBSD-5-3/i386/2.9.7.2/* /usr/local/lib/snort_dynamicrules/でした。 | ||||||
0 件のコメント:
コメントを投稿