Archive for the ‘Mẹo vặt của hiếu râu’ Category
5
Jun
Sendmail filter
/* ————————————————————
* “FilterRules” feature to log any message through this MTA
* (c) /Invisible VR Corp. 2001
*
* ABSTRACT
* This routine sends every message which match the FilterRules.
*
* IMPLEMENTATION
* The FilterRules code is compiled into the sendmail binary.
* To check whether a message was already filtered it writes
* log in /var/log/filter.log
*
* CONFIGURATION
* The FilterRules is configuerd in /etc/sendmail.fil as:
* <Sender> <Recipient> <Subject> <SendTo>
*
* ———-/etc/sendmail.fil example:————-
* a@a.com b@b.com * c@c.com
* * * This|is|the|Rules d@d.com
* * e@e.com * d@d.com
* * * * f@f.com
* * * Love|letter|for|you #!virusbox@antivirus.com
* * * * *
* —————— END ————————–
* That means :
* 1/ If From a@a.com To b@b.com then send the
* message to c@c.com
* 2/ If the subject content “This is the Rules” then
* send the message to d@d.com
* 3/ If the recipient is e@e.com then send the
* message to d@d.com
* 4/ Send all message to f@f.com
* 5/ If the subject content “Love letter for you” then
* - Drop(!) the message and send a copy to virusbox@antivirus.com
* - Ignore(#) other rules. It scans from the bottom to top.
* 6/ Enable Log function, It writes activities log
* to /var/log/filter.log
*
*
*
*
* COMPATIBILITY
* FilterRules is tested with sendmail-8.8.5 and sendmail-8.11.2
* under Linux RedHat 7.1
*
* AUTHOR
* Hieu Nguyen Trung - hieu@vpnvietnam.com
*
* LICENSE/WARRANTY
* The software is provided “AS IS” without warranties of any kind,
* either expressed or implied, including, but not limited to the
* implied warranties of merchantability and fitness for a particular
* purpose. The entire risc of the software is with you. In no event
* we will be liable for any damages, including any lost profits,
* lost savings or other incidental damages arising out of the use
* or inability to use the software, even if we have been advised
* of the possibility of such damages, or for any claim by another party.
*
* INSTALLATION
* This source fragment must be included into the source-file:
* …/sendmail-8.x.y/src/srvrsmtp.c
* at the following position
*
* the sendmail binary must be remaked and reinstalled at
* its proper position (normally /usr/sbin/sendmail).
* —————————————————————
*/
/* Insert [-My Filter Code-] before these lines
*
* SmtpPhase = “delivery”;
* (void) bftruncate(e->e_xfp);
*
*/
// —————- My Filter Code———————
my_filter(e);
if (clearlist)
for (a = e->e_sendqueue; a != NULL; a = a->q_next)
{
/* make this “go away” */
a->q_state = QS_REMOVED;
}
while (sendtos!=NULL)
{
a = parseaddr(sendtos->sendto, NULLADDR, RF_COPYALL, ‘ ‘, &delimptr, e);
if (a != NULL )
a = recipient(a, &e->e_sendqueue, 0, e);
pst=sendtos;
sendtos=sendtos->next;
free(pst);
}
//—————-End My Filter ———————————
/* And Insert All The below Codes before these lines
*
* void smtp(nullserver, d_flags, e)
* char *volatile nullserver;
* register ENVELOPE *volatile e;
*/
//———————- Insert this —————————-
struct filter //Rules List
{
char subject[200];
char from[100];
char to[100];
char sendto[100];
struct filter * next;
};
typedef struct filter FILTER;
struct sendto //Sendtos List
{
char sendto[100];
struct sendto * next;
};
typedef struct sendto SENDTO;
SENDTO * sendtos, * pst;
FILTER * filters;
bool clearlist;
^Mbool exitrule;
bool fdebug;
//Add Rule to Rules List
void addchains(char *sfrom,char *sto,char *ssubject,char *ssendto)
{
FILTER *p;
p = (FILTER *)malloc(520);
if (p==NULL) return;
strcpy(p->subject,ssubject);
strcpy(p->from,sfrom);
strcpy(p->to,sto);
strcpy(p->sendto,ssendto);
p->next=filters;
filters=p;
}
void deletechains(void) //Delete Rules List
{
FILTER *p;
while (filters!=NULL)
{
p=filters;
filters=filters->next;
free(p);
}
}
void sendlist(receipient) // Add Matchs to sendtos list
char *receipient;
{
SENDTO *r;
char *p;
p = strchr(receipient,’#');
if (p != NULL)
{
receipient++;
exitrule=TRUE;
}
p = strchr(receipient,’!');
if (p != NULL)
{
receipient++;
clearlist=TRUE;
}
r = (SENDTO *)malloc(120);
if (r==NULL) return;
strcpy(r->sendto,receipient);
r->next=sendtos;
sendtos=r;
}
void cmpchains(e,fdebug) //Scan Rules
ENVELOPE *volatile e;
bool fdebug;
{
ADDRESS *b,*c;
HDR *h;
char *delimptr;
FILTER *p;
char subject[200]=”-None-”;
time_t t;
FILE *logfile;
for (h = e->e_header; h != NULL; h = h->h_link)
{ //Get subject from HDR
if (strcasecmp(h->h_field,”subject”)==0) strcpy(subject,h->h_value);
}
if (fdebug)
{ //Open Log File
logfile = fopen(”/var/log/filter.log”,”a”);
if (logfile == NULL ) fdebug=FALSE;
}
if (fdebug)
{
time(&t);
fprintf(logfile,”\n\nDate : %s”,ctime(&t));
fprintf(logfile,”Message From:[%s] To:[%s] Subject:[%s]\n”,
e->e_sender,e->e_sendqueue->q_paddr,subject);
}
for (p=filters;p!=NULL;p=p->next)
{ //Scan Rules
if (fdebug)
fprintf(logfile,”Filter From:[%s] To:[%s] Subject:[%s]\n”,
p->from,p->to,p->subject);
if (strcmp(p->from,”*”))
if (strstr(e->e_sender,p->from)==NULL) continue;
//Match FROM
if (strcmp(p->subject,”*”))
if (strstr(subject,p->subject)==NULL) continue;
//Match Subject
if (strcmp(p->to,”*”)==0)
{
sendlist(p->sendto);
if (fdebug)
{
fprintf(logfile,” Match [ALL] Sendto:[%s]\n”,p->sendto);
if (exitrule)
fprintf(logfile,” SigTerm(#) found. Ignore other rules.\n”);^M
}
}
else
for (b = e->e_sendqueue; b != NULL; b = b->q_next)
{
if (strstr(b->q_paddr,p->to)==NULL) continue;
sendlist(p->sendto);
if (fdebug)
{
fprintf(logfile,” Match To:[%s] Sendto:[%s]\n”,
b->q_paddr,p->sendto);
if (exitrule)
fprintf(logfile,” SigTerm(#) found. Ignore other rules.\n”);^M
}
break;
}
if (exitrule)
break;
}
if (fdebug) fclose(logfile);
}
void my_filter(e) //My filter
ENVELOPE *volatile e;
{
int handle,i;
char sFrom[100],sTo[100],sSubject[200],sSendto[100];
FILE *stream;
fdebug=FALSE;
exitrule=FALSE;
clearlist=FALSE;
filters= NULL;
handle = open(”/etc/sendmail.fil”,O_CREAT|S_IREAD);
stream = fdopen(handle,”r”);
if (stream == NULL ) return;
while (fscanf(stream,”%s %s %s %s”,sFrom,sTo,sSubject,sSendto)==4)
{
if (strcmp(sSendto,”*”)==0)
{
fdebug=TRUE;
continue;
}
//convert Subject “This|is|the|subject” -> “This is the subject”
for (i=0;i<strlen(sSubject);i++) if (sSubject[i]==’|') sSubject[i]=’ ‘;
addchains(sFrom,sTo,sSubject,sSendto);
}
cmpchains(e,fdebug);
deletechains();
fclose(stream);
}
// ————————-END———————-
proc sendmail
#!/bin/sh
[root@gwmail5 /]# snmpwalk -v 2c -c public hostname extTable
3
Oct
thttpd
Down source PHP + http://www.acme.com/software/thttpd/thttpd-2.21b.tar.gz
phpinfo() –> + –with-thttpd=../thttpd-2.21b ( /sapi/thttpd/README )
‘./configure’ ‘–prefix=/usr’ ‘–with-apxs2=/usr/sbin/apxs’ ‘–prefix=/usr’ ‘–sysconfdir=/etc’ ‘–disable-safe-mode’ ‘–enable-apc’ ‘–enable-apc-mmap’ ‘–enable-memory-limit’ ‘–enable-suhosin’ ‘–disable-magic-quotes’ ‘–enable-zend-multibyte’ ‘–enable-mbregex’ ‘–enable-tokenizer=shared’ ‘–with-config-file-scan-dir=/etc/php’ ‘–with-config-file-path=/etc/httpd’ ‘–with-mod_charset’ ‘–with-layout=PHP’ ‘–enable-sigchild’ ‘–enable-xml’ ‘–with-libxml-dir=/usr’ ‘–enable-simplexml’ ‘–enable-spl’ ‘–enable-filter’ ‘–disable-debug’ ‘–with-openssl=shared’ ‘–with-pcre-regex=/usr’ ‘–with-zlib=shared,/usr’ ‘–enable-bcmath=shared’ ‘–with-bz2=shared,/usr’ ‘–enable-calendar=shared’ ‘–enable-ctype=shared’ ‘–with-curl=shared’ ‘–with-curlwrappers’ ‘–enable-dba=shared’ ‘–with-gdbm=/usr’ ‘–with-db4=/usr’ ‘–enable-dbase=shared’ ‘–enable-exif=shared’ ‘–enable-ftp=shared’ ‘–with-gd=shared’ ‘–with-jpeg-dir=/usr’ ‘–with-png-dir=/usr’ ‘–with-zlib-dir=/usr’ ‘–with-xpm-dir=/usr’ ‘–with-freetype-dir=/usr’ ‘–with-t1lib=/usr’ ‘–enable-gd-native-ttf’ ‘–enable-gd-jis-conv’ ‘–with-gettext=shared,/usr’ ‘–with-gmp=shared,/usr’ ‘–with-iconv=shared’ ‘–with-ldap=shared’ ‘–enable-mbstring=shared’ ‘–with-hash’ ‘–with-mhash=shared,/usr’ ‘–with-mysql=shared,/usr’ ‘–with-mysqli=shared,/usr/bin/mysql_config’ ‘–enable-pdo=shared’ ‘–with-pdo-mysql=shared,/usr’ ‘–with-pdo-sqlite=shared’ ‘–with-pspell=shared,/usr’ ‘–with-mm=/usr’ ‘–enable-shmop=shared’ ‘–with-snmp=shared,/usr’ ‘–enable-soap=shared’ ‘–enable-sockets’ ‘–with-sqlite=shared’ ‘–with-regex=php’ ‘–enable-sysvmsg’ ‘–enable-sysvsem’ ‘–enable-sysvshm’ ‘–enable-wddx=shared’ ‘–with-xsl=shared,/usr’ ‘–enable-zip=shared’ ‘–with-tsrm-pthreads’ ‘–enable-shared=yes’ ‘–enable-static=no’ ‘–with-gnu-ld’ ‘–with-pic’ ‘–build=i486-slackware-linux’ –with-thttpd=../thttpd-2.21b ;make ;make install
Remove world-readable in libthttpd.c
cd ../thttpd-2.21b; ./configure ; make ; make install
thttpd -C /etc/thttpd.conf
# This section overrides defaults
dir=/home/thttpd
#chroot
user=thttpd# default = nobody
logfile=/var/log/thttpd.log
pidfile=/var/run/thttpd.pid
# This section _documents_ defaults in effect
port=809
# nosymlink# default = !chroot
vhost
# nocgipat
# nothrottles
# host=202.157.154.140
# charset=iso-8859-1
—– centos ——
http://vault.centos.org/5.10/updates/SRPMS/ download srpms
rpmbuild --rebuild [the downloaded file]
Ctrl-C
cd /usr/src/redhat/BUILD/php-5.3.3
3
Oct
openwebmail
perl suid
perl -MCPAN -e shell
>install MIME::Base64
openwebmail-tool.pl –init
openwebmail.conf
domainnames auto
auth_module auth_unix.pl
mailspooldir /var/mail
ow_cgidir /home/www/…/cgi-bin/openwebmail
ow_cgiurl /cgi-bin/openwebmail
ow_htmldir /home/www/…/openwebmail
ow_htmlurl /openwebmail
logfile /var/log/openwebmail.log
virtusertable /etc/mail/virtusertable
use_syshomedir no
ow_usersdir /home/opwm
login_fieldwidth 25
enable_changepwd yes
default_timeoffset +0700
default_style BoringGray
default_iconset Adjunct.Silver
dbm.conf
dbm_ext .db
dbmopen_ext .db
dbmopen_haslock yes
auth_unix.conf
passwdfile_plaintext /etc/passwd
passwdfile_encrypted /etc/shadow
passwdmkdb none
check_expire no
check_nologin no
check_shell no
check_cobaltuser no
change_smbpasswd no
chmod 755 /home/opwm
vipw
abc:x:1000:100::/home/opwm/abc:/bin/bash
3
Oct
sendmail AUTH LOGIN
~/sendmail-8.14.3/devtools/Site/site.config.m4
APPENDDEF(`confMAPDEF', `-DNEWDB -DSTARTTLS -DSASL=2 -DTCPWRAPPERS -DNIS -DMAP_REGEX')
APPENDDEF(`confLIBS', `-lnsl -lssl -lcrypto -lsasl2 -lwrap -lm -ldb -lresolv')
APPENDDEF(`conf_libmilter_ENVDEF', `-DMILTER')
APPENDDEF(`conf_sendmail_ENVDEF', `-DMILTER')
APPENDDEF(`conf_libmilter_ENVDEF', `-D_FFR_MILTER_ROOT_UNSAFE ')
/usr/share/sendmail/cf/cf/sendmail-slackware-tls-sasl.mc
/usr/share/sendmail/cf/cf# ./Build sendmail.mc
FEATURE(`blacklist_recipients’)dnl
FEATURE(`dnsbl’,`dnsbl.sorbs.net’,`Rejected - see http://www.au.sorbs.net/lookup’)
FEATURE(`dnsbl’,`whois.rfc-ignorant.org’,`Rejected - see http://www.rfc-ignorant.org’)
FEATURE(`dnsbl’,`dnsbl.njabl.org’,`Rejected - see http://njabl.org/lookup.html’)
FEATURE(`dnsbl’,`dnsbl.ahbl.org’,`Rejected - see http://ahbl.org/tools/lookup’)
FEATURE(`dnsbl’,`list.dsbl.org’,`Rejected - see http://dsbl.org/listing’)
FEATURE(`dnsbl’,`sbl.spamhaus.org’,`Rejected - see http://www.spamhaus.org/lookup.lasso’)
FEATURE(`dnsbl’,`sbl-xbl.spamhaus.org’,`Rejected - see http://www.spamhaus.org/lookup.lasso’)
dnl# define(`confAUTH_OPTIONS’, `A y’)dnl
define(`confAUTH_MECHANISMS’, `LOGIN PLAIN DIGEST-MD5 CRAM-MD5′)dnl
TRUST_AUTH_MECH(`LOGIN PLAIN DIGEST-MD5 CRAM-MD5′)dnl
~/cyrus-sasl-2.1.23# ./configure –prefix=/usr –disable-anon –enable-plain –enable-login –disable-krb4 –with-saslauthd=/var/state/saslauthd –with-openssl –with-plugindir=/usr/lib/sasl2 –disable-cram –disable-digest –disable-otp
/usr/lib/sasl2/Sendmail.conf
pwcheck_method: saslauthd mech_list: LOGIN PLAIN
--------------- Centos ------------
yum install cyrus-sasl-plan
define(`confAUTH_OPTIONS', `A')dnl define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl TRUST_AUTH_MECH(`LOGIN PLAIN')dnl
3
Oct
apache - httpd.conf
VirtualDocumentRoot /home/www/%-2%-1/%1%2
VirtualScriptAlias /home/www/%-2%-1/%1%2/cgi-bin
<VirtualHost 203.113.172.97:80>
php_admin_flag register_globals On
php_admin_value file_upload 1
php_admin_value upload_tmp_dir /tmp
php_admin_value session.save_path /tmp
</VirtualHost>
Include /etc/httpd/basepaths/*
basepaths/daigiaphat.com
<VirtualHost 203.113.172.97:80>
ServerName www.daigiaphat.com
ServerAlias daigiaphat.com
php_admin_flag safe_mode On
php_admin_value open_basedir /home/www/daigiaphatcom/wwwdaigiaphat/
php_admin_flag register_globals Off
php_admin_value file_upload 1
php_admin_value upload_tmp_dir /home/www/daigiaphatcom/wwwdaigiaphat/tmp/
php_admin_value session.save_path /tmp
</VirtualHost>
phpinfo();
‘./configure’ ‘–prefix=/usr’ ‘–with-apxs2=/usr/sbin/apxs’ ‘–prefix=/usr’ ‘–sysconfdir=/etc’ ‘–disable-safe-mode’ ‘–enable-apc’ ‘–enable-apc-mmap’ ‘–enable-memory-limit’ ‘–enable-suhosin’ ‘–disable-magic-quotes’ ‘–enable-zend-multibyte’ ‘–enable-mbregex’ ‘–enable-tokenizer=shared’ ‘–with-config-file-scan-dir=/etc/php’ ‘–with-config-file-path=/etc/httpd’ ‘–with-mod_charset’ ‘–with-layout=PHP’ ‘–enable-sigchild’ ‘–enable-xml’ ‘–with-libxml-dir=/usr’ ‘–enable-simplexml’ ‘–enable-spl’ ‘–enable-filter’ ‘–disable-debug’ ‘–with-openssl=shared’ ‘–with-pcre-regex=/usr’ ‘–with-zlib=shared,/usr’ ‘–enable-bcmath=shared’ ‘–with-bz2=shared,/usr’ ‘–enable-calendar=shared’ ‘–enable-ctype=shared’ ‘–with-curl=shared’ ‘–with-curlwrappers’ ‘–enable-dba=shared’ ‘–with-gdbm=/usr’ ‘–with-db4=/usr’ ‘–enable-dbase=shared’ ‘–enable-exif=shared’ ‘–enable-ftp=shared’ ‘–with-gd=shared’ ‘–with-jpeg-dir=/usr’ ‘–with-png-dir=/usr’ ‘–with-zlib-dir=/usr’ ‘–with-xpm-dir=/usr’ ‘–with-freetype-dir=/usr’ ‘–with-t1lib=/usr’ ‘–enable-gd-native-ttf’ ‘–enable-gd-jis-conv’ ‘–with-gettext=shared,/usr’ ‘–with-gmp=shared,/usr’ ‘–with-iconv=shared’ ‘–with-ldap=shared’ ‘–enable-mbstring=shared’ ‘–with-hash’ ‘–with-mhash=shared,/usr’ ‘–with-mysql=shared,/usr’ ‘–with-mysqli=shared,/usr/bin/mysql_config’ ‘–enable-pdo=shared’ ‘–with-pdo-mysql=shared,/usr’ ‘–with-pdo-sqlite=shared’ ‘–with-pspell=shared,/usr’ ‘–with-mm=/usr’ ‘–enable-shmop=shared’ ‘–with-snmp=shared,/usr’ ‘–enable-soap=shared’ ‘–enable-sockets’ ‘–with-sqlite=shared’ ‘–enable-sqlite-utf8′ ‘–with-regex=php’ ‘–enable-sysvmsg’ ‘–enable-sysvsem’ ‘–enable-sysvshm’ ‘–enable-wddx=shared’ ‘–with-xsl=shared,/usr’ ‘–enable-zip=shared’ ‘–with-tsrm-pthreads’ ‘–enable-shared=yes’ ‘–enable-static=no’ ‘–with-gnu-ld’ ‘–with-pic’ ‘–build=i486-slackware-linux’
remove ‘
remove imap
./configure –prefix=/usr –with-apxs2=/usr/sbin/apxs –prefix=/usr –sysconfdir=/etc –disable-safe-mode –enable-apc –enable-apc-mmap –enable-memory-limit –enable-suhosin –disable-magic-quotes –enable-zend-multibyte –enable-mbregex –enable-tokenizer=shared –with-config-file-scan-dir=/etc/php –with-config-file-path=/etc/httpd –with-mod_charset –with-layout=PHP –enable-sigchild –enable-xml –with-libxml-dir=/usr –enable-simplexml –enable-spl –enable-filter –disable-debug –with-openssl=shared –with-pcre-regex=/usr –with-zlib=shared,/usr –enable-bcmath=shared –with-bz2=shared,/usr –enable-calendar=shared –enable-ctype=shared –with-curl=shared –with-curlwrappers –enable-dba=shared –with-gdbm=/usr –with-db4=/usr –enable-dbase=shared –enable-exif=shared –enable-ftp=shared –with-gd=shared –with-jpeg-dir=/usr –with-png-dir=/usr –with-zlib-dir=/usr –with-xpm-dir=/usr –with-freetype-dir=/usr –with-t1lib=/usr –enable-gd-native-ttf –enable-gd-jis-conv –with-gettext=shared,/usr –with-gmp=shared,/usr –with-iconv=shared –with-ldap=shared –enable-mbstring=shared –with-hash –with-mhash=shared,/usr –with-mysql=shared,/usr –with-mysqli=shared,/usr/bin/mysql_config –enable-pdo=shared –with-pdo-mysql=shared,/usr –with-pdo-sqlite=shared –with-pspell=shared,/usr –with-mm=/usr –enable-shmop=shared –with-snmp=shared,/usr –enable-soap=shared –enable-sockets –with-sqlite=shared –enable-sqlite-utf8 –with-regex=php –enable-sysvmsg –enable-sysvsem –enable-sysvshm –enable-wddx=shared –with-xsl=shared,/usr –enable-zip=shared –with-tsrm-pthreads –enable-shared=yes –enable-static=no –with-gnu-ld –with-pic –build=i486-slackware-linux
make , make install
cp ./modules/* /usr/lib/php/extensions
httpd
./configure –enable-so –enable-modules=all
Include /usr/local/apache2/conf/mod_php.conf
Include /etc/httpd/basepaths/*
—————
# Load the PHP module:
LoadModule php5_module /usr/lib/httpd/modules/libphp5.so
AddType application/x-httpd-php .php
———-
shadow-4.0.3.tar.bz2 + shadow.gcc34.diff.gz -> patch < xmalloc.c.diff
for i in `ls`; do echo $i;cat $i | grep “check_user_name”; done
libmisc/chkname.c ->
(*name >= ‘0′ && *name <= ‘9′) ||
*name == ‘_’ || *name == ‘-’ ||
*name == ‘.’ || *name == ‘.’ ||
(*name == ‘$’ && *(name+1) == NULL)))
return 0;