I have been seeing traffic like this on my firewall more and more. Does anyone know what it is?
99. 101103 rule 19/0(match): block in on le0: 4.234.24.139.34247 > 192.168.100.7.3437: UDP, length 31
44. 809854 rule 19/0(match): block in on le0: 24.197.158.193.36787 > 192.168.100.7.3437: UDP, length 35
19. 922285 rule 19/0(match): block in on le0: 219.58.194.9.6346 > 192.168.100.7.3437: UDP, length 31
603. 012552 rule 19/0(match): block in on le0: 75.83.84.151.24363 > 192.168.100.7.3437: UDP, length 31
509. 641906 rule 19/0(match): block in on le0: 124.184.98.120.25705 > 192.168.100.7.3437: UDP, length 35
Tuesday, November 10, 2009
Tuesday, November 3, 2009
Listen for http connections with C
#include <stdlib.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netdb.h>
#include <string.h>
#include <unistd.h>
#include <stdio.h>
#include <signal.h>
#include <arpa/inet.h>
#include <time.h>
#define PORT 30000
#define MAXBUFF 1024
int wwwsock;
void myError(char *err) {
perror(err);
exit(1);
}
void catchSig(int sig) {
close(wwwsock);
exit(0);
}
int main(int argc, char *argv[]) {
char timebuff[250];
char *buffer;
char *req;
int clientAddr, newConnection, size;
int optval=1;
time_t curtime;
struct sockaddr_in serv_addr, cli_addr;
(void)signal(SIGINT, catchSig);
wwwsock = socket(AF_INET, SOCK_STREAM, 0);
if(wwwsock<0)
myError("Socket Failed\n");
memset(&serv_addr,'\0',sizeof(serv_addr));
serv_addr.sin_family = AF_INET;
serv_addr.sin_addr.s_addr = INADDR_ANY;
serv_addr.sin_port = htons(PORT);
setsockopt(wwwsock, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof optval);
if (bind(wwwsock,(struct sockaddr *) &serv_addr,sizeof(serv_addr)) < 0) {
char error[30];
sprintf(error,"ERROR binding to port %d",PORT);
myError(error);
}
listen(wwwsock,5);
clientAddr=sizeof(struct sockaddr_in);
buffer=malloc(MAXBUFF);
req=malloc(MAXBUFF);
while(1) {
newConnection=accept(wwwsock,(struct sockaddr *) &cli_addr,(socklen_t *)&clientAddr);
memset(buffer,'\0',sizeof(buffer));
if(recv(newConnection,buffer,MAXBUFF,0) > 0) {
if(strstr(buffer,"\n")) {
size=(strlen(buffer)-strlen(strstr(buffer,"\n")));
}
else
size=0;
if(size>0 && size<MAXBUFF) {
curtime=time(NULL);
strftime(timebuff,sizeof(timebuff),"%c",localtime (&curtime));
strncpy(req,buffer,size+1);
printf("%s Client %s Requested %s",timebuff,inet_ntoa(cli_addr.sin_addr),req);
}
send(newConnection,"HTTP/1.1 404 Not Found\r\nConnection: close\r\n\r\n",22,0);
close(newConnection);
}
}
close(wwwsock);
return 0;
}
Sunday, February 15, 2009
Using Ports within a jail
To cut down on hard drive space use it's a good idea to use the ports directory from the main system in each jail. To secure it the best idea is to mount /usr/ports read only. The problem with having /usr/ports read only is the source can not be saved in /usr/ports/distfiles. To fix this we need to tell make to save the files elsewhere.
First edit /etc/fstab and add
/usr/ports/PATH_TO_JAIL /usr/ports nullfs ro 0 0
After remount file systems
mount -a
From within the jail create the dir /var/distfile and add
DISTDIR=/var/distfile and WRKDIRPREFIX=/var/distfiles to /etc/make.conf
All the files shoud besave in /var/distfile from now on.
First edit /etc/fstab and add
/usr/ports/PATH_TO_JAIL /usr/ports nullfs ro 0 0
After remount file systems
mount -a
From within the jail create the dir /var/distfile and add
DISTDIR=/var/distfile and WRKDIRPREFIX=/var/distfiles to /etc/make.conf
All the files shoud besave in /var/distfile from now on.
Subscribe to:
Posts (Atom)