[tech] Server upgrades yesterday
David Adam
zanchey at ucc.gu.uwa.edu.au
Mon Feb 13 10:07:05 WST 2012
On Sun, 12 Feb 2012, Daniel Axtens wrote:
> - mooneye: left it so [BOB] can get his kicks on uptime
>
> - murasoi: updated packages and rebooted to get most recent kernel.
> Installed snort. This became a rather epic quest:
> - Install the snort pacakge. Realise it doesn't support netfilter
> queue, which [DAA] says is important.
Whoops. If I'd known it was going to be that hard I would have said not
to bother! Sorry. It is probably the least intrusive way of running snort
on a router.
> - Install the dev packages libnetfilter-queue.
> - Rebuild libdaq0 from source.
> - Rebuild snort from source:
> - Remove prelude support, it causes compiling to break due to a missing .la file.
> - Hack the init.rd file to make it support nfq rather than pcap.
> - NOTE: We're now using hacked up debian packages of snort and
> libdaq0 (versions are suffixed by "~dja"). PLEASE be careful when
> upgrading.
I've pinned these packages using apt_preferences(5). We should probably
file an RFE with Debian to suggest NFQUEUE being enabled for their Linux
packages.
> Snort is currently only watching sigma, but feel free to expand it if you like.
>
> NOTE: ucc-fw and dovecot2 didn't come up correctly after reboot. [DAA]
> has hit dovecot2 over the head, but someone should confirm ucc-fw has
> been correctly set up (it was missing symlinks in /dev/rcN.d/)
I've added LSB tags to the ucc-fw init script and updated the symlinks.
I also poked the bootloader on heathred so that it boots the kernel it's
supposed to, and tested this.
[DAA]
More information about the tech
mailing list