「LS-XL 初期設定」の編集履歴(バックアップ)一覧に戻る
# apt-get install ntp
# vi /etc/hostname LS-XLE9A # vi /etc/hosts 127.0.0.1 localhost LS-XLE9A
# apt-get install bootlogd
# vi /etc/rc.local echo off > /proc/buffalo/gpio/led/power_blink exit 0
# vi /etc/init.d/halt echo off > /proc/buffalo/gpio/led/power echo off > /proc/buffalo/gpio/power_control/hdd0 sleep 300 halt -d -f $netdown $poweroff $hddown
# vi /etc/fstab /dev/sda4 /mnt/disk1 ext3 defaults 1 1 # mkdir /mnt/disk1 # mount /dev/sda4 /mnt/disk1 # mkdir /mnt/disk1/share # chmod 777 /mnt/disk1/share # apt-get install samba # mv /etc/samba/smb.conf /etc/samba/smb.conf.org # vi /etc/samba/smb.conf # # smb.conf # [global] # Default Settings workgroup = WORKGROUP server string = %h server dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes map to guest = bad user # Custom Settings unix charset = UTF-8 dos charset = CP932 netbios name = KUROBOX-PRO guest account = nobody null passwords = yes [printers] # Default Settings comment = All Printers browseable = no path = /var/spool/samba printable = yes guest ok = no read only = yes create mask = 0700 [print$] # Default Settings comment = Printer Drivers path = /var/lib/samba/printers browseable = yes read only = yes guest ok = no [homes] # Default Settings comment = Home Directories browseable = no read only = yes create mask = 0700 directory mask = 0700 valid users = %S [share] comment = KURO-BOX Local Drive. path = /mnt/disk1/share guest ok = yes writable = yes # /etc/init.d/samba restart
# apt-get install fail2ban # vi /etc/fail2ban/jail.conf ignoreip = 127.0.0.1/8 192.168.0.0/24 bantime = 3600 backend = gamin # /etc/init.d/fail2ban restart # iptables -L libkmod: ERROR ../libkmod/libkmod.c:554 kmod_search_moddep: could not open moddep file '/lib/modules/3.3.4-88f6281/modules.dep.bin' iptables v1.4.14: can't initialize iptables table `filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded.
# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain fail2ban-ssh (1 references) target prot opt source destination DROP all -- 115.230.126.149 anywhere RETURN all -- anywhere anywhere
# vi /etc/fail2ban/action.d/iptables-multiport.conf actionstart = iptables -N fail2ban-<name> iptables -A fail2ban-<name> -j RETURN iptables -I <chain> -p <protocol> -m multiport --dports <port> -j fail2ban-<name> + cat /etc/fail2ban/ip.blacklist | while read IP; do iptables -I fail2ban-<name> 1 -s $IP -j DROP; done # vi /etc/fail2ban/ip.blacklist 115.0.0.0/8 223.0.0.0/8 : # service fail2ban restart
# vi /etc/exim4/update-exim4.conf.conf dc_local_interfaces='127.0.0.1 ; ::1' ↓ dc_local_interfaces='127.0.0.1'