Jump to content

Meccep45

Forum Members
  • Posts

    132
  • Joined

  • Last visited

Posts posted by Meccep45

  1. в пакете 10.9.8-MariaDB есть ошибка, не запускается mysql_upgrade. пишет ошибку FATAL ERROR: Can't execute 'mariadb-check' .

    ссылается на mariadb-check, а в системе есть симлинк на mariadbcheck. временный метод решения создать симлинк

    ln -sf /opt/bin/mysqlcheck /opt/bin/mariadb-check

    mysql_upgrade снова работает.

    • Upvote 1
  2. переустановил свежий entware, из резервной копии скопировал файлы настройки. а PtokaX не запустился. думал файлы испорчены. запустил PtokaX -m а мне в ответ Bus error, и в файл лога debug.log написал Tue 19 Mar 2024 12:06:23 PM MSK - [ERR] Cannot open Profiles.pxb in ProfileManager::Load.

  3. 17 часов назад, Rbuha сказал:

    Ultra kn18-11

    Устанавливаю nginx, а конфига нет не в /opt/etc/ не в /opt/etc/nginx/

    Его нужно создавать самому?

      Показать содержимое

    image.png.d8e382851fa022d94272917ef84a954d.png

     

    при установке должен был подтянуться зависимый пакет nginx-ssl, судя по сроке Depends: libc, libssp, librt, libpthread, nginx-ssl но не подтянул.

  4. 37 минут назад, krass сказал:

    Модель роутера. версия прошивки. конфиг...это минимум

    ультра сервер и гига2 клиент (2.16.D.12.0-8 черныши)

    Скрытый текст
    access-list _WEBADMIN_IPSEC_VirtualIPServer
        permit ip 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0
    ! 
    access-list _WEBADMIN_IPSEC_VPNL2TPServer
        permit udp 0.0.0.0 0.0.0.0 port eq 1701 0.0.0.0 0.0.0.0
    ! 
    crypto engine hardware
    crypto ike key VirtualIPServer ns3 здесь_был_ключ any
    crypto ike proposal VirtualIPServer
        encryption aes-cbc-128
        encryption aes-cbc-256
        dh-group 2
        dh-group 20
        dh-group 19
        dh-group 14
        integrity sha1
    !
    crypto ike proposal VPNL2TPServer
        encryption 3des
        encryption des
        encryption aes-cbc-128
        encryption aes-cbc-256
        dh-group 2
        dh-group 1
        dh-group 20
        dh-group 19
        dh-group 14
        integrity sha1
        integrity sha256
        integrity md5
    !
    crypto ike policy VirtualIPServer
        proposal VirtualIPServer
        lifetime 28800
        mode ikev1
        negotiation-mode main
    !
    crypto ike policy VPNL2TPServer
        proposal VPNL2TPServer
        lifetime 28800
        mode ikev1
        negotiation-mode main
    !
    crypto ipsec transform-set VirtualIPServer
        cypher esp-aes-128
        hmac esp-sha1-hmac
        lifetime 28800
    !
    crypto ipsec transform-set VPNL2TPServer
        cypher esp-aes-128
        cypher esp-3des
        cypher esp-des
        hmac esp-sha1-hmac
        hmac esp-sha256-hmac
        hmac esp-md5-hmac
        lifetime 28800
    !
    crypto ipsec profile VirtualIPServer
        dpd-interval 20 3
        dpd-clear
        identity-local fqdn mykeenetic.net
        match-identity-remote any
        authentication-local pre-share
        authentication-remote pre-share
        mode tunnel
        policy VirtualIPServer
        xauth server
    !
    crypto ipsec profile VPNL2TPServer
        dpd-interval 20 4
        dpd-clear
        identity-local address 0.0.0.0
        match-identity-remote any
        authentication-local pre-share
        authentication-remote pre-share
        mode transport
        policy VPNL2TPServer
    !
    crypto ipsec mtu auto
    crypto map VPNL2TPServer
        set-peer any
        set-profile VPNL2TPServer
        set-transform VPNL2TPServer
        match-address _WEBADMIN_IPSEC_VPNL2TPServer
        nail-up
        no reauth-passive
        virtual-ip no enable
        l2tp-server range 172.16.2.33 172.16.2.42
        l2tp-server interface Home
        l2tp-server nat
        l2tp-server multi-login
        l2tp-server lcp echo 30 3
        l2tp-server enable
        enable
    !
    crypto map VirtualIPServer
        set-peer any
        set-profile VirtualIPServer
        set-transform VirtualIPServer
        match-address _WEBADMIN_IPSEC_VirtualIPServer
        set-tcpmss 1200
        nail-up
        reauth-passive
        virtual-ip range 172.20.0.1 172.20.0.10
        virtual-ip dns-server 192.168.1.1
        virtual-ip nat
        virtual-ip enable
        l2tp-server lcp echo 30 3
        l2tp-server no enable
        no enable
    !
    

     

    в логе 192.168.1.33 подключился.

    Скрытый текст
    [I] Jun 15 23:26:56 ipsec: 07[IKE] received DPD vendor ID 
    [I] Jun 15 23:26:56 ipsec: 07[IKE] received FRAGMENTATION vendor ID 
    [I] Jun 15 23:26:56 ipsec: 07[IKE] received NAT-T (RFC 3947) vendor ID 
    [I] Jun 15 23:26:56 ipsec: 07[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID 
    [I] Jun 15 23:26:56 ipsec: 07[IKE] 192.168.1.33 is initiating a Main Mode IKE_SA 
    [I] Jun 15 23:26:56 ipsec: 07[CFG] received proposals: IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536, IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_384, IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048, IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536, IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_256, IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024 
    [I] Jun 15 23:26:56 ipsec: [truncated] 07[CFG] configured proposals: IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_768, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_384, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_256, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048, IKE:3DES_CBC/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:3DES_CBC/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_768, IKE:3DES_CBC/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_384, IKE:3DES_CBC/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_256, IKE:3DES_CBC/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:3DES_CBC/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1024, IKE:3DES_CBC/HMAC_MD5_96/PRF_HMAC_MD5/MODP_768, IKE:3DES_CBC/HMAC_MD5_96/PRF_HMAC_MD5/ECP_384, IKE:3DES_CBC/HMAC_MD5_96/PRF_HMAC_MD5/ECP_256, IKE:3DES_CBC/HMAC_MD5_96/PRF_HMAC_MD5/MODP_2048, IKE:DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_768, IKE:DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_384, IKE:DES_CBC/HMAC_SHA1
    [I] Jun 15 23:26:56 ipsec: 07[CFG] selected proposal: IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024 
    [I] Jun 15 23:26:56 ipsec: 07[IKE] sending DPD vendor ID 
    [I] Jun 15 23:26:56 ipsec: 07[IKE] sending FRAGMENTATION vendor ID 
    [I] Jun 15 23:26:56 ipsec: 07[IKE] sending NAT-T (RFC 3947) vendor ID 
    [I] Jun 15 23:26:57 ipsec: 08[IKE] linked key for crypto map '(unnamed)' is not found, still searching 
    [I] Jun 15 23:26:57 ipsec: 06[CFG] looking for pre-shared key peer configs matching 192.168.1.1...192.168.1.33[192.168.1.33] 
    [I] Jun 15 23:26:57 ipsec: 06[CFG] selected peer config "VPNL2TPServer" 
    [I] Jun 15 23:26:57 ipsec: 06[IKE] IKE_SA VPNL2TPServer[2] established between 192.168.1.1[192.168.1.1]...192.168.1.33[192.168.1.33] 
    [I] Jun 15 23:26:57 ipsec: 06[IKE] scheduling reauthentication in 28779s 
    [I] Jun 15 23:26:57 ipsec: 06[IKE] maximum IKE_SA lifetime 28799s 
    [I] Jun 15 23:26:57 ipsec: 14[CFG] received proposals: ESP:AES_CBC=128/HMAC_SHA1_96/NO_EXT_SEQ, ESP:AES_CBC=256/HMAC_SHA1_96/NO_EXT_SEQ, ESP:3DES_CBC/HMAC_SHA1_96/NO_EXT_SEQ 
    [I] Jun 15 23:26:57 ipsec: 14[CFG] configured proposals: ESP:AES_CBC=128/HMAC_SHA1_96/NO_EXT_SEQ, ESP:AES_CBC=128/HMAC_SHA2_256_128/NO_EXT_SEQ, ESP:AES_CBC=128/HMAC_MD5_96/NO_EXT_SEQ, ESP:3DES_CBC/HMAC_SHA1_96/NO_EXT_SEQ, ESP:3DES_CBC/HMAC_SHA2_256_128/NO_EXT_SEQ, ESP:3DES_CBC/HMAC_MD5_96/NO_EXT_SEQ, ESP:DES_CBC/HMAC_SHA1_96/NO_EXT_SEQ, ESP:DES_CBC/HMAC_SHA2_256_128/NO_EXT_SEQ, ESP:DES_CBC/HMAC_MD5_96/NO_EXT_SEQ 
    [I] Jun 15 23:26:57 ipsec: 14[CFG] selected proposal: ESP:AES_CBC=128/HMAC_SHA1_96/NO_EXT_SEQ 
    [I] Jun 15 23:26:57 ipsec: 13[IKE] CHILD_SA VPNL2TPServer{2} established with SPIs c3ba0211_i cf7011a1_o and TS 192.168.1.1/32[udp/l2tp] === 192.168.1.33/32[udp/41200] 
    [W] Jun 15 23:26:57 ndm: IpSec::Configurator: "VPNL2TPServer": IPsec connection to L2TP/IPsec server from "192.168.1.33" is established.
    [I] Jun 15 23:26:57 ndm: IpSec::IpSecNetfilter: start reloading netfilter configuration...
    [I] Jun 15 23:26:58 ndm: IpSec::IpSecNetfilter: netfilter configuration reloading is done.
    [I] Jun 15 23:26:59 kernel: EIP93: build  inbound ESP connection, (SPI=c3ba0211)
    [I] Jun 15 23:26:59 kernel: EIP93: build outbound ESP connection, (SPI=cf7011a1)
    [I] Jun 15 23:26:59 ppp-l2tp: l2tp: new tunnel 29664-53475 created following reception of SCCRQ from 192.168.1.33:41200
    [I] Jun 15 23:26:59 ppp-l2tp: l2tp tunnel 29664-53475 (192.168.1.33:41200): established at 192.168.1.1:1701
    [I] Jun 15 23:26:59 ppp-l2tp: l2tp tunnel 29664-53475 (192.168.1.33:41200): new session 62114-28308 created following reception of ICRQ
    [I] Jun 15 23:26:59 ppp-l2tp: ppp1:: connect: ppp1 <--> l2tp(192.168.1.33:41200 session 29664-53475, 62114-28308)
    [I] Jun 15 23:27:03 ppp-l2tp: ppp1:meccep45: meccep45: authentication succeeded
    [I] Jun 15 23:27:03 ppp-l2tp: l2tp0:meccep45: session started over l2tp session 29664-53475, 62114-28308
    [W] Jun 15 23:27:03 ndm: IpSec::Configurator: "VPNL2TPServer": L2TP/IPsec client "meccep45" connected with address "172.16.2.33" (from "192.168.1.33").
    [I] Jun 15 23:27:11 ndhcps: DHCPINFORM received for 172.16.2.33 from 00:00:00:00:00:00.
    [I] Jun 15 23:27:11 ndhcps: sending INFORM to 00:00:00:00:00:00.

     

    за ним 192.168.1.35 подключиться уже не может.

    Скрытый текст
    [I] Jun 15 23:28:20 ipsec: 14[IKE] received NAT-T (RFC 3947) vendor ID 
    [I] Jun 15 23:28:20 ipsec: 14[IKE] received draft-ietf-ipsec-nat-t-ike vendor ID 
    [I] Jun 15 23:28:20 ipsec: 14[IKE] received draft-ietf-ipsec-nat-t-ike-08 vendor ID 
    [I] Jun 15 23:28:20 ipsec: 14[IKE] received draft-ietf-ipsec-nat-t-ike-07 vendor ID 
    [I] Jun 15 23:28:20 ipsec: 14[IKE] received draft-ietf-ipsec-nat-t-ike-06 vendor ID 
    [I] Jun 15 23:28:20 ipsec: 14[IKE] received draft-ietf-ipsec-nat-t-ike-05 vendor ID 
    [I] Jun 15 23:28:20 ipsec: 14[IKE] received draft-ietf-ipsec-nat-t-ike-04 vendor ID 
    [I] Jun 15 23:28:20 ipsec: 14[IKE] received draft-ietf-ipsec-nat-t-ike-03 vendor ID 
    [I] Jun 15 23:28:20 ipsec: 14[IKE] received draft-ietf-ipsec-nat-t-ike-02 vendor ID 
    [I] Jun 15 23:28:20 ipsec: 14[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID 
    [I] Jun 15 23:28:20 ipsec: 14[IKE] received FRAGMENTATION vendor ID 
    [I] Jun 15 23:28:20 ipsec: 14[IKE] received DPD vendor ID 
    [I] Jun 15 23:28:20 ipsec: 14[IKE] 192.168.1.35 is initiating a Main Mode IKE_SA 
    [I] Jun 15 23:28:20 ipsec: 14[CFG] received proposals: IKE:AES_CBC=256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048, IKE:AES_CBC=256/HMAC_MD5_96/PRF_HMAC_MD5/MODP_2048, IKE:AES_CBC=256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_2048, IKE:AES_CBC=256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1536, IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536, IKE:AES_CBC=256/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1536, IKE:AES_CBC=256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC=256/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1024, IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC=128/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1024, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:3DES_CBC/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1024 
    [I] Jun 15 23:28:20 ipsec: [truncated] 14[CFG] configured proposals: IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_768, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_384, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_256, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048, IKE:3DES_CBC/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:3DES_CBC/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_768, IKE:3DES_CBC/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_384, IKE:3DES_CBC/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_256, IKE:3DES_CBC/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:3DES_CBC/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1024, IKE:3DES_CBC/HMAC_MD5_96/PRF_HMAC_MD5/MODP_768, IKE:3DES_CBC/HMAC_MD5_96/PRF_HMAC_MD5/ECP_384, IKE:3DES_CBC/HMAC_MD5_96/PRF_HMAC_MD5/ECP_256, IKE:3DES_CBC/HMAC_MD5_96/PRF_HMAC_MD5/MODP_2048, IKE:DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_768, IKE:DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_384, IKE:DES_CBC/HMAC_SHA1
    [I] Jun 15 23:28:20 ipsec: 14[CFG] selected proposal: IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024 
    [I] Jun 15 23:28:20 ipsec: 14[IKE] sending DPD vendor ID 
    [I] Jun 15 23:28:20 ipsec: 14[IKE] sending FRAGMENTATION vendor ID 
    [I] Jun 15 23:28:20 ipsec: 14[IKE] sending NAT-T (RFC 3947) vendor ID 
    [I] Jun 15 23:28:23 ipsec: 06[IKE] received retransmit of request with ID 0, retransmitting response 
    [I] Jun 15 23:28:26 ipsec: 13[IKE] received retransmit of request with ID 0, retransmitting response 
    [I] Jun 15 23:28:29 ipsec: 12[IKE] received retransmit of request with ID 0, retransmitting response 
    [I] Jun 15 23:28:50 ipsec: 12[JOB] deleting half open IKE_SA with 192.168.1.35 after timeout 
    [I] Jun 15 23:28:56 ipsec: 09[IKE] message verification failed 
    [I] Jun 15 23:28:56 ipsec: 09[IKE] IKE_SA_INIT request with message ID 0 processing failed 

     

     

  5. VPN-сервер L2TP/IPsec не даёт подключить два устройства сразу.

    роутер сервер + роутер клиент = работает.

    роутер сервер + телефон клиент = работает.

    роутер сервер + роутер клиент + телефон клиент = кто второй, тот не подключится.

    подскажите в чём причина?

  6. ставим opkg install bash, далее создаём два файла touch /opt/etc/bash.bashrc и touch /opt/root/.bashrc с содержимым для bash.bashrc,

    Скрытый текст
    # File: /opt/etc/bash.bashrc
    
    # System-wide .bashrc file for interactive bash shells.
    
    # To enable the settings / commands in this file for login shells as well,
    # this file has to be sourced in /opt/etc/profile.
    
      # set variable identifying the chroot you work in (used in the prompt below)
    	if [ -z "$chroot" ] && [ -r /opt/etc/chroot ]; then
    			chroot=$(cat /opt/etc/chroot)
    	fi
    
    # set a fancy prompt (non-color, overwrite the one in /opt/etc/profile)
    	PS1='${chroot:+($chroot)}\w \$ '
    
    	alias mc="mc -c"
    

     

    а в .bashrc вставим

    Скрытый текст
    # File: ~/.bashrc
    #
    # ~/.bashrc: executed by bash for non-login shells.
    
      # for setting history length see HISTSIZE and HISTFILESIZE in bash
    	HISTSIZE=500
    	HISTFILESIZE=500
    
      # enable color support of ls and also add handy aliases
    	if [ -x /opt/bin/dircolors ]; then
    			test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)"
    			alias ls='ls --color=auto'
    			#alias dir='dir --color=auto'
    			#alias vdir='vdir --color=auto'
    
    			alias grep='grep --color=auto'
    			alias fgrep='fgrep --color=auto'
    			alias egrep='egrep --color=auto'
    	fi
    
      # some more ls aliases
    	alias ll='ls -alF'
    	alias la='ls -A'
    	alias l='ls -CF'
    
      # Alias definitions.
      # You may want to put all your additions into a separate file like
      # ~/.bash_aliases, instead of adding them here directly.
    
    	if [ -f ~/.bash_aliases ]; then
    			. ~/.bash_aliases
    	fi
    

     

    при желании можно сделать третий файл touch /opt/root/.bash_aliases для своих aliases или писать в /opt/root/.bashrc

    вот и всё.

    Скрытый текст

    2023-06-10_05-29-47.thumb.jpg.ec6f6bb4af863bbfb9fffa2c840b5164.jpg

     

    • Thanks 1
    • Upvote 1
  7. В 21.11.2021 в 12:36, TheBB сказал:
    echo "192.168.1.1 Cloud" >> /etc/hosts
    ping -c3 $HOSTNAME
    /opt/etc/init.d/S70mysqld start
    /opt/etc/init.d/S70mysqld status

     

    echo "192.168.1.1 hostname" >> /etc/hosts будет удаляться после перезагрузки.

    я его в crontab, пусть сам записывается через 3 мин после перезагрузки.

    @reboot /opt/bin/sleep 180 && /opt/bin/echo "192.168.1.1 hostname" >> /etc/hosts

  8. 2.16.D.12.0-8 TSMB перестал пускать к диску, и ошибок нет. перезапустил службу, и доступ восстановился. будем наблюдать.

  9. Установил сертификат, а XMail ругается на ssl при подключении к 995 порту.

    +OK <1650311658.1984263296@domen> [XMail 1.27 POP3 Server] service ready; Mon, 18 Apr 2022 22:54:18 +0300
    USER vasya@domen
    +OK Password required for vasya@domen
    PASS Password
    +OK Maildrop has 1 messages (933 bytes)
    LIST
    +OK 1 933
    1 933
    .
    RETR 1
    RENEGOTIATING
    2002581328:error:1420410A:SSL routines:SSL_renegotiate:wrong ssl version:ssl/ssl_lib.c:2142:

     

  10. Удаляем тестовый сервер CtrlClnt -s localhost -u admin -p пароль domaindel xmailserver.test
    Прописываем свой CtrlClnt -s localhost -u admin -p пароль domainadd domain_name
    Заводим пользователя CtrlClnt -s localhost -u admin -p пароль useradd domain_name Vasya пароль U
    Прописываем алиасы CtrlClnt -s localhost -u admin -p пароль aliasadd domain_name root Vasya
    Прописываем алиасы  CtrlClnt -s localhost -u admin -p пароль aliasadd domain_name postmaster Vasya
    Смотрим список доменов CtrlClnt -s localhost -u admin -p пароль domainlist
    Смотрим список пользователей CtrlClnt -s localhost -u admin -p пароль userlist
    Смотрим список алиас CtrlClnt -s localhost -u admin -p пароль aliaslist

    Перезапускаем /opt/etc/init.d/S37XMail restart
    Можем получать и отправлять почту.
    echo -e "Subject: Приветствуем вас\r\n\r\nЭто тестовое сообщение" | sendmail test@gmail.com

    спасибо.

  11. Устанавливаем пакет opkg install xmail
    Создаём каталоги mkdir /opt/var/lib/xmail /opt/var/lib/xmail/MailRoot
    Распаковываем архив tar xvjf /opt/etc/MailRoot.tar.bz2 -C /opt/var/lib/xmail/MailRoot
    Копируем файл запуска cp /opt/var/lib/xmail/MailRoot/xmail /opt/etc/init.d/S37XMail
    Устанавливаем права файлу chmod +x /opt/etc/init.d/S37XMail
    Меняем владельца каталога и под каталогов chown -R nobody:nobody /opt/var/lib/xmail
    Устанавливаем права каталогу chmod -R 700 /opt/var/lib/xmail
    Выполняем XMCrypt password (запоминаем ответ 15041616120a1701)
    Приводим файл запуска /opt/etc/init.d/S37XMail к виду.
    В прошивке finger запущен на 79 порту, меняем порт -Fp 1045 или выключаем совсем заменив на -F-

    Скрытый текст
    #!/bin/sh
    
    XMAIL_ROOT=/opt/var/lib/xmail/MailRoot
    XMAIL_CMD_LINE="-MD 22 -PX 3 -SX 3 -Qn 3 -Yt 3 -Fp 1045 -CX 3 -Ln 3"
    PATH=$XMAIL_ROOT/bin:/opt/sbin:/opt/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
    DAEMON=/opt/bin/XMail
    NAME=XMail
    DESC="XMail Server"
    
    test -f $DAEMON || exit 0
    
    set -e
    ulimit -c 10000
    ulimit -s 128
    
    start_xmail()
    {
    		MAIL_ROOT=$XMAIL_ROOT
    		export MAIL_ROOT
    		MAIL_CMD_LINE=$XMAIL_CMD_LINE
    		export MAIL_CMD_LINE
    		XMAIL_PID_DIR=/opt/var/run
    		export XMAIL_PID_DIR 
    		rm -f /opt/var/run/$NAME.pid
    		$DAEMON
    		while [ ! -f /opt/var/run/$NAME.pid ]
    		do
    				sleep 1
    		done
    }
    
    stop_xmail()
    {
    		if [ -f /opt/var/run/$NAME.pid ]
    		then
    			echo `date` > $XMAIL_ROOT/.shutdown
    			kill -INT `cat /opt/var/run/$NAME.pid`
    			while [ -f $XMAIL_ROOT/.shutdown ]
    			do
    				sleep 1
    			done
    		fi
    }
    
    
    case "$1" in
    	start)
    			echo -n "Starting $DESC: "
    			start_xmail
    			echo "$NAME.[" `cat /opt/var/run/$NAME.pid` "]"
    	;;
    	stop)
    			echo -n "Stopping $DESC: "
    			stop_xmail
    			echo "$NAME."
    	;;
    	restart|force-reload)
    			echo -n "Restarting $DESC: "
    			stop_xmail
    			sleep 3
    			start_xmail
    			echo "$NAME.[" `cat /opt/var/run/$NAME.pid` "]"	
    	;;
    	*)
    	N=/opt/etc/init.d/S37$NAME
    	echo "Usage: $N {start|stop|restart|force-reload}" >&2
    	exit 1
    	;;
    esac
    
    exit 0
    

     

    Для отправки через /opt/bin/sendmail
    Создаём каталог mkdir /opt/libexec и симлинк ln -sf /opt/bin/sendmail /opt/libexec/sendmail.xmail
    Сделаем скрипт в каталоге /opt/libexec с названием sendmail.xmail.sh и симлинк ln -sf /opt/libexec/sendmail.xmail.sh /opt/sbin/sendmail

    Скрытый текст
    #!/bin/sh
    
    export DEFAULT_DOMAIN="domain_name"
    	if [ -z $MAIL_ROOT ];
    	then
    export MAIL_ROOT=/opt/var/lib/xmail/MailRoot
    	fi
    /opt/libexec/sendmail.xmail $*

     

    Приводим файл /opt/var/lib/xmail/MailRoot/ctrlaccounts.tab к виду, где псевдоним "admin" и зашифрованый пароль XMCrypt "15041616120a1701".
    Используется [TAB], а не пробел.

    Скрытый текст
    "admin"	"15041616120a1701"

     

    Приводим файл /opt/var/lib/xmail/MailRoot/ctrl.ipmap.tab к виду

    Скрытый текст
    "0.0.0.0"	"0.0.0.0"	"DENY"	1
    "127.0.0.1"	"255.255.255.255"	"ALLOW"	2
    "192.168.1.0"	"255.255.255.0"	"ALLOW"	3

     

    Приводим файл /opt/var/lib/xmail/MailRoot/smtprelay.tab к виду

    Скрытый текст
    "127.0.0.1"	"255.255.255.255"
    "10.1.30.0"	"255.255.255.0"
    "192.168.1.0"	"255.255.255.0"

     

    Приводим файл /opt/var/lib/xmail/MailRoot/server.tab к виду

    Скрытый текст
    "RootDomain"	"domain_name"
    "SmtpServerDomain"	"reverse_dns"
    "POP3Domain"	"domain_name"
    "HeloDomain"	"domain_name"
    "PostMaster"	"root@domain_name"
    "ErrorsAdmin"	"root@domain_name"

     

    Приведены только нужые строки.
    "domain_name" можно заегистрировать например no-ip, и mx-запись. "reverse_dns" можно посмотреть командой nslookup ip-address.
    Открываем порты 25 и 110 и запускаем новенького /opt/etc/init.d/S37XMail start
    Продолжение следует.

  12. как исправить Socket bind error? подскажите пожалуйста.

    поставил opkg install xmail. распаковал /opt/etc/MailRoot.tar.bz2. переименовал файл xmail в S43xmail, и немого поправил.

    Скрытый текст
    #!/bin/sh
    #
    #skeleton	example file to build /opt/etc/init.d/ scripts.
    #This file should be used to construct scripts for /opt/etc/init.d.
    #
    #Written by Miquel van Smoorenburg <miquels@cistron.nl>.
    #Modified by Davide Libenzi <davidel@xmailserver.org>
    #
    #Version:	@(#)skeleton 1.8 03-Mar-1998 miquels@cistron.nl
    #
    
    XMAIL_ROOT=/opt/var/lib/xmail/MailRoot
    XMAIL_CMD_LINE="-SX 1 -Qn 1 -Yt 1 -Ln 1 -PX 1 -CX 1"
    PATH=$XMAIL_ROOT/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/opt/sbin:/opt/bin
    DAEMON=/opt/bin/XMail
    NAME=XMail
    DESC="XMail Server"
    
    test -f $DAEMON || exit 0
    
    set -e
    ulimit -c 10000
    ulimit -s 128
    
    start_xmail()
    {
        MAIL_ROOT=$XMAIL_ROOT
        export MAIL_ROOT
        MAIL_CMD_LINE=$XMAIL_CMD_LINE
        export MAIL_CMD_LINE
        XMAIL_PID_DIR=/opt/var/run
        export XMAIL_PID_DIR
        rm -f /opt/var/run/$NAME.pid
        $DAEMON
        while [ ! -f /opt/var/run/$NAME.pid ]
        do
            sleep 1
        done
    }
    
    stop_xmail()
    {
        if [ -f /opt/var/run/$NAME.pid ]
        then
            echo `date` > $XMAIL_ROOT/.shutdown
            kill -INT `cat /opt/var/run/$NAME.pid`
            while [ -f $XMAIL_ROOT/.shutdown ]
            do
                sleep 1
            done
        fi
    }
    
    
    case "$1" in
      start)
          echo -n "Starting $DESC: "
          start_xmail
          echo "$NAME.[" `cat /opt/var/run/$NAME.pid` "]"
    	;;
      stop)
          echo -n "Stopping $DESC: "
          stop_xmail
          echo "$NAME."
    	;;
      #reload)
    	#
    	#	If the daemon can reload its config files on the fly
    	#	for example by sending it SIGHUP, do it here.
    	#
    	#	If the daemon responds to changes in its config file
    	#	directly anyway, make this a do-nothing entry.
    	#
    	# echo "Reloading $DESC configuration files."
    	# start-stop-daemon --stop --signal 1 --quiet --pidfile \
    	#	/opt/var/run/$NAME.pid --exec $DAEMON
      #;;
      restart|force-reload)
    	#
    	#	If the "reload" option is implemented, move the "force-reload"
    	#	option to the "reload" entry above. If not, "force-reload" is
    	#	just the same as "restart".
    	#
    	echo -n "Restarting $DESC: "
    	stop_xmail
    	sleep 1
    	start_xmail
            echo "$NAME.[" `cat /opt/var/run/$NAME.pid` "]"
    	;;
      *)
    	N=/opt/etc/init.d/$NAME
    	# echo "Usage: $N {start|stop|restart|reload|force-reload}" >&2
    	echo "Usage: $N {start|stop|restart|force-reload}" >&2
    	exit 1
    	;;
    esac
    
    exit 0
    

     

     

  13. 4 часа назад, ツЛешик сказал:

    А есть актуальная иснтрукция для установки?

    Скрытый текст

    установка пакетов mariadb
    opkg install mariadb-server-extra
    opkg install mariadb-client-extra
    ========================================
    установка базы данных
    mysql_install_db
    ========================================
    запускаем сервис
    /opt/etc/init.d/S70mysqld start
    ========================================
    запускаем скрипт и отвечаем на вопросы
    /opt/bin/mysql_secure_installation
    ========================================
    входим в базу данных
    mysql -u root -p ваш_пароль
    ========================================
    создаём базу даных
    create database название_базы;
    ========================================
    выходим из базы данных
    \q
    ========================================

    нужен раздел swap на диске.

×
×
  • Create New...