Procedure :
FreeBSD 4.x Install
Installing the OS
1. Select "Skip kernel configuration and continue with installation",
and press ENTER
2. Select "Standard" Install, and press ENTER
3. A dialogue box will appear, press ENTER
4. User the cursor to select each partition, pressing "d"
to delete each of them.
5. The interface should show the entire drive available. Press "a"
to use the entire drive.
6. Press "q"
7. Select "Standard", and press ENTER
8. Another dialogue box will appear, press ENTER
9. You are now in the "FreeBSD Dislabel Editor". Press "c"
to create a partition. Type "500m" (for a 500MB partition),
and press ENTER
10. Select "FS", and press ENTER
11. Type "/var", and press ENTER
12. Press "c" to create another partition.
13. Type "500m", and press ENTER
14. Select "FS", and press ENTER
15. Type "/", and press ENTER
16. Press "c" to create another partition.
17. Type "256m" (OR 2 x RAM), and press ENTER
18. Select "Swap", and press ENTER
19. Press "c" to create the last partition.
20. Press ENTER, to select all of the remaining space.
21. Select "FS", and press ENTER
22. Type "/usr", and press ENTER
23. Press "q"
24. Scroll down to "Kern-Developer", and press the SPACE BAR
25. When asked about the ports collection, choose YES
26. Scroll up to EXIT, and press ENTER
27. Select the install method being used, and press ENTER
28. Select the network card (i.e. xl0), and press ENTER
29. Do you want to try IPv6 configuration of the interface? NO
30. Do you want to try DHCP configuration of the interface? NO
31. In the host field, enter "company-mon"
32. Enter the appropriate information in the Network Configuration screen,
then TAB to OK, and press ENTER
33. Next, a dialogue box will appear with, "Last Chance…",
select YES, and press ENTER
34. The files will now be copied and installed on the machine.
35. Eventually, a box will display, saying "Congratulations…",
press ENTER
36. Do you want this machine to function as a network gateway? NO
37. Do you want to configure inetd and simple internet services? NO
38. Do you want to have anonymous FTP access to this machine? NO
39. Do you want to configure this machine as an NFS server? NO
40. Do you want to configure this machine as an NFS client? NO
41. Do you want to select a default security profile…? NO
42. Press ENTER at the next dialogue box
43. Would you like to customize your system console settings? NO
44. Would you like to set this machine's time zone now? YES
45. Is this machine's CMOS clock set to UTC? NO
46. Press "0", and ENTER
47. Select "25", and press ENTER
48. Select "16", and press ENTER
49. Does the abbreviation 'PST' (or PDT) look reasonable? YES
50. Would you like to enable Linux binary compatibility? YES
51. Does this system have a USB mouse attached to it? NO
52. Press "6", and press ENTER
53. Confirm by pressing ENTER
54. Press "x", and press ENTER
55. The FreeBSD package collection…? YES
56. Select INSTALL, and press ENTER
57. Confirm by pressing ENTER
58. Would you like to add any initial user accounts…? YES
59. Select "user", and press ENTER
60. Now enter the following data for the the appropriate fields
LoginID: jetest
UID: 1001
Group: wheel
Password: YourPasswordHere
Full Name: Joe Test User Account
61. TAB to OK, and press ENTER
62. Pres "x", and press ENTER
63. "Now you must set the system manager's…?" PRESS ENTER
64. Enter the root password, and press ENTER (i.e. Ch@n63Me!)
65. Enter the root password again, and press ENTER
66. Visit the general configuration menu for a chance…? NO
67. Press "x"
68. Are you sure you wish to exit?... (Remove all media, then select:)
YES
69. The machine will now reboot.
Install Applications and Securing the OS.
1. Now connect to the machine's IP address, with an SSH client.
2. Type "su", and press ENTER (to become SU = Super User)
3. Enter the SU password
4. cd /usr/ports/net/cvsup-without-gui/
5. Type "make", and press ENTER
6. Type "make install", and press ENTER
7. cd /usr/share/examples/cvsup
8. Create a file called: personal-supfile
9. Copy and paste the following into the file:
10. *default host=cvsup10.FreeBSD.org
*default base=/usr
*default prefix=/usr
*default release=cvs tag=RELENG_4_8
# Or whatever the current release is
# Check: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvs-tags.html
*default delete use-rel-suffix
*default compress
# The easiest way to get the main source tree is to use the "src-all"
# mega-collection. It includes all of the individual "src-*"
collections.
# Please note: If you want to track -STABLE, leave this uncommented.
src-all
11. Save and close personal-supfile
12. cvsup -g -L 2 personal-supfile && cvsup -g -L 2 ports-supfile
(This will take awhile, and depends largely on your connection to the
internet. It will update all the ports and source files on your machine...
the files changed since the CD ISO's were released.)
13. cd /usr/ports/shells/bash2/
14. Type "make", and press ENTER
15. Type "make install", and press ENTER
16. Type "vipw", and press ENTER
17. Go to the end of the 'root' line, and replace "/bin/csh"
with "/usr/local/bin/bash" TO DO THIS: go to the end of the
line, and press the "x" key until the desired letters are
deleted. THEN, press "a" and enter the new parameters. Press
ESC when done with this line.
18. Repeat #17 for "jtest" account.
19. Now type: ":wq", and press ENTER
20. Type "exit", and press ENTER
21. Type "exit", and press ENTER
22. Now reconnect, this resets the shell to "bash".
23. Become SU again
24. type "vi /etc/motd", and press ENTER
25. Move the cursor down to the lines you wish to delete, and press
"dd", when done press ESC
26. Type ":wq", and press ENTER
27. At the prompt, type "vi /etc/inetd.conf", and press ENTER
28. Cursor to a line that you want to comment out, and press "i",
then "#", then ESC
29. cd /usr/ports/net/mrtg/
30. Type "make", and press ENTER
31. Type "make install", and press ENTER
32. cd /usr/ports/security/nmap
33. Type "make", and press ENTER
34. Type "make install", and press ENTER
35. cd /usr/ports/ftp/wget
36. (It may go through several sites before it finally finds the necessary
files.)
37. Type "make", and press ENTER
38. Type "make install", and press ENTER
39. cd /usr/ports/archivers/unzip/
40. Type "make", and press ENTER
41. Type "make install", and press ENTER
42. cd /usr/ports/net/netsaint
43. Type "make", and press ENTER
44. Type "make install", and press ENTER
45. Move the cursor down to "FPing", press SPACEBAR
46. Move the cursor down to "NetSNMP", and press SPACEBAR
47. Press TAB, and press ENTER
48. Press ENTER to continue
49. Enter the IT Help Desk email for the client
50. Enter the Location of the system
51. Press ENTER to accept the default log location
52. Press ENTER to accept the default library location
53. "You need a group 'netsaint'. Would you like to create it?"
Y
54. "You need a user 'netsaint'. Would you like me to create it?"
Y
55. chmod 755 /usr/local/etc/rc.d/netsaint.sh
56. cd /usr/ports/www/apache13-modssl/
57. Type "make", and press ENTER
58. Type "make certificate TYPE=custom" and press ENTER
59. Press ENTER, to accept the default signature algorithm
60. Type "US", and press ENTER
61. Type "YourState", and press ENTER
62. Type "YourCity", and press ENTER
63. Type "Joe Test", and press ENTER
64. Press ENTER to accept the default
65. Type "Joe TestCA", and press ENTER
66. Type support@YourDomainName.com, and press ENTER
67. Press ENTER to accept 365
68. Press ENTER to accept the default certificate version
69. Type "US", and press ENTER
70. Type "YourSate", and press ENTER
71. Type "YourCity", and press ENTER
72. Type "Joe Test", and press ENTER
73. Type "Monitoring Team", and press ENTER
74. Type the FQDN, and press ENTER
75. Type support@YourDomainName.com, and press ENTER
76. Press ENTER to accept default, 365 days
77. Press ENTER to accept the default certificate version
78. Press "n", and then ENTER
79. Press "n', and then ENTER
80. Type "make install", and press ENTER
81. Type "vi /etc/rc.conf"
82. Cursor down to the end of the file
83. Type "o"
84. Type:
ntpdate_flags="ntp.ucsd.edu"
ntpdate_enable="YES"
85. Press ESC, and type ":wq"
Configuring Applications
-Apache
1. vi /etc/hosts
2. Move the cursor down to 127.0.0.1 …
3. Type "o", to start a new line
4. Insert the IP address and host name, following the example above
your typing.
(i.e. 10.3.16.32 joetest-mon joetest-mon.YourDomainName.com)
5. Type ":wq" to save and quit
6. vi /usr/local/etc/apache/httpd.conf
7. Type "/Listen 80"
8. Type "i", to insert… then "#", to comment
the line out. (i.e. #Listen 80) This disables port 80, unsecure web
traffic.
9. Type "/ServerAdmin"
10. Edit Email address to read: support@YourDomainName.com
11. Type "/ServerName"
12. Type "o", to begin a new line
13. Type "ServerName joetest-mon.YourDomainName.com"
14. Type ":wq", to save and quit the document
15. At the command prompt, type "/usr/local/etc/rc.d/apache.sh
start"
16. Now use a web browser to go to: https://joetest-mon.YourDomainName.com
-NetSaint
1. cd /usr/local/etc/netsaint
2. cp commands.cfg.dist commands.cfg
3. cp hosts.cfg.dist hosts.cfg
4. cp netsaint.cfg.dist netsaint.cfg
5. cp nscgi.cfg.dist nscgi.cfg
6. cp resource.cfg.dist resource.cfg
7. vi commands.cfg
8. Add the following line:
command[check_nfs]=$USER1$/check_rpc $HOSTADDRESS$ -C nfs
9. Add the following line:
command[check_pinge]=$USER1$/check_ping $HOSTADDRESS$ -w $ARG1$ -c $ARG2$
-p 5
10. Save and close the file
11. vi netsaint.cfg
12. Type "/log_rotation", and press ENTER
13. Replace the "n" with a "m". This can be done,
by placing the cursor over the n, and they typing "r" and
"m".. then ESC
14. Press ESC
15. Type ":wq"
16. vi nscgi.cfg
17. Type "/system_information"
18. Type "yy", and then "p". This will copy the
line
19. Place the cursor over the # of the new line, and type "x"
20. Remove the usernames, and add: jtest,client
21. Press ESC
22. Type "/configuration_information"
23. Type "yy", and then "p". This will copy the
line
24. Place the cursor over the # of the new line, and type "x"
25. Remove the usernames, and add: jtest
26. Type "/all_services"
27. Type "yy", and then "p". This will copy the
line
28. Place the cursor over the # of the new line, and type "x"
29. Remove the usernames, and add: jtest,client
30. Type "/all_hosts"
31. Type "yy", and then "p". This will copy the
line
32. Place the cursor over the # of the new line, and type "x"
33. Remove the usernames, and add: jtest,client
34. Type "/all_service"
35. Type "yy", and then "p". This will copy the
line
36. Place the cursor over the # of the new line, and type "x"
37. Remove the usernames, and add: jtest
38. Type "/all_host"
39. Type "yy", and then "p". This will copy the
line
40. Place the cursor over the # of the new line, and type "x"
41. Remove the usernames, and add: jtest
42. Press ESC
43. Uncomment the line with "netsaint_check_command…"
44. Search for "90" and replace with "30"
45. Type ":wq", and press ENTER
46. vi netsaint.cfg
47. Change check_external_commands=0 (to 1)
48. Save and close the file
49. vi hosts.cfg
50. Type "/novell1", and press ENTER
51. Delete all but one of the listed hosts with the "dd" command
52. Change each of the attributes to match that of the hosts that need
to be monitored.
Change BOLD sections:
host[joetest-mon]=Digital Appliance Monitoring Server;127.0.0.1;;check-host-alive;10;120;24x7;1;1;1;
53. Remove "hostgroup" lines, except the first one.
54. Edit the remaining line, with the appropriate information:
hostgroup[monitoring-servers]=All Monitoring Servers;monitoring-admins;joetest-mon
55. Scroll down to the "contact" configuration.
56. Delete the listed contacts. Copy and paste the following:
contact[jtest]=JTest Support User;24x7;24x7;1;1;1;1;1;1;notify-by-email;host-notify-by-email
;support@YourDomainName.com;
57. Scroll down to the "contact group" configuration.
58. Edit the lines to duplicate:
contactgroup[monitoring-admins]=Monitoring Administrators;jtest
59. Create new services, using existing ones as templates
i.e.:
service[joetest-mon]=SMTP;0;24x7;3;3;1;monitoring-admins;120;24x7;1;1;1;;check_smtp
service[joetest-mon]=PING;0;24x7;3;5;1;monitoring-admins;120;24x7;1;1;0;;check_ping
60. Remove excess services
61. Press ESC
62. Type ":wq" to save and quit
63. At the prompt type: "/usr/local/etc/rc.d/netsaint.sh start"
64. vi /usr/local/etc/apache/httpd.conf
65. Search for "public_html"
66. After the above definition, add these lines:
Alias /netsaint/ /usr/local/share/netsaint/
ScriptAlias /cgi-bin/netsaint/ /usr/local/share/netsaint/sbin/
<Directory /usr/local/share/netsaint/sbin/>
AllowOverride AuthConfig
order allow,deny
allow from all
Options ExecCGI
</Directory>
<Directory /usr/local/share/netsaint/>
AllowOverride AuthConfig
order allow,deny
allow from all
</Directory>
67. Now save and exit the document
68. cd /usr/local/share/netsaint/sbin
69. vi .htaccess
70. Paste the following:
AuthName "NetSaint Access"
AuthType Basic
AuthUserFile /usr/local/etc/netsaint/htpasswd.users
require valid-user
71. Save and close the document
72. At the command prompt, type:
htpasswd -c /usr/local/etc/netsaint/htpasswd.users jtest
73. Enter the password twice
74. At the command prompt, type:
htpasswd /usr/local/etc/netsaint/htpasswd.users client
75. Enter "monitor" twice
76. vi /etc/group
77. netsaint:*:(some number):root,netsaint
78. Save and close
79. chown -R netsaint /usr/local/var/netsaint/rw/
80. chgrp -R netsaint /usr/local/var/netsaint/rw/
81. chmod 777 /usr/local/var/netsaint/rw/netsaint.cmd
82. cd /home/jtest
83. mkdir temp
84. cd temp
85. wget http://www.netsaint.org/download/contrib/images/didier-icons.tgz
86. wget http://www.netsaint.org/download/contrib/images/remus-icons.tar.gz
87. wget http://www.netsaint.org/download/contrib/images/satrapa-icons.tar.gz
88. wget http://www.netsaint.org/download/contrib/images/werschler-icons.tar.gz
89. wget http://www.netsaint.org/download/contrib/images/netsaint-win-logos.tar.gz
90. wget http://www.netsaint.org/download/contrib/images/netapp.zip
91. unzip netapp.zip -d /usr/local/share/netsaint/images/logos/
92. gunzip *.gz
93. gunzip *.tgz
94. tar xvf remus-icons.tar -C /usr/local/share/netsaint/images/logos/
95. tar xvf satrapa-icons.tar -C /usr/local/share/netsaint/images/logos/
96. tar xvf werschler-icons.tar -C /usr/local/share/netsaint/images/logos/
97. tar xvf didier-icons.tar -C /usr/local/share/netsaint/images/logos/
98. mv /usr/local/share/netsaint/images/logos/my_logos/*.* /usr/local/share/netsaint/images/logos
99. tar xvf netsaint-win-logos.tar -C /usr/local/share/netsaint/images/logos/
100. rmdir /usr/local/share/netsaint/images/logos/my_logos
-QMail
1. Edit /etc/rc.conf so: sendmail_enable="NO"
2. cd /usr/ports/mail/qmail
3. Type "make" and press ENTER
4. Type "make install" and press ENTER
5. Type "make disable-sendmail" and press ENTER
6. Type "make enable-qmail" and press ENTER
7. cp /var/qmail/boot/proc+df /var/qmail/rc
8. cd /var/qmail/control
9. vi me
10. Add your FQDN (i.e. joetest-mon.YourDomainName.com)
11. Save and close the document
12. /var/qmail/rc start (Starts the QMail daemon)
You should now take a look at: View
MRTG with Apache
|