Virus Scanning for your FreeNAS
As you all know I love my freeNAS, it’s an excellent platform with all kinds of amazing features. The problem is that it’s still lacking in some little ways.
One way is “antivirus”
So, here’s my howto for anti virus for FreeNAS. If you have an “embedded” freeNAS, you may have to move all the installed files to your mounted drives and symlink them using a startup script. (i’ll cover this if there’s demand)
First, ssh to your NAS and get it’s release, mine looks like this:
freenas:~# uname -a FreeBSD freenas.local 7.2-RELEASE-p4 FreeBSD 7.2-RELEASE-p4 #0: Fri Oct 16 16:45:05 UTC 2009 root@vmbsd72i386:/usr/obj/freenas/usr/src/sys/FREENAS-i386 i386
This just tells me that i’m using 7.2-release. Then I go to the freebsd ftp site to find the packages. The main tree is here ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/
in the “packages-7.2-release” i can find the “security” directory, and finally clamav*.tbz.
ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.2-release/security/clamav-0.95.1.tbz
Now, download it, while you’re at it you should download all the archive libraries that it uses:
unzoo (ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.2-release/All/unzoo-4.4_2.tbz)
lha (ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.2-release/All/lha-1.14i_6.tbz)
arj (ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.2-release/All/arj-3.10.22_1.tbz)
arc (ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.2-release/All/arc-5.21o_1.tbz)
Then install them in the order above, I do it by command line, but you can use the “system | packages” menu on the FreeNAS WebGUI.
freenas:/mnt/default# pkg_add -v unzoo-4.4_2.tbz Requested space: 67K bytes, free space: 808M bytes in /var/tmp/instmp.OrlWwG extract: Package name is unzoo-4.4_2 extract: CWD to /usr/local extract: /usr/local/bin/unzoo extract: /usr/local/man/man1/unzoo.1.gz extract: CWD to . Running mtree for unzoo-4.4_2.. mtree -U -f +MTREE_DIRS -d -e -p /usr/local >/dev/null Attempting to record package into /var/db/pkg/unzoo-4.4_2.. Package unzoo-4.4_2 registered in /var/db/pkg/unzoo-4.4_2 freenas:/mnt/default# pkg_add -v lha-1.14i_6.tbz Requested space: 135K bytes, free space: 807M bytes in /var/tmp/instmp.RpvEQj extract: Package name is lha-1.14i_6 extract: CWD to /usr/local extract: /usr/local/bin/lha extract: /usr/local/man/ja/man1/lha.1.gz extract: CWD to . Running mtree for lha-1.14i_6.. mtree -U -f +MTREE_DIRS -d -e -p /usr/local >/dev/null Attempting to record package into /var/db/pkg/lha-1.14i_6.. Package lha-1.14i_6 registered in /var/db/pkg/lha-1.14i_6 freenas:/mnt/default# pkg_add -v arj-3.10.22_1.tbz Requested space: 906K bytes, free space: 807M bytes in /var/tmp/instmp.jzBJSj extract: Package name is arj-3.10.22_1 extract: CWD to /usr/local extract: /usr/local/bin/arj extract: /usr/local/bin/arj-register extract: /usr/local/bin/arjdisp extract: /usr/local/bin/rearj extract: /usr/local/lib/arj/arjcrypt.so extract: /usr/local/man/man1/arj-register.1.gz extract: /usr/local/man/man1/arj.1.gz extract: /usr/local/man/man1/arjdisp.1.gz extract: /usr/local/man/man1/rearj.1.gz extract: /usr/local/share/doc/arj/COPYING extract: /usr/local/share/doc/arj/arjl.txt extract: /usr/local/share/doc/arj/arjs.txt extract: /usr/local/share/doc/arj/debug.txt extract: /usr/local/share/doc/arj/history.txt extract: /usr/local/share/doc/arj/readme.txt extract: /usr/local/share/doc/arj/unix.txt extract: CWD to . Running mtree for arj-3.10.22_1.. mtree -U -f +MTREE_DIRS -d -e -p /usr/local >/dev/null Attempting to record package into /var/db/pkg/arj-3.10.22_1.. Package arj-3.10.22_1 registered in /var/db/pkg/arj-3.10.22_1 freenas:/mnt/default# pkg_add -v arc-5.21o_1.tbz Requested space: 180K bytes, free space: 807M bytes in /var/tmp/instmp.0SwLN2 extract: Package name is arc-5.21o_1 extract: CWD to /usr/local extract: /usr/local/bin/arc extract: /usr/local/bin/marc extract: /usr/local/man/man1/arc.1.gz extract: /usr/local/share/doc/arc/Arc521.doc extract: CWD to . Running mtree for arc-5.21o_1.. mtree -U -f +MTREE_DIRS -d -e -p /usr/local >/dev/null Attempting to record package into /var/db/pkg/arc-5.21o_1.. Package arc-5.21o_1 registered in /var/db/pkg/arc-5.21o_1
And finally:
freenas:/mnt/default# pkg_add -v clamav-0.95.1.tbz Requested space: 5327K bytes, free space: 807M bytes in /var/tmp/instmp.CKrsuO Package 'clamav-0.95.1' depends on 'unzoo-4.4_2' with 'archivers/unzoo' origin. - already installed. Package 'clamav-0.95.1' depends on 'lha-1.14i_6' with 'archivers/lha' origin. - already installed. Package 'clamav-0.95.1' depends on 'arj-3.10.22_1' with 'archivers/arj' origin. - already installed. Package 'clamav-0.95.1' depends on 'arc-5.21o_1' with 'archivers/arc' origin. - already installed. Running pre-install for clamav-0.95.1.. => Added group "clamav". pw: unknown group `mail' => Added user "clamav". extract: Package name is clamav-0.95.1 extract: CWD to /usr/local extract: /usr/local/man/man1/clamconf.1.gz extract: /usr/local/man/man1/clamscan.1.gz extract: /usr/local/man/man1/freshclam.1.gz extract: /usr/local/man/man1/sigtool.1.gz extract: /usr/local/man/man1/clamdscan.1.gz extract: /usr/local/man/man1/clamdtop.1.gz extract: /usr/local/man/man5/clamd.conf.5.gz extract: /usr/local/man/man5/freshclam.conf.5.gz extract: /usr/local/man/man8/clamd.8.gz extract: /usr/local/man/man8/clamav-milter.8.gz extract: /usr/local/bin/clamav-config extract: /usr/local/bin/clamconf extract: /usr/local/bin/clamdtop extract: /usr/local/bin/clamscan extract: /usr/local/bin/clamdscan extract: /usr/local/bin/freshclam extract: /usr/local/bin/sigtool extract: /usr/local/sbin/clamd extract: /usr/local/include/clamav.h extract: /usr/local/include/clamav-config.h extract: /usr/local/lib/libclamav.a extract: /usr/local/lib/libclamav.la extract: /usr/local/lib/libclamav.so extract: /usr/local/lib/libclamav.so.6 extract: /usr/local/lib/libclamunrar.a extract: /usr/local/lib/libclamunrar.la extract: /usr/local/lib/libclamunrar.so extract: /usr/local/lib/libclamunrar.so.6 extract: /usr/local/lib/libclamunrar_iface.a extract: /usr/local/lib/libclamunrar_iface.la extract: /usr/local/lib/libclamunrar_iface.so extract: /usr/local/lib/libclamunrar_iface.so.6 extract: /usr/local/libdata/pkgconfig/libclamav.pc extract: /usr/local/etc/clamd.conf.default extract: execute '[ -f /usr/local/etc/clamd.conf ] || cp /usr/local/etc/clamd.conf.default /usr/local/etc/clamd.conf' extract: /usr/local/etc/freshclam.conf.default extract: execute '[ -f /usr/local/etc/freshclam.conf ] || cp /usr/local/etc/freshclam.conf.default /usr/local/etc/freshclam.conf' extract: execute '/sbin/ldconfig -m /usr/local/lib' extract: /usr/local/share/doc/clamav/ChangeLog extract: /usr/local/share/doc/clamav/NEWS extract: /usr/local/share/doc/clamav/html/clamdoc.css extract: /usr/local/share/doc/clamav/html/clamdoc.html extract: /usr/local/share/doc/clamav/html/contents.png extract: /usr/local/share/doc/clamav/html/footnode.html extract: /usr/local/share/doc/clamav/html/img1.png extract: /usr/local/share/doc/clamav/html/img2.png extract: /usr/local/share/doc/clamav/html/img3.png extract: /usr/local/share/doc/clamav/html/img4.png extract: /usr/local/share/doc/clamav/html/index.html extract: /usr/local/share/doc/clamav/html/next.png extract: /usr/local/share/doc/clamav/html/next_g.png extract: /usr/local/share/doc/clamav/html/node1.html extract: /usr/local/share/doc/clamav/html/node10.html extract: /usr/local/share/doc/clamav/html/node11.html extract: /usr/local/share/doc/clamav/html/node12.html extract: /usr/local/share/doc/clamav/html/node13.html extract: /usr/local/share/doc/clamav/html/node14.html extract: /usr/local/share/doc/clamav/html/node15.html extract: /usr/local/share/doc/clamav/html/node16.html extract: /usr/local/share/doc/clamav/html/node17.html extract: /usr/local/share/doc/clamav/html/node18.html extract: /usr/local/share/doc/clamav/html/node19.html extract: /usr/local/share/doc/clamav/html/node2.html extract: /usr/local/share/doc/clamav/html/up.png extract: /usr/local/share/doc/clamav/html/node20.html extract: /usr/local/share/doc/clamav/html/node21.html extract: /usr/local/share/doc/clamav/html/node22.html extract: /usr/local/share/doc/clamav/html/node23.html extract: /usr/local/share/doc/clamav/html/node24.html extract: /usr/local/share/doc/clamav/html/node25.html extract: /usr/local/share/doc/clamav/html/node26.html extract: /usr/local/share/doc/clamav/html/node27.html extract: /usr/local/share/doc/clamav/html/node28.html extract: /usr/local/share/doc/clamav/html/node29.html extract: /usr/local/share/doc/clamav/html/node3.html extract: /usr/local/share/doc/clamav/html/node30.html extract: /usr/local/share/doc/clamav/html/node31.html extract: /usr/local/share/doc/clamav/html/node32.html extract: /usr/local/share/doc/clamav/html/node33.html extract: /usr/local/share/doc/clamav/html/node34.html extract: /usr/local/share/doc/clamav/html/node35.html extract: /usr/local/share/doc/clamav/html/node36.html extract: /usr/local/share/doc/clamav/html/node37.html extract: /usr/local/share/doc/clamav/html/node38.html extract: /usr/local/share/doc/clamav/html/node39.html extract: /usr/local/share/doc/clamav/html/node4.html extract: /usr/local/share/doc/clamav/html/node40.html extract: /usr/local/share/doc/clamav/html/node41.html extract: /usr/local/share/doc/clamav/html/node42.html extract: /usr/local/share/doc/clamav/html/node43.html extract: /usr/local/share/doc/clamav/html/node44.html extract: /usr/local/share/doc/clamav/html/node45.html extract: /usr/local/share/doc/clamav/html/node46.html extract: /usr/local/share/doc/clamav/html/node47.html extract: /usr/local/share/doc/clamav/html/node48.html extract: /usr/local/share/doc/clamav/html/node49.html extract: /usr/local/share/doc/clamav/html/node5.html extract: /usr/local/share/doc/clamav/html/node50.html extract: /usr/local/share/doc/clamav/html/node51.html extract: /usr/local/share/doc/clamav/html/node52.html extract: /usr/local/share/doc/clamav/html/node53.html extract: /usr/local/share/doc/clamav/html/node54.html extract: /usr/local/share/doc/clamav/html/node55.html extract: /usr/local/share/doc/clamav/html/node56.html extract: /usr/local/share/doc/clamav/html/node57.html extract: /usr/local/share/doc/clamav/html/node58.html extract: /usr/local/share/doc/clamav/html/node59.html extract: /usr/local/share/doc/clamav/html/node6.html extract: /usr/local/share/doc/clamav/html/node60.html extract: /usr/local/share/doc/clamav/html/node7.html extract: /usr/local/share/doc/clamav/html/node8.html extract: /usr/local/share/doc/clamav/html/node9.html extract: /usr/local/share/doc/clamav/html/prev.png extract: /usr/local/share/doc/clamav/html/prev_g.png extract: /usr/local/share/doc/clamav/html/up_g.png extract: CWD to /usr/local extract: /usr/local/etc/rc.d/clamav-clamd extract: /usr/local/etc/rc.d/clamav-freshclam extract: CWD to . Running mtree for clamav-0.95.1.. mtree -U -f +MTREE_DIRS -d -e -p /usr/local >/dev/null Running post-install for clamav-0.95.1.. Attempting to record package into /var/db/pkg/clamav-0.95.1.. Trying to record dependency on package 'unzoo-4.4_2' with 'archivers/unzoo' origin. Trying to record dependency on package 'lha-1.14i_6' with 'archivers/lha' origin. Trying to record dependency on package 'arj-3.10.22_1' with 'archivers/arj' origin. Trying to record dependency on package 'arc-5.21o_1' with 'archivers/arc' origin. Package clamav-0.95.1 registered in /var/db/pkg/clamav-0.95.1
All Installed. Happy.
Update your “clam” database using /usr/local/bin/freshclam and ta-da :) nice virus scanner.
freenas:/mnt/default# /usr/local/bin/freshclam ClamAV update process started at Wed Dec 16 16:08:26 2009 WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.95.1 Recommended version: 0.95.3 DON'T PANIC! Read http://www.clamav.net/support/faq Downloading main.cvd [100%] main.cvd updated (version: 51, sigs: 545035, f-level: 42, builder: sven) Downloading daily.cvd [100%] daily.cvd updated (version: 10187, sigs: 132586, f-level: 44, builder: arnaud) WARNING: Your ClamAV installation is OUTDATED! WARNING: Current functionality level = 42, recommended = 44 DON'T PANIC! Read http://www.clamav.net/support/faq Database updated (677621 signatures) from database.clamav.net (IP: 208.70.244.158) WARNING: Clamd was NOT notified: Can't connect to clamd through /var/run/clamav/clamd.sock connect(): No such file or directory
I ignore all the errors, it’s because FreeBSDs ports are slightly behind the clam source tree. This isn’t an issue and they’re right “DON’T PANIC!” :)
You can also see that “clamd” is a “clam daemon”, I won’t be covering this here, but if others ask i’ll do a quick one on that too.
Now that my clam is installed, I have to create some CRON jobs.
The first one that I do is the update virus database. Instead of showing my screenshots, I’ll just tell you the command that I used.
/usr/local/bin/freshclam
It automatically logs to “/var/log/clam/freshclam.log” so you don’t need to give it any other info. It’s also worth noting that if the virus database is up to date “freshclam” returns “failure” to cron, and it will look like your cron job failed. Don’t panic, you can go to /var/db/clamav/ and delete the “cvd” files to force it to refresh.
Now I add weekly scan jobs to my “home” directories.
/usr/local/bin/clamscan -ri dir >dir/virusscan.log
I run this one per directory, at staggaring times throughout the day on Sunday. I tried to make sure that it doesn’t interfere with my backup routines.
That about covers it.
Back from the Dead – Fixing Drives in Linux
So as you all know I lost my NAS due to some disk errors.
Sadly, it was actually my flash adapter card (http://www.dealextreme.com/details.dx/sku.711) failed and this caused my FreeNAS to fail.
After much debugging – since this solid state drive seemed like a power supply failing: power turns off a couple seconds after being turned on, turning it on sometimes would do nothing until you unplugged the power supply then plug it back in. (http://hubpages.com/hub/How-to-Tell-When-Computer-Power-Supply-Is-Failing)
Anyway, after figuring it out, I put in an old unlocked X Box hard disk (15 Gb) and that’s now my boot drive. I used the newest version of FreeNAS which allows for a “full install” on a hard disk. (simply boot it up, and use the console menu to install)
Now that I’ve got my FreeNAS server up again, I still have a broken 500Gb drive to fix.
I took the 500Gb drive out and put it in my Ubuntu Linux lab server. I usually use this machine for any experiments that I’m doing and for virtual machines.
Canada computers and a few others have some pretty good deals on 1Tb drives right now. (I got mine for $90.00. http://www.canadacomputers.com/index.php?do=ShowProduct&cmd=pd&pid=024109&cid=HDD.443.877) So this is a good time to upgrade my drive.
I put it into my lab server, and dd’ed the drive to make a complete copy onto my new 1Tb drive.
Now I have a whole bitwise copy of my drive, now the fun part.
I don’t know UFS as well as I know FAT or EXT, so I was hoping to find a utility to help me with the restoration of this drive.
A quick google found me a utility called “testdisk”, (http://www.cgsecurity.org/wiki/TestDisk) and since I have a bitwise copy of my drive, I thought let’s give it a try.
Ran it, it took literally 1 hour to analyze the drive. It was so slow that I almost gave up. However, beer and a night of Simpsons let me relax and let it do its work.
I wish I’d taken screen shots for you, but I was thrilled to find out that it actually worked.
It recognized the UFS filesystem, GFI partition and all. It rewrote the partition table, and dropped me to a command prompt.
I installed “ufsutils” with apt-get install, and ran fsck.ufs on it. fsck did it usual “i found xxx fix?” and the drive was repaired.
I copied the data from the old 500Gb to the new 1Tb, and installed the new 1Tb drive into my FreeNAS server, added the drive, and ta-da it worked.
Back in business.
Now, the new version of FreeNAS has some neat new features that I discovered, the least of which is “/etc/rc.d/transmission blocklist-update” – which makes my old tutorial redundant, and I’ll write an update about that sometime soon :)
This week I’m going to reconfigure it – and I’ll probably write a little tutorial for you all who are interested.
In the meantime, I got my NAS back – and my movies.
Revisit Royale Noir
But, since i’ve been looking at the same page of posts for the last couple of weeks i thought i owe it to you to write something… anything, just to keep you (and me) on our toes.
Since this is something of a revisit but I think it’s quite catching and really a nice personal touch that many of us can use to make our windows boxes just a little more unique.
It’s called “Royale Noir”, a secret hidden XP theme that is only available using a special “luna.msstyles” visual settings file by Microsoft.
Installation is a snap, you just download the royale_noir.zip file that I literally stole from the old “istartedsomething” post (see: http://www.istartedsomething.com/uploads/royale_noir.zip) unzip it into a “royale noir” subdirectory in your “%WINDIR%\resources\themes\” folder, double click on the “luna.msstyles” file and select “Noir” from the colour scheme.
Beautiful.
Royal Noir Display Properties
Burn a CDROM to a friend?
Ever wanted to send your friend a cdrom, but didn’t want to send an iso or whatever? this is for you!
Interesting bash prompts
Sorry I haven’t posted in a while, been busy working on many MANY things. However, I did find this which I find quite intersting
There’s some really cool bash prompts at this site:
http://maketecheasier.com/8-useful-and-interesting-bash-prompts/2009/09/04
In my opinion bash is getting quite large and a bit of a resource hog, for a shell that is; but with all it’s bloat comes some VERY decent features, including the ability to modify your prompt to run small shell scripts and display the output.
The site shows 8 simple examples; but my favorite one displays a happy “^_^” emoticon or a “O_O” emoticon if the last command succeeded or failed:
PS1=“\`if [ \$? = 0 ]; then echo \[\e[33m\]^_^\[\e[0m\]; else echo \[\e[31m\]O_O\[\e[0m\]; fi\`[\u@\h:\w]\\$ “
Google Scripts without Google API
A client I just finished working with had a few applications where they would judge the deployment of a product (a piece of software for example) by using googles output.
They considered any search product with <100,000 results obscure, less than 1,000,000 moderate, 1,000,000 to 100,000,000 significant and greater than that still as broad.
They were doing this by hand.
Searching google and looking at the “Results x- x of about xxxx” section of google search, and using this output to judge the deployment, as I said.
The problem here is that they wanted to script this, but NOT by using google’s api (for legal reasons).
I therefore would have to find a way around.
The easiest way, I could think of, is just capturing the output of the search… But how?
The command line browser “lynx” in unix systems is amazing for this sort of thing. Lynx can render a simple html page and dump it as text (using the -dump parameter)
All I had to do then is wrap it in a nice script that would read the rendered output, and output something meaningful.
You can find the script in my script section called “googleit.py” and “deployment.py”
Restrict a 14 year old from the internet
So I’ve taken a bit of time off – to spend with my son who came to stay with me from the far away place called Orillia.
I’m quite liberal with our computing environment – so he gets his own computer and to be “self regulated” over the Internet. He knows well enough that I have quite a complex network and know all the traffic that travels through our up link to the Internet.
Giving your 14 year old unrestricted internet access has it’s ups and downs. One major down was that he managed to eat my entire Rogers High Speed Internet quota in a matter of 4 days.
That’s right 4 days.
So to limit him, I entered his MAC address in my deny list and he isn’t able to attach to the internet. Easy right? No.
I also have a Wii, which has an Internet connection, and frequently will download updates for itself. My son also loves to play the Wii.
I don’t know exactly where he got the idea, but Suddenly I noticed that my Wii was unplugged, and instead the “Wii” was browsing the Internet, Gigabytes at a time on World of Warcraft, Runescape, uTorrent, and Youtube. A browsing pattern I knew FAR too well.
He went into the Wii’s menu, looked up it’s MAC address, unplugged the Wii, then changed his own MAC address to the Wii’s easily circumventing my restrictions.
Like father like son, I suppose. Now I have to physically log into my OpenBSD server from wherever I am and forcibly unload it’s networking modules with a cron job to reload them when he would be allowed to regain access to the internet.
Video Capture Card Driver Woes
leave a comment »
So lately I’ve been working on copying my old VHS movies to digital format so that my NAS can serve them up to my XBMC.
In my stumbles around the internet I found this really great project.
It seems to include EVERY older Video Capture Card for Windows drivers all into 1 beautiful fast and easy to install package.
Since I don’t use windows, I don’t really have much to do with it, but it’s good for those of you who do.
Fun
http://btwincap.sourceforge.net/
Take a look
Written by ejes
November 4, 2009 at 3:29 pm
Posted in Commentary, Hacking, Neat Stuff/Good Ideas
Tagged with howto, instresting sites, video capture