diff options
| author | Silvino Silva <silvino@bk.ru> | 2019-11-09 00:50:32 +0000 |
|---|---|---|
| committer | Silvino Silva <silvino@bk.ru> | 2019-11-09 00:50:32 +0000 |
| commit | a230f4682823c1032413cd4974f4f3a4a1d6d389 (patch) | |
| tree | 03dea1a7151a6e2b6858979c1f080676725f3b48 /core | |
| parent | 0ea1c51d7926b906818283fd6fd899f11f1d56bb (diff) | |
| download | doc-a230f4682823c1032413cd4974f4f3a4a1d6d389.tar.gz | |
initial update to crux 3.5
Diffstat (limited to 'core')
| -rw-r--r-- | core/conf/iptables/bridge.v4 | 33 | ||||
| -rw-r--r-- | core/conf/iptables/server.v4 | 60 | ||||
| -rw-r--r-- | core/install.html | 18 |
3 files changed, 58 insertions, 53 deletions
diff --git a/core/conf/iptables/bridge.v4 b/core/conf/iptables/bridge.v4 index 4930262..bea9be0 100644 --- a/core/conf/iptables/bridge.v4 +++ b/core/conf/iptables/bridge.v4 @@ -1,34 +1,34 @@ -# Generated by iptables-save v1.8.2 on Fri Jun 28 01:22:10 2019 +# Generated by iptables-save v1.8.2 on Sun Jul 7 23:48:36 2019 *security :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] COMMIT -# Completed on Fri Jun 28 01:22:10 2019 -# Generated by iptables-save v1.8.2 on Fri Jun 28 01:22:10 2019 +# Completed on Sun Jul 7 23:48:36 2019 +# Generated by iptables-save v1.8.2 on Sun Jul 7 23:48:36 2019 *raw -:PREROUTING ACCEPT [2:80] -:OUTPUT ACCEPT [3:4544] +:PREROUTING ACCEPT [0:0] +:OUTPUT ACCEPT [1:2468] COMMIT -# Completed on Fri Jun 28 01:22:10 2019 -# Generated by iptables-save v1.8.2 on Fri Jun 28 01:22:10 2019 +# Completed on Sun Jul 7 23:48:36 2019 +# Generated by iptables-save v1.8.2 on Sun Jul 7 23:48:36 2019 *nat :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] COMMIT -# Completed on Fri Jun 28 01:22:10 2019 -# Generated by iptables-save v1.8.2 on Fri Jun 28 01:22:10 2019 +# Completed on Sun Jul 7 23:48:36 2019 +# Generated by iptables-save v1.8.2 on Sun Jul 7 23:48:36 2019 *mangle -:PREROUTING ACCEPT [2:80] -:INPUT ACCEPT [2:80] +:PREROUTING ACCEPT [0:0] +:INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] -:OUTPUT ACCEPT [3:4544] -:POSTROUTING ACCEPT [2:2292] +:OUTPUT ACCEPT [1:2468] +:POSTROUTING ACCEPT [0:0] COMMIT -# Completed on Fri Jun 28 01:22:10 2019 -# Generated by iptables-save v1.8.2 on Fri Jun 28 01:22:10 2019 +# Completed on Sun Jul 7 23:48:36 2019 +# Generated by iptables-save v1.8.2 on Sun Jul 7 23:48:36 2019 *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] @@ -92,6 +92,7 @@ COMMIT -A FORWARD -d 10.0.0.4/32 -i br0 -o br0 -m physdev --physdev-in enp8s0 -j srv_git_in -A FORWARD -i br0 -o br0 -p tcp -m physdev --physdev-in enp8s0 -m tcp --sport 443 --dport 1024:65535 -j ACCEPT -A FORWARD -d 10.0.0.3/32 -i br0 -o br0 -m physdev --physdev-in enp8s0 -j cli_http_in +-A FORWARD -d 10.0.0.4/32 -i br0 -o br0 -m physdev --physdev-in enp8s0 -j cli_http_in -A FORWARD -i br0 -o br0 -p udp -m udp --sport 520 --dport 519 -j DROP -A FORWARD -i br0 -o br0 -p udp -m udp --sport 520 --dport 520 -j DROP -A FORWARD -j LOG --log-prefix "iptables: FORWARD: " --log-level 7 @@ -220,4 +221,4 @@ COMMIT -A srv_ssh_out -p tcp -m tcp --sport 22 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT -A srv_ssh_out -j RETURN COMMIT -# Completed on Fri Jun 28 01:22:10 2019 +# Completed on Sun Jul 7 23:48:36 2019 diff --git a/core/conf/iptables/server.v4 b/core/conf/iptables/server.v4 index ed202ee..678800b 100644 --- a/core/conf/iptables/server.v4 +++ b/core/conf/iptables/server.v4 @@ -1,34 +1,34 @@ -# Generated by iptables-save v1.8.2 on Sat Jun 8 19:50:25 2019 +# Generated by iptables-save v1.8.3 on Mon Jul 8 00:42:39 2019 *security :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] COMMIT -# Completed on Sat Jun 8 19:50:25 2019 -# Generated by iptables-save v1.8.2 on Sat Jun 8 19:50:25 2019 +# Completed on Mon Jul 8 00:42:39 2019 +# Generated by iptables-save v1.8.3 on Mon Jul 8 00:42:39 2019 *raw :PREROUTING ACCEPT [0:0] -:OUTPUT ACCEPT [0:0] +:OUTPUT ACCEPT [1:132] COMMIT -# Completed on Sat Jun 8 19:50:25 2019 -# Generated by iptables-save v1.8.2 on Sat Jun 8 19:50:25 2019 +# Completed on Mon Jul 8 00:42:39 2019 +# Generated by iptables-save v1.8.3 on Mon Jul 8 00:42:39 2019 *nat :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] COMMIT -# Completed on Sat Jun 8 19:50:25 2019 -# Generated by iptables-save v1.8.2 on Sat Jun 8 19:50:25 2019 +# Completed on Mon Jul 8 00:42:39 2019 +# Generated by iptables-save v1.8.3 on Mon Jul 8 00:42:39 2019 *mangle :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] -:OUTPUT ACCEPT [0:0] +:OUTPUT ACCEPT [1:132] :POSTROUTING ACCEPT [0:0] COMMIT -# Completed on Sat Jun 8 19:50:25 2019 -# Generated by iptables-save v1.8.2 on Sat Jun 8 19:50:25 2019 +# Completed on Mon Jul 8 00:42:39 2019 +# Generated by iptables-save v1.8.3 on Mon Jul 8 00:42:39 2019 *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] @@ -71,26 +71,30 @@ COMMIT :srv_ssh_out - [0:0] -A INPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -j ACCEPT -A INPUT -j blocker --A INPUT -s 212.55.154.174/32 -d 10.0.0.254/32 -i enp8s0 -j cli_dns_in --A INPUT -s 10.0.0.0/8 -d 10.0.0.254/32 -i enp8s0 -j srv_https_in --A INPUT -s 10.0.0.0/8 -d 10.0.0.254/32 -i enp8s0 -j srv_ssh_in --A INPUT -s 10.0.0.0/8 -d 10.0.0.254/32 -i enp8s0 -j srv_git_in --A INPUT -d 10.0.0.254/32 -i enp8s0 -j srv_https_in --A INPUT -d 10.0.0.254/32 -i enp8s0 -j cli_https_in --A INPUT -d 10.0.0.254/32 -i enp8s0 -j srv_ssh_in --A INPUT -d 10.0.0.254/32 -i enp8s0 -j srv_git_in +-A INPUT -s 10.0.0.254/32 -d 10.0.0.4/32 -i ens3 -j cli_dns_in +-A INPUT -s 10.0.0.0/8 -d 10.0.0.4/32 -i ens3 -j srv_https_in +-A INPUT -s 10.0.0.0/8 -d 10.0.0.4/32 -i ens3 -j srv_ssh_in +-A INPUT -s 10.0.0.0/8 -d 10.0.0.4/32 -i ens3 -j srv_git_in +-A INPUT -s 10.0.0.0/8 -d 10.0.0.4/32 -i ens3 -j cli_http_in +-A INPUT -d 10.0.0.4/32 -i ens3 -j srv_https_in +-A INPUT -d 10.0.0.4/32 -i ens3 -j cli_https_in +-A INPUT -d 10.0.0.4/32 -i ens3 -j cli_http_in +-A INPUT -d 10.0.0.4/32 -i ens3 -j srv_ssh_in +-A INPUT -d 10.0.0.4/32 -i ens3 -j srv_git_in -A INPUT -j LOG --log-prefix "iptables: INPUT: " --log-level 7 -A FORWARD -j LOG --log-prefix "iptables: FORWARD: " --log-level 7 -A OUTPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -o lo -j ACCEPT -A OUTPUT -j blocker --A OUTPUT -s 10.0.0.254/32 -d 212.55.154.174/32 -o enp8s0 -j cli_dns_out --A OUTPUT -s 10.0.0.254/32 -d 10.0.0.0/8 -o enp8s0 -j srv_https_out --A OUTPUT -s 10.0.0.254/32 -d 10.0.0.0/8 -o enp8s0 -j srv_ssh_out --A OUTPUT -s 10.0.0.254/32 -d 10.0.0.0/8 -o enp8s0 -j srv_git_out --A OUTPUT -s 10.0.0.254/32 -o enp8s0 -j cli_https_out --A OUTPUT -s 10.0.0.254/32 -o enp8s0 -j srv_https_out --A OUTPUT -d 10.0.0.0/8 -o enp8s0 -j srv_ssh_out --A OUTPUT -d 10.0.0.0/8 -o enp8s0 -j srv_git_out +-A OUTPUT -s 10.0.0.4/32 -d 10.0.0.254/32 -o ens3 -j cli_dns_out +-A OUTPUT -s 10.0.0.4/32 -d 10.0.0.0/8 -o ens3 -j cli_http_out +-A OUTPUT -s 10.0.0.4/32 -d 10.0.0.0/8 -o ens3 -j srv_https_out +-A OUTPUT -s 10.0.0.4/32 -d 10.0.0.0/8 -o ens3 -j srv_ssh_out +-A OUTPUT -s 10.0.0.4/32 -d 10.0.0.0/8 -o ens3 -j srv_git_out +-A OUTPUT -s 10.0.0.4/32 -o ens3 -j cli_https_out +-A OUTPUT -s 10.0.0.4/32 -o ens3 -j cli_http_out +-A OUTPUT -s 10.0.0.4/32 -o ens3 -j srv_https_out +-A OUTPUT -d 10.0.0.0/8 -o ens3 -j srv_ssh_out +-A OUTPUT -d 10.0.0.0/8 -o ens3 -j srv_git_out -A OUTPUT -j LOG --log-prefix "iptables: OUTPUT: " --log-level 7 -A blocker -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -m limit --limit 5/min --limit-burst 7 -j LOG --log-prefix "iptables: drop sync: " --log-level 7 -A blocker -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j DROP @@ -201,4 +205,4 @@ COMMIT -A srv_ssh_out -p tcp -m tcp --sport 22 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT -A srv_ssh_out -j RETURN COMMIT -# Completed on Sat Jun 8 19:50:25 2019 +# Completed on Mon Jul 8 00:42:39 2019 diff --git a/core/install.html b/core/install.html index 1526c12..6ee381b 100644 --- a/core/install.html +++ b/core/install.html @@ -2,20 +2,20 @@ <html dir="ltr" lang="en"> <head> <meta charset='utf-8'> - <title>1.1. Install Crux 3.4</title> + <title>1.1. Install Crux 3.5</title> </head> <body> <a href="index.html">Core OS Index</a> - <h1>1.1. Install Crux 3.4</h1> + <h1>1.1. Install Crux 3.5</h1> - <p>Installation of minimal Crux 3.4 Gnu\Linux system, + <p>Installation of minimal Crux 3.5 Gnu\Linux system, with selected packages from core, opt and contrib ports. Process of installation documented can be executed from iso or from existing gnu\linux installation. Read - <a href="http://crux.nu/Main/Handbook3-4">Hand book 3.4</a>, + <a href="http://crux.nu/Main/Handbook3-5">Hand book 3.4</a>, .</p> <p>If you are booting from crux iso and is not your keyboard @@ -34,10 +34,10 @@ iso from master repo and checks md5sum.</p> <pre> - $ curl -k -O https://serverop.de/crux/crux-3.4/iso/crux-3.4.iso - $ curl -k -O https://serverop.de/crux/crux-3.4/iso/crux-3.4.md5 - $ md5sum crux-3.4.iso - 73bf4d301e2dcfb0636cb7fc2a9e8fde crux-3.4.iso + $ curl -k -O https://serverop.de/crux/crux-3.5/iso/crux-3.5.iso + $ curl -k -O https://serverop.de/crux/crux-3.5/iso/crux-3.5.md5 + $ md5sum crux-3.5.iso + 73bf4d301e2dcfb0636cb7fc2a9e8fde crux-3.5.iso </pre> <h2 id="step2">1.1.2. Prepare target</h2> @@ -240,7 +240,7 @@ <pre> # modprobe isofs # modprobe loop - # mount -o loop crux-3.4.iso $CHROOT/media + # mount -o loop crux-3.5.iso $CHROOT/media </pre> <h2 id="step4">1.1.4. Install Crux</h2> |