FreeBSD: MBMon – CPU Temperature Monitor

Compile mbmon from ports: ports/sysutils/mbmon

Loading process in background mode with tcp output (/etc/rc.conf):

# Mbmon
mbmon_enable=”YES”
mbmon_port=”12999″

Starting process:

/usr/local/etc/rc.d/mbmon start

Testing:

~$ telnet localhost 12999
Trying ::1…
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.

Temp.= 254.0, 38.0, 201.0; Rot.= 135000, 0, 0
Vcore = 1.36, 1.82; Volt. = 3.31, 5.11, 2.31, -14.19, -6.12
Connection closed by foreign host.

Manual mode:

~$ mbmon -A 1

-A -> Check using all supported mode by mbmon
1 -> Sleep 1 sec

Using Lighttpd as Web Server on FreeBSD

Installing httpd from ports:

~# cd /usr/ports/www/lighttpd/
~# make install && make clean

Configuring /usr/local/etc/lighttpd.conf:

server.modules = (
“mod_access”,
“mod_auth”,
“mod_status”,
“mod_accesslog”

)
server.document-root = “/usr/local/www/data/”
server.errorlog = “/var/lighttpd/log/lighttpd.error.log”
index-file.names = ( “index.php”, “index.html”,
“index.htm”, “default.htm” )
server.event-handler = “freebsd-kqueue” # needed on OS X
mimetype.assign = (
“.pdf” => “application/pdf”,
“.sig” => “application/pgp-signature”,
“.spl” => “application/futuresplash”,
“.class” => “application/octet-stream”,
“.ps” => “application/postscript”,
“.torrent” => “application/x-bittorrent”,
“.dvi” => “application/x-dvi”,
“.gz” => “application/x-gzip”,
“.pac” => “application/x-ns-proxy-autoconfig”,
“.swf” => “application/x-shockwave-flash”,
“.tar.gz” => “application/x-tgz”,
“.tgz” => “application/x-tgz”,
“.tar” => “application/x-tar”,
“.zip” => “application/zip”,
“.mp3″ => “audio/mpeg”,
“.m3u” => “audio/x-mpegurl”,
“.wma” => “audio/x-ms-wma”,
“.wax” => “audio/x-ms-wax”,
“.ogg” => “application/ogg”,
“.wav” => “audio/x-wav”,
“.gif” => “image/gif”,
“.jpg” => “image/jpeg”,
“.jpeg” => “image/jpeg”,
“.png” => “image/png”,
“.xbm” => “image/x-xbitmap”,
“.xpm” => “image/x-xpixmap”,
“.xwd” => “image/x-xwindowdump”,
“.css” => “text/css”,
“.html” => “text/html”,
“.htm” => “text/html”,
“.js” => “text/javascript”,
“.asc” => “text/plain”,
“.c” => “text/plain”,
“.cpp” => “text/plain”,
“.log” => “text/plain”,
“.conf” => “text/plain”,
“.text” => “text/plain”,
“.txt” => “text/plain”,
“.dtd” => “text/xml”,
“.xml” => “text/xml”,
“.mpeg” => “video/mpeg”,
“.mpg” => “video/mpeg”,
“.mov” => “video/quicktime”,
“.qt” => “video/quicktime”,
“.avi” => “video/x-msvideo”,
“.asf” => “video/x-ms-asf”,
“.asx” => “video/x-ms-asf”,
“.wmv” => “video/x-ms-wmv”,
“.bz2″ => “application/x-bzip”,
“.tbz” => “application/x-bzip-compressed-tar”,
“.tar.bz2″ => “application/x-bzip-compressed-tar”
)
accesslog.filename = “/var/lighttpd/log/lighttpd.access.log”
url.access-deny = ( “~”, “.inc”, “Filmes” )
$HTTP["url"] =~ “\.pdf$” {
server.range-requests = “disable”
}
static-file.exclude-extensions = ( “.php”, “.pl”, “.fcgi” )
server.port = 80
server.pid-file = “/var/run/lighttpd.pid”
dir-listing.activate = “enable”
server.username = “www”
server.groupname = “www”
$HTTP["host"] =~ “^.*$” {
server.document-root = “/usr/home/www/public_html/”
url.access-deny = ( “~”, “.inc”, “Filmes” )
$HTTP["url"] =~ “/sarg” {
dir-listing.activate = “disable”
}
$HTTP["url"] =~ “/server-*” {
status.status-url = “/server-status”
status.config-url = “/server-config”
## auth.backend should be htdigest, htpasswd, plain or ldap
# htdigest format – “user:Personal Directory:2686e356efa71a1e93a8b6b00e938e81b”
# use ‘./htdigest -c passwordfile realm username’ # -c needed to create a new file
#
## plain format – “user:passwd”
#
## htpasswd format – “user:78a6sd786asd78″
# use ‘./htpasswd -c passwordfile username password’ # -c needed to create a new file
auth.backend = “htdigest”
auth.backend.htdigest.userfile = “/usr/home/www/.htdigest”
auth.backend.htpasswd.userfile = “/usr/home/www/.htplain”
auth.require = ( “” =>
(
## method should be plain or digest
# digest – md5 auth
# plain – plain auth
“method” => “digest”,
“realm” => “Personal Directory”,
“require” => “valid-user”
)
)
}
$HTTP["url"] =~ “^/personal/” {
auth.debug = 2
dir-listing.activate = “enable”
auth.backend = “htdigest”
auth.backend.htdigest.userfile = “/usr/home/www/.htdigest”
auth.backend.htpasswd.userfile = “/usr/home/www/.htplain”
auth.require = ( “” =>
(
“method” => “digest”,
“realm” => “Personal Directory”,
“require” => “valid-user”
)
)
}
}

Using PF as Firewall on FreeBSD

Recompile the kernel with PF support:

device          pf
device          pflog

Editing pf.conf file:

# Variables
ext_if=”rl0″
int_if=”vr0″
port_tcp_out_to_in=”{ 22, 88, 143, 6891, 6892, 6893 }”
port_udp_out_to_in=”{ 53 }”

#Options
set timeout { interval 10, frag 30 }
set timeout { tcp.first 30, tcp.opening 120, tcp.established 86400 }
set timeout { tcp.closing 30, tcp.finwait 15, tcp.closed 15 }
set timeout { udp.first 60, udp.single 30, udp.multiple 60 }
set timeout { icmp.first 20, icmp.error 10 }
set timeout { other.first 60, other.single 30, other.multiple 60 }
set timeout { adaptive.start 0, adaptive.end 0 }
set limit { states 10000, frags 5000 }
set loginterface none
set optimization normal
set block-policy drop
set require-order yes
set fingerprints “/etc/pf.os”

# Packages normalization
scrub in all

# Nat / Binat / Redirects
binat on $int_if from 192.168.2.2 to any -> 200.xxx.xxx.xx
nat on $ext_if from 192.168.2.0/24 to any -> ($ext_if) # or 200.xxx.xxx.xx
rdr on $int_if proto tcp from 192.168.2.0/24 to any port 80 -> 127.0.0.1 port 3128

# Rules
block in log all
pass out on $ext_if proto { tcp, udp, icmp } all keep state
pass on lo0 from 127.0.0.1 to 127.0.0.1
pass on vr0 from 192.168.2.0/24 to 192.168.2.0/24 keep state
pass in  on $ext_if proto tcp from any to ($ext_if) port $port_tcp_out_to_in keep state
pass in on $ext_if proto udp from any to ($ext_if) port $port_udp_out_to_in keep state

Loading PF rules:

~# pfctl -f /etc/pf.conf

Edit /etc/rc.conf to start PF on boot:

pf_enable=”YES” # Set to YES to enable packet filter (pf)
pf_rules=”/etc/pf.conf” # rules definition file for pf
pf_program=”/sbin/pfctl” # where the pfctl program lives
pf_flags=”" # additional flags for pfctl
pflog_enable=”YES”
pflog_logfile=”/var/log/pflog” # where pflogd should store the logfile
pflog_program=”/sbin/pflogd” # where the pflogd program lives
pflog_flags=”" # additional flags for pflogd