In case it helps anyone... Because the server I was building was going to be only marginally protected other than the linux box's own firewall, I purposely stripped-out all the services and such that I didn't absolutely need. Not only to streamline it, but to reduce the possibility that there would be a security breach somewhere. (Not rocket-science, I know.)
Thus, I didn't configure any mail servers. Configuring sendmail and/or exim was going to be really tedious and troublesome just so I could send notifications, but notifications are a good security measure. So here's what I did: Installed msmtp: debian/ubuntu that's simply "apt-get install msmtp". Yum is probably very similar. Create a .mailrc file, in root's home directory, put one line in it: set sendmail="/path/to/msmtp" --> Chmod this to 600 I configured a .msmtprc file in root's home directory. --> There is good documentation at: http://msmtp.sourceforge.net/doc/msmtp.html . --> Please DO make every attempt to enable TLS with your ISP or other mail provider (I think you can even use gmail's smtp servers). --> Set a default account. --> Chmod this to 600 --> Test this by sending mail via the "mail" command in your shell. There is a test example in the fwknop FAQ if you need. Edit your fwknop.conf file. --> Make sure your EMAIL_ADDRESSES has a valid list of email addresses you want to notify. --> Find the line that indicates "sendmailCmd" (it was at the bottom in my conf) and change the value to /path/to/msmtp --> Verify that the mailCmd (same section of the conf file) is the correct path (on my system mail was in /usr/bin, not /bin which was the default). Restart fwknopd (I use the init.d script, but to each his own). Everything up-to the edits of the fwknop.conf file was gleened from the one msmtp url, above. So if you have questions about syntax, options, etc., go there! Note: I'm not sure if fwknopd opens any ports to send email, so you may have to open-up the port you configured in your .msmtprc file to get the traffic to your external smtp server. I am currently testing with my OUTPUT chain defaulting to ACCEPT, so it wasn't a problem for me. Hope this helps someone else. As always, YMMV, but good luck! -AJ ------------------------------------------------------------------------------ Throughout its 18-year history, RSA Conference consistently attracts the world's best and brightest in the field, creating opportunities for Conference attendees to learn about information security's most important issues through interactions with peers, luminaries and emerging and established companies. http://p.sf.net/sfu/rsaconf-dev2dev _______________________________________________ Fwknop-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
