Installation CCcam server on Ubuntu 6.06
Installation CCcam server on Ubuntu 6.06 server with firewall, automatic SofCam.Key, TPS.bin and DNS update, PHP webinfo and more
More information about Ubuntu can be found at You are not allowed to view links.
Register or
Login.
in this manual to make use of VIM as editor.
This is the default editor in Ubuntu Server.
For information on all the options and VIM type &undefined; vim - help &undefined; in the commandline.
Of course you can use any editor that you want.
Midnight commander (see paragraph 19) is ideal for anyone who VIM find difficult.
1.
Install Ubuntu 6.06 LTS (Long Time Support) server.
Why 6.06 LTS and not 7.04?
6.06 LTS server edition has a kernel that is optimized for servers.
Ubuntu desktop server is not (totally unnecessary for a cardserver my opinion) and has thereby installation of a barely 300 mb.
In addition, this version 5 years maintained by Ubuntu.
Will you 7.04 from next year no more updates for 6.06 LTS run this until 2011.
2.
Install SSH:
Code:
# sudo apt-get install openssh-server
# Sudo apt-get install openssh server
If you have done this, the server in principle in the gangkast, attic, barn or anywhere else.
No monitor and keyboard longer necessary because anything is possible (using putty) external done.
Of course, you can also go to the server itself.
3.
Download putty and log into your server:
You are not allowed to view links.
Register or
LoginYou are not allowed to view links.
Register or
Login ~ sgtatham/putty/latest/x86/putty.exe
4.
Login as root:
Code:
# sudo –su
# Sudo su -
Enter your password and you will see that you are now root.
5.
Respotries additional incitement in Ubuntu:
Code:
# vim /etc/apt/sources.list
# Vim / etc / apt / sources.list
Remove the pound signs for all road:
Code:
# deb ......
Deb # ......
Save this.
6.
Update the sources.list:
Code:
# apt-get update
# Apt-get update
7.
Install an FTP server:
Code:
# apt-get install proftpd
# Apt-get install proftpd
Important: Choose during installatievragen for &undefined; standalone &undefined; and not &undefined; initd &undefined;
8.
Make folders for the various CCcam:
Code:
# mkdir /var/keys
# Mkdir / var / keys
And
Code:
# mkdir /var/etc
# Mkdir / var / etc
9.
Change the following directories of ownership (from root to own username):
Code:
# chown jouwusername /var/keys
# Chown jouwusername / var / keys
# chown jouwusername /var/etc
# Chown jouwusername / var / etc
# chown jouwusername /usr/local/bin
# Chown jouwusername / usr / local / bin
10.
Sign with your FTP program into your server and upload files from CCcam the following
CCcam.x86 to / usr / local / bin
CCcam.cfg, CCcam.channelinfo, CCcam.providers to / var / etc
11.
Make CCcam.x86 opstartbaaar with chmod:
Code:
# chmod 755 /usr/local/bin/CCcam.x86
# Chmod 755 / usr/local/bin/CCcam.x86
Note: I always rename CCcam.x86 to cccam.
Further in this guide is CCcam.x86 therefore cccam.
12.
Make sure cccam automatically at startup (re) boot.
Code:
# vim /etc/rc.local
# Vim / etc / rc.local
Add the following:
Code:
/usr/local/bin/cccam
/ Usr / local / bin / cccam
13.
.
Because CCcam over time are going to use a lot of memory (and less stable) let me Cccam every night for 4 hours to restart.
Create a cron job:
Code:
# sudo crontab –e
# Sudo crontab-e
Add the following:
Code:
00 04 * * * killall cccam && /usr/local/bin/cccam
00 04 * * * killall cccam & & / usr / local / bin / cccam
Save with Ctrl X, yes, enter
14.
14.
Because I have no sense to ever own Softcam.Key and tps.bin update, I have this automated.
Every night at 3:59 pm, the last Softcam downloaded.
14.1 Make a bash file:
Code:
# vim /var/etc/keyupdater.sh
# Vim / var / etc / keyupdater.sh
14.2 Add to the new file with the following lines toeen save the file:
Code:
#!
/bin/bash
/ Bin / bash
#
wget -qO /var/keys/SoftCam.Key You are not allowed to view links.
Register or
Login*xs*t.eu/hpengine/downl*...es/S*ftCam.K*y
Wget-qO / var / keys / SoftCam.Key You are not allowed to view links.
Register or
Login xs * * t.eu / hpengine / downl ad_files * / * S * y ftCam.K
wget -qO /var/keys/tps.bin You are not allowed to view links.
Register or
Login**************wnload_files/tps.bin
Wget-qO / var / keys / tps.bin You are not allowed to view links.
Register or
Login ************** wnload_files / tps.bin
Note: I can not drop full path here, most of you will still have enough to hint!
14.3 Make the newly created file bootable:
Code:
# chmod 755 /var/etc/keyupdater.sh
# Chmod 755 / var / etc / keyupdater.sh
14.4 Make sure the script eg every night at 4 am to be done:
Code:
# crontab –e
# Crontab-e
Add the following line:
Code:
Code:
59 03 * * * /var/etc/keyupdater.sh
59 03 * * * / var / etc / keyupdater.sh
Save your &undefined; with Crtl X, yes, enter &undefined;
15.
Firewall install:
For the configuration of the firewall, we will not use Netfilter / Iptables but Shorewall.
In my opinion, Shorewall far the best solution for Linux firewall.
With the help of a number of files Shorewall makes it possible for a relatively simple to very complex firewall.
The configuration is obviously very dependent on how and what is on the server is running.
I go out of the most common situation.
Most people will have standalone server running and connected to a router.
The server has a network connection (NIC).
15.1 Install the Firewall (Shorewall):
Code:
# apt-get install shorewall
# Apt-get install shorewall
15.2 In order to boot the shorewall start:
Code:
# vim /etc/default/shorewall
# Vim / etc / default / shorewall
Replace:
Code:
startup = 0
Startup = 0
in
V
Code:
startup = 1
Startup = 1
Save it.
15.3 copy the example configuratiefiles of shorewall to the correct directory:
Code:
# cp /usr/share/doc/shorewall/default-config/* /etc/shorewall/
# Cp / usr / share / doc / shorewall / default-config / * / etc / shorewall /
15.4 From this point it is best for all configuratiefies in / etc / shorewall / shorewall to take in order to get to know.
This is a rather time consuming so I will just go through the main things.
15.5 Tell shorewall what netwerkzones you use.
In our example with a NIC there are two areas which 1 firewall itself and the NIC.
Code:
# vim /etc/shorewall/zones
# Vim / etc / shorewall / zones
Add the following:
Code:
#ZONE TYPE OPTIONS IN OUT
# TYPE OF OPTIONS IN ZONE OUT
# OPTIONS OPTIONS
# OPTIONS OPTIONS
fw firewall
FW firewall
net ipv4
Just ipv4
#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
# LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
Save this.
15.6 Next, we configure the interface (NIC):
Code:
# vim /etc/shorewall/interfaces
# Vim / etc / shorewall / interfaces
Add the following:
Code:
#ZONE INTERFACE BROADCAST OPTIONS
ZONE # INTERFACE BROADCAST OPTIONS
net eth0
Just eth0
#LAST LINE—ADD YOUR ENTRIES BEFORE THIS ONE—DO NOT REMOVE
# LAST LINE-ADD YOUR ENTRIES BEFORE THIS ONE-DO NOT REMOVE
15.7 Now we go into the firewall is set:
Code:
#vim /etc/shorewall/policy
# Vim / etc / shorewall / policy
Add the following:
Code:
#SOURCE DEST POLICY LOG LIMIT:BURST
# SOURCE DEST POLICY LOG LIMIT: BURST
# LEVEL
# LEVEL
fw net ACCEPT
FW net ACCEPT
net all DROP
Net all DROP
all all REJECT
All All REJECT
#LAST LINE—DO NOT REMOVE
# LAST LINE-DO NOT REMOVE
Ie traffic comes from outside the firewall to pass
Everything from the Internet to the firewall block
All all rejection is standard and so you have to leave.
Save this.
15.8 If we go into the last firewall rules provide:
This example is applicable if you CCcam port 12000 used in the web interface 16001 and the Web interface only in a specific PC on the LAN with IP 192.168.1.10 available.
Code:
#vim /etc/shorewall/rules
# Vim / etc / shorewall / rules
Add the following:
Code:
#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/
# ACTION SOURCE DEST PROTO DEST ORIGINAL SOURCE RATE USER /
# PORT PORT(S) DEST LIMIT GROUP
# PORT PORT (S) DEST LIMIT GROUP
ACCEPT net:192.168.1.10 fw tcp 16001
ACCEPT net: 192.168.1.10 fw tcp 16001
ACCEPT net fw tcp 12000
ACCEPT net FW TCP 12000
ACCEPT net fw tcp 22 (voor SSH)
ACCEPT net fw tcp 22 (SSH)
ACCEPT net fw tcp 21 (voor FTP)
ACCEPT net fw tcp 21 (FTP)
#
Block port # 12000 for a particular IP
DROP net:220.153.535.2 fw tcp 12000
DROP net: 220.153.535.2 fw tcp 12000
Block port # 12000 for multiple IPs
DROP net:220.153.535.2, 233.233.111.33, 232.33.44.11 fw tcp 12000
DROP net: 220.153.535.2, 233.233.111.33, 232.33.44.11 fw tcp 12000
# If you are like Spiderman Samba used to share files, open these gates course
ACCEPT net:192.168.1.10/20 fw tcp 137,138,139,389,445 -
ACCEPT net: 192.168.1.10/20 fw tcp 137138139389445 --
ACCEPT net:192.168.1.10/20 fw udp 137,138,139,389,445 -
ACCEPT net: 192.168.1.10/20 fw udp 137138139389445 --
Etc.
Save this.
16.
16.
Shorewall start:
Code:
# shorewall start
# Shorewall start
If you have made a mistake somewhere you get to see in your output.
All other files in / etc / shorewall you do not have to change.
17.
17.
Install htop services to be able to see your screens
Code:
# apt-get install htop
# Apt-get install htop
Booting with:
Code:
# htop
# Htop
18.
18.
In order to be able to monitor network traffic to install nload:
Code:
# apt-get install nload
# Apt-get install nload
Boot with:
Code:
# nload
# Nload
19.
19.
To meet the commandline easy to navigate through all the files and editing them install Midnight Commander:
Code:
# apt-get install mc
# Apt-get install mc
Boot with:
Code:
# mc
# MC
20.
20.
Apache and PHP5 for PHP Webinfo Installation
20.1 Install Apache HTTP Server:
Code:
# apt-get install apache2
# Apt-get install apache2
20.2 Install PHP5:
Code:
# apt-get install php5
# Apt-get install php5
Then
Code:
# /etc/init.d/apache2 restart
# / Restart etc/init.d/apache2
20.3 Open port 80 in the Firewall
Code:
# vim /etc/shorewall/rules
# Vim / etc / shorewall / rules
Add the following: Code:
ACCEPT net: fw tcp 80
ACCEPT net: fw tcp 80
20.4 Restart Shorewall
Code:
# shorewall restart
# Shorewall restart
20.5 Test of Apache and PHP5 work:
Code:
# vim /var/www/testphp.php
# Vim / var / www / testphp.php
Add the following:
Code:
(); ?>
();>
20.6 In your browser you call the newly created php file with You are not allowed to view links.
Register or
LoginIf everything is goedgegaan you get a good overview of PHP.
21.
Now we Webinfo PHP install.
21.1 Make yourself owner / var / www /
Code:
# chown jouwusername /var/www/
# Chown jouwusername / var / www /
21.2 Upload the PHP Webinfo files with FTP
Only index.php and the map data in / var / www /
profiles.ini naar /var/etc/
Profiles.ini to / var / etc /
Note: Certainly NOT profiles.ini in your webroot (/ var / www /), as standard intended. The log of your server in plain text in that file and for anyone up for grabs!
21.3 Provide write to the directory data:
Code:
# chmod 777 /var/www/data
# Chmod 777 / var / www / data
21.4 Only profiles.ini in with the correct information:
Code:
vim /var/etc/profiles.ini
Vim / var / etc / profiles.ini
Follow the instructions, the file looks like this
Code:
#replace the following lines with your dns, ftp port, user and pass for the cccam server
# Replace the following lines with your dns, ftp port, and pass user for the server cccam
127.0.0.1
21
username
Username
password
Password
21.5 Change initialprocess.php file:
Quote
# vim /var/www/data/initialprocess.php
# Vim / var / www / data / initialprocess.php
Search in Rule 62 to:
Code:
if (file_exists("../profiles.ini")) {$accessdata=file("../profiles.ini");
If (file_exists ("../ profiles.ini ")) ($ accessdata = file ("../ profiles.ini");
Do not forget this:
Code:
if (file_exists("/var/etc/profiles.ini")) {$accessdata=file("/var/etc/profiles.ini");
If (file_exists ( "/ var / etc / profiles.ini")) ($ accessdata = file ( "/ var / etc / profiles.ini");
Ready!
Navigate your browser to You are not allowed to view links.
Register or
Login and you see extensive information on CCcam
22 NO IP Client for automatic DNS update:
Code:
apt-get install no-ip
Apt-get install no-ip
NO 22.1 IP Client configuration:
Code:
no-ip -C
No-IP-C
Follow the steps and finished 5 configuration.
The updater is doing his work for the X minutes that you indicate in Step 5.
NO-IP start automatically reboot.
23 DynDNS Client for automatic DNS update:
Code:
apt-get install ddclient
Apt-get install ddclient
23.1 DynDNS Client configuration:
Code:
vim /etc/ddclient.conf
Vim / etc / ddclient.conf
Only this config file to your insight like this:
Code:
#
# /etc/ddclient/ddclient.conf
# / Etc / ddclient / ddclient.conf
#
protocol=dyndns2
Protocol = dyndns2
use=web
Use = web
login=mylogin
Login = mylogin
password=mypassword
Password = mypassword
myhost.dyndns.org
Myhost.dyndns.org
Start DynDNS Client
Start DynDNS Client
Code:
/etc/init.d/ddclient start
/ Etc / init.d / ddclient start
DynDNS start automatically when a reboot.
