Tag Archives: gentoo

gentoo fix bash vulnerability (bash shellshock) CVE-2014-7169

All Bash 3.1 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-shells/bash-3.1_p18-r1"

All Bash 3.2 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-shells/bash-3.2_p52-r1"

All Bash 4.0 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-shells/bash-4.0_p39-r1"

All Bash 4.1 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-shells/bash-4.1_p12-r1"

All Bash 4.2 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-shells/bash-4.2_p48-r1" 

install PPTP VPN on Gentoo server

First, Install the necessary components

emerge -av ppp pptpd iptables

Note: PPP should be supported by Linux Kernel. If your Kernel doesn’t support PPP, you need to re-compile it.

Modify /etc/ppp/options.pptpd

nano /etc/ppp/options.pptpd

unmark below section and use google DNS

ms-dns 8.8.8.8
ms-dns 8.8.8.4

create username, password for VPN access, modify /etc/ppp/chap-secrets


# Secrets for authentication using CHAP
# client  server  secret          IP addresses
username * password *

Then modify system settings for IP forward.

nano /etc/pptpd.conf

Unmark below sections:

localip 192.168.0.1
remoteip 192.168.0.234-238,192.168.0.245

Then add ip forward rules, modify /etc/sysctl.conf and add

net.ipv4.ip_forward = 1

Save and execute

sysctl -p

Add iptable rules

iptables -t nat -A POSTROUTING -o eth0 -s 192.168.0.0/24 -j MASQUERADE
/etc/init.d/iptables save

Start iptable and pptp

/etc/init.d/iptables start
/etc/init.d/pptpd start

Start the service when system start

rc-update add iptables default
rc-update add pptpd default