Disable Network Zeroconf APIPA

How to disable Zeroconf automatic network configuration APIPA, Link-Local for TCP/IP addressing if no DHCP server is available

Disable Network Zeroconf APIPA

ZEROCONF commonly known as IPv4 Link-Local (IPv4LL) and Automatic Private IP Addressing (APIPA) uses the range 169.254.0.0/16 for network addresses. This APIPA addressing is activated by default, this are often not desired by system administrators.

Most Windows versions and Linux distributions use zero network configuration (ZEROCONF) to automatically configure the network without a central instance, i.e. without the need for a DHCP or DNS server to be present in a network. ZEROCONF published at IETF that plans and coordinates a number of dynamic protocols. It is intended to enable an operating system to automatically configure networks.

Windows disable network APIPA ZEROCONF

Under Windows network APIPA ZEROCONF can be disable due modify the registry, to do it with open the command prompt as administrator and run the REG command with Copy & Paste.

REG ADD HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v IPAutoconfigurationEnabled /t REG_DWORD /d "00000000" /f

Linux disable ZEROCONF

In Linux edit the network file and insert ZEROCONF = YES or NO.

$ sudo vi /etc/sysconfig/network

NOZEROCONF=yes

RHEL / Fedora / CentOS configuring as follows.

$ service network restart

Debian – Ubuntu avahi-daemon

For Linux Mint and Ubuntu the avahi-daemon configuration has to be changed.

$ sudo vi /etc/default/avahi-daemon

AVAHI_DAEMON_DETECT_LOCAL=0

Now restart Linux Mint / Ubuntu avahi-daemon.

$ sudo /etc/init.d/avahi-daemon restart

The avahi-daemon should do not start automatically on system boot.

$ update-rc.d -f avahi-daemon remove

Using RHEL or CentOS run this command.

$ chkconfig avahi-daemon off

Network Zero-configuration

Network Zero-configuration (zeroconf), also know as APIPA and Link-local is a set of technologies that automatically creates a usable computer network based on the Internet Protocol Suite (TCP/IP) when computers or network peripherals are interconnected. It does not require manual operator intervention or special configuration servers. Without zeroconf, a network administrator must set up network services, such as Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS), or configure each computer’s network settings manually.

Zeroconf is built on three core technologies: automatic assignment of numeric network addresses for networked devices, automatic distribution and resolution of computer hostnames, and automatic location of network services, such as printing devices.

How to ClamAV Postfix Integration on CentOS

ClamAV is an open source (GPL) anti-virus toolkit for UNIX/Linux

Especially for e-mail scanning on mail gateways. It offers a number of utilities, including a flexible and scalable multi-threaded daemon, as well as a command line scanner as an advanced tool for automatic database updates. The core of the package provides an anti-virus engine in the form of a shared library.

This article describes the integration of ClamAV on a CentOS 6 Mail Gateway (MTA) with Postfix.

First, the ClamAV daemon from the EPL repo is installed on the MTA.

$ yum --enablerepo=epel -y install clamd clamsmtp

After installation, the ClamAV-SMTP daemon is configured to remove the comment character (uncomment) from the listed lines.

vi /etc/clamsmtpd.conf

Lists: 0.0.0.0:10025
Header: X-Virus-Scanned: ClamAV using ClamSMTP
Action: drop

Now the services can be started.

$ service clamsmtpd start

Download the antivirus DB with freshclam.

$ freshclam

Start the ClamAV Daemon

$ service clamsmtp-clamd start

Enable automatic system startup.

$ chkconfig clamsmtpd on
$ chkconfig clamsmtp-clamd on

Postfix content-filter integration takes place in main.cf, via port 10025 to ClamAV, from master.cf via port 10026 the return transport to Postfix.

vi /etc/postfix/main.cf

content_filter = scan:127.0.0.1:10025

vi /etc/postfix/master.ch

scan unix - - n - 16 smtp
   -o smtp_data_done_timeout=1200
   -o smtp_send_xforward_command=yes
   -o disable_dns_lookups=yes
127.0.0.1:10026 inet n - n - 16 smtpd
   -o content_filter=
   -o local_recipient_maps=
   -o relay_recipient_maps=
   -o smtpd_restriction_classes=
   -o smtpd_client_restrictions=
   -o smtpd_helo_restrictions=
   -o smtpd_sender_restrictions=
   -o smtpd_recipient_restrictions=permit_mynetworks,reject
   -o mynetworks_style=host
   -o smtpd_authorized_xforward_hosts=127.0.0.0/8

Postfix must now be restarted.

$ service postfix restart

With netstat, the daemon readiness can be checked.

[root@mail ~]netstat -talpn | grep clam
tcp 0 0 0.0.0.0:10025 0.0.0.0:* LISTEN 21645/clamsmtpd

ClamAV can be checked with telnet, if everything works should the following result be output.

[root@mail ~]telnet localhost 10025
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is 'A]'.
220 smtp.passthru
ehlo localhost
250-smtp.passthru
250-SIZE 22000000
250-VRFY
250-ETRN
250-XFORWARDING NAME ADDR PROTO HELO SOURCE PORT
250-ENHANCED STATUS CODES
250-8BITMIME
250 DSN
Quit
221 2.0.0 Bye
Connection closed by foreign host.

[root@mail ~]telnet localhost 10026
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is 'A]'.
220 mail.odyssee.net ESMTP Postfix
ehlo localhost
250-mail.odyssee.net
250-PIPELINING
250-SIZE 22000000
250-VRFY
250-ETRN
250-XFORWARDING NAME ADDR PROTO HELO SOURCE PORT
250-ENHANCED STATUS CODES
250-8BITMIME
250 DSN
Quit
221 2.0.0 Bye
Connection closed by foreign host.

The mail protocol should also be consulted.

$ tail -f /var/log/maillog

The Internet Envelope appears in the E-mail Internet Headers (SMTP Envelope).

SMTP Internet Headers

Troubleshooting

If mail is no longer received, the following error is likely to be found in maillog:

clamsmtpd: 100006: CLAMAV: couldn’t connect to: /var/run/clamd.clamsmtp/clamd.sock: No such file or directory
clamsmtpd: 100004: SERVER: couldn’t connect to: 127.0.0.1:10026: Transport endpoint is not connected

The clamd deamon is no longer active. To restart the clamav services, they can be stopped in the console and restarted in the loop:

$ service clamd stop
$ service clamsmtp-clamd stop
$ service clamsmtpd stop
$ service clamd start
$ service clamsmtp-clamd start
$ service clamsmtpd start

After clamd and clamsmtpd is started, the active ports can be checked as follows:

$ ls -al /var/run/clamd.clamsmtp/clamd.pid
-rw-rw-r-- 1 clamsmtp mail 6 Oct 28 16:24 /var/run/clamd.clamsmtp/clamd.pid

$ netstat -tulpn
tcp 0 0 127.0.0.1:10025 0.0.0.0:* LISTEN 21134/clamsmtpd
tcp 0 0 127.0.0.1:10026 0.0.0.0:* LISTEN 21272/master

Furthermore, mails could still be in the queue, these could be removed with the command mailq and postqueue processed.

$ mailq
$ postqueue -f

Source: https://www.clamav.net/

Exit mobile version