Rbldnsd

Overview

This flavour currently contains rbldnsd for managing the DNS blocklist.

The ruleset is pulled from https://github.com/borestad/blocklist-ip

The flavour includes a local consul agent instance to be available that it can connect to (see configuration below). You can e.g. use the consul pot flavour on this site to run consul. You can also connect to this host and service consul restart manually.

Installation

  • Create your local jail from the image or the flavour files.
  • Clone the local jail
  • Adjust to your environment:
    sudo pot set-env -p <jailname> \
      -E DATACENTER=<datacentername> \
      -E NODENAME=<nodename> \
      -E IP=<IP address of this system> \
      -E CONSULSERVERS="<comma-deliminated list of consul servers>" \
      -E GOSSIPKEY=<32 byte Base64 key from consul keygen>] \
      -E DOMAIN=<your domain name> \
      -E SSLEMAIL="<email address for certificate rgistration>" \
      [ -E REMOTELOG=<IP address> ] \
      [ -E RULESET="ruleset" ]
    
  • Start the jail

Required Paramaters

The DATACENTER parameter defines a common datacenter.

The NODENAME parameter defines the name of this node.

The IP parameter is the IP address which will be used to access services.

The CONSULSERVERS parameter is a comma-deliminated list of IP addresses for the consul server or cluster. Do not include spaces!

e.g. CONSULSERVERS="10.0.0.2" or CONSULSERVERS="10.0.0.2,10.0.0.3,10.0.0.4,10.0.0.5,10.0.0.6"

The GOSSIPKEY parameter is the gossip encryption key for consul agent. We’re using a default key if you do not set the parameter, do not use the default key for production encryption, instead provide your own.

The DOMAIN parameter is the domain name to use for this host. This will be utilised at bl.$DOMAIN and you must setup a DNS entry to match.

The SSLEMAIL parameter is the email address used to register the domain at zerossl.

Optional Parameters

The REMOTELOG parameter is the IP address of a destination syslog-ng server, such as with the loki flavour, or beast-of-argh flavour.

The RULESET parameter is one of 1, 2, 3, 7, or 30, for the ruleset sources. The default is 30d.

Usage

This early version just starts rbldnsd with the applicable ruleset, and can be added to postfix as a RBL.

A standard page is available at https://bl.YOURDOMAIN and RBL block messages with URIs are automatically directed to the default page.

Testing rbldnsd

To test if working, take example IP 1.2.3.4, put in reverse notation, and append bl.your.domain and the IP to query:

host -t TXT 4.3.2.1.bl.your.domain ip.of.rbldnsd

Getting Started

How To Use The Ready-Made Image

FreeBSD 13.2:
pot import -p rbldnsd-amd64-13_2 -t 0.10.1 -U https://potluck.honeyguide.net/rbldnsd

With Signify Verification:
fetch https://potluck.honeyguide.net/potluck.pub; pot import -p rbldnsd-amd64-13_2 -t 0.10.1 -C potluck.pub -U https://potluck.honeyguide.net/rbldnsd

If you don’t want to use the default pot bridged network configuration but instead need an individual network setup (e.g. assign a host IP address), after importing it you can simply clone the jail like that (em0 is the host network adapter in this example):
pot clone -P rbldnsd-amd64-13_2 -p my-cloned-jail -N alias -i "em0|10.10.10.10"

Note: Some images might require specific network configuration, double check the Overview-chapter at the top.

Alternatively: Create a Jail With This Flavour Yourself

1. Create Flavour Files

Save all files and directories from https://github.com/hny-gd/potluck/tree/master/rbldnsd to /usr/local/etc/pot/flavours/

2. Create Jail From Flavour

Run
pot create -b <FreeBSD Version> -p <jailname> -t single -N public-bridge -f fbsd-update

with your FreeBSD version (e.g. 13.2) and the name your jail should get.

Note: Some images might require specific network configuration, double check the Overview-chapter at the top.

Version History

0.10

  • Version bump for new base image

0.9

  • Version bump for new base image

0.8

  • Version bump for new base image
  • Fix syslog-ng problems for 4.2 version, remove stats_freq option
  • Add local unbound and consul DNS services
  • Update README with consul DNS info
  • Fix error in consul agent config
  • fix local_unbound dns resolution with missing parameters for access control
  • Disable consul DNS option with local_unbound as is only practical in VNET jails with a localhost
  • Adjust acme.sh setup and renew scripts for ‘$domain_ecc’ suffix which is default now
  • Bug-fixing acme.sh changes

0.7

  • Version bump for new base image

0.6

  • Version bump for new base image
  • Signified
  • Fix nologin shell for nodeexport user

0.5

  • Version increment for new feature
  • Pass in consul servers as a comma-deliminated list

0.4

  • Version bump for new base image
  • Update syslog-ng.conf stats_freq(0); -> stats(freq(0));

0.3

  • Version bump for new base image
  • Revert to json format consul config
  • Fix missing comma in agent.json
  • Update README for sample query
  • Add acme.sh and finalise nginx
  • Fix errors in previous update
  • Adjust acme certificates copy to ssl directory
  • Fix nginx.conf brackets
  • Adjust nginx config to fix index.php not showing as default
  • Fix default index.php page to list tools
  • Set temporary solution for lookup URI to direct to main page
  • Update README to include default page
  • Include abuseipdb in the linked lookups
  • Tweak README

0.2

  • Version bump for new base image

0.1

  • First bash at a pot jail for rbldnsd

These images were built on Fri Sep 8 19:23:03 UTC 2023

Manual Image Download Links

rbldnsd-amd64-13_2_0.10.1.xz ( )
rbldnsd-amd64-13_2_0.10.1.xz.skein ( ) rbldnsd-amd64-13_2_0.10.1.xz.skein.sig ( ) rbldnsd-amd64-13_2_0.10.1.xz.meta ( )

Jenkins Pot Creation Logs

rbldnsd-amd64-13_2_0.10.1:


rbldnsd/rbldnsd:
copy-in -s /usr/local/etc/pot/flavours/rbldnsd.d/local -d /root/.pot_local
rbldnsd/rbldnsd.sh:
#!/bin/sh

# Based on POTLUCK TEMPLATE v3.0
# Altered by Michael Gmelin
#
# EDIT THE FOLLOWING FOR NEW FLAVOUR:
# 1. RUNS_IN_NOMAD - true or false
# 2. If RUNS_IN_NOMAD is false, can delete the <flavour>+4 file, else
#    make sure pot create command doesn't include it
# 3. Create a matching <flavour> file with this <flavour>.sh file that
#    contains the copy-in commands for the config files from <flavour>.d/
#    Remember that the package directories don't exist yet, so likely copy
#    to /root
# 4. Adjust package installation between BEGIN & END PACKAGE SETUP
# 5. Adjust jail configuration script generation between BEGIN & END COOK
#    Configure the config files that have been copied in where necessary

# Set this to true if this jail flavour is to be created as a nomad
# (i.e. blocking) jail.
# You can then query it in the cook script generation below and the script
# is installed appropriately at the end of this script
RUNS_IN_NOMAD=false

# set the cook log path/filename
COOKLOG=/var/log/cook.log

# check if cooklog exists, create it if not
if [ ! -e $COOKLOG ]
then
    echo "Creating $COOKLOG" | tee -a $COOKLOG
else
    echo "WARNING $COOKLOG already exists"  | tee -a $COOKLOG
fi
date >> $COOKLOG

# -------------------- COMMON ---------------

STEPCOUNT=0
step() {
  STEPCOUNT=$(("$STEPCOUNT" + 1))
  STEP="$*"
  echo "Step $STEPCOUNT: $STEP" | tee -a $COOKLOG
}

exit_ok() {
  trap - EXIT
  exit 0
}

FAILED=" failed"
exit_error() {
  STEP="$*"
  FAILED=""
  exit 1
}

set -e
trap 'echo ERROR: $STEP$FAILED | (>&2 tee -a $COOKLOG)' EXIT

# -------------- BEGIN PACKAGE SETUP -------------

step "Bootstrap package repo"
mkdir -p /usr/local/etc/pkg/repos
# only modify repo if not already done in base image
# shellcheck disable=SC2016
test -e /usr/local/etc/pkg/repos/FreeBSD.conf || \
  echo 'FreeBSD: { url: "pkg+http://pkg.FreeBSD.org/${ABI}/quarterly" }' \
    >/usr/local/etc/pkg/repos/FreeBSD.conf
ASSUME_ALWAYS_YES=yes pkg bootstrap

step "Touch /etc/rc.conf"
touch /etc/rc.conf

# this is important, otherwise running /etc/rc from cook will
# overwrite the IP address set in tinirc
step "Remove ifconfig_epair0b from config"
# shellcheck disable=SC2015
sysrc -cq ifconfig_epair0b && sysrc -x ifconfig_epair0b || true

step "Disable sendmail"
service sendmail onedisable

step "Create /usr/local/etc/rc.d"
mkdir -p /usr/local/etc/rc.d

# we need consul for consul agent
step "Install package consul"
pkg install -y consul

step "Install package sudo"
pkg install -y sudo

# necessary if installing curl now
step "Install package ca_root_nss"
pkg install -y ca_root_nss

step "Install package curl"
pkg install -y curl

step "Install package acme.sh"
pkg install -y acme.sh

step "Install package jq"
pkg install -y jq

step "Install package jo"
pkg install -y jo

step "Install package nano"
pkg install -y nano

step "Install package bash"
pkg install -y bash

step "Install package rsync"
pkg install -y rsync

step "Install package node_exporter"
pkg install -y node_exporter

step "Install package nginx"
pkg install -y nginx

step "Install package rbldnsd"
pkg install -y rbldnsd

step "Install package git-lite"
pkg install -y git-lite

step "Install package php82 and related"
pkg install -y php82 php82-mbstring php82-zlib php82-curl php82-gd

step "Install package syslog-ng"
pkg install -y syslog-ng

step "Clean package installation"
pkg clean -y

# -------------- END PACKAGE SETUP -------------

#
# Now generate the run command script "cook"
# It configures the system on the first run by creating the config file(s)
# On subsequent runs, it only starts sleeps (if nomad-jail) or simply exits
#

# this runs when image boots
# ----------------- BEGIN COOK ------------------

step "Clean cook artifacts"
rm -rf /usr/local/bin/cook /usr/local/share/cook

step "Install pot local"
tar -C /root/.pot_local -cf - . | tar -C /usr/local -xf -
rm -rf /root/.pot_local

step "Set file ownership on cook scripts"
chown -R root:wheel /usr/local/bin/cook /usr/local/share/cook
chmod 755 /usr/local/share/cook/bin/*

# ----------------- END COOK ------------------


# ---------- NO NEED TO EDIT BELOW ------------

step "Make cook script executable"
if [ -e /usr/local/bin/cook ]
then
    echo "setting executable bit on /usr/local/bin/cook" | tee -a $COOKLOG
    chmod u+x /usr/local/bin/cook
else
    exit_error "there is no /usr/local/bin/cook to make executable"
fi

#
# There are two ways of running a pot jail: "Normal", non-blocking mode and
# "Nomad", i.e. blocking mode (the pot start command does not return until
# the jail is stopped).
# For the normal mode, we create a /usr/local/etc/rc.d script that starts
# the "cook" script generated above each time, for the "Nomad" mode, the cook
# script is started by pot (configuration through flavour file), therefore
# we do not need to do anything here.
#

# Create rc.d script for "normal" mode:
step "Create rc.d script to start cook"
echo "creating rc.d script to start cook" | tee -a $COOKLOG

# shellcheck disable=SC2016
echo '#!/bin/sh
#
# PROVIDE: cook
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
. /etc/rc.subr
name="cook"
rcvar="cook_enable"
load_rc_config $name
: ${cook_enable:="NO"}
: ${cook_env:=""}
command="/usr/local/bin/cook"
command_args=""
run_rc_command "$1"
' > /usr/local/etc/rc.d/cook

step "Make rc.d script to start cook executable"
if [ -e /usr/local/etc/rc.d/cook ]
then
  echo "Setting executable bit on cook rc file" | tee -a $COOKLOG
  chmod u+x /usr/local/etc/rc.d/cook
else
  exit_error "/usr/local/etc/rc.d/cook does not exist"
fi

if [ "$RUNS_IN_NOMAD" != "true" ]
then
  step "Enable cook service"
  # This is a non-nomad (non-blocking) jail, so we need to make sure the script
  # gets started when the jail is started:
  # Otherwise, /usr/local/bin/cook will be set as start script by the pot
  # flavour
  echo "enabling cook" | tee -a $COOKLOG
  service cook enable
fi

# -------------------- DONE ---------------
exit_ok

rbldnsd/rbldnsd+1:
rbldnsd/rbldnsd+1.sh:

rbldnsd/rbldnsd+2:
rbldnsd/rbldnsd+2.sh:

rbldnsd/rbldnsd+3:
rbldnsd/rbldnsd+3.sh:

rbldnsd/rbldnsd+4:
rbldnsd/rbldnsd+4.sh:
=====>  Create conf dir (/mnt/srv/pot/jails/rbldnsd-amd64-13_2/conf)
=====>  Cloning freebsd-potluck-amd64-13_2_0_0_17 with snap 
=====>  clone zroot/srv/pot/jails/freebsd-potluck-amd64-13_2_0_0_17/m@1694195587 into zroot/srv/pot/jails/rbldnsd-amd64-13_2/m
=====>  Flavour: fbsd-update
=====>  Starting rbldnsd-amd64-13_2 pot for the initial bootstrap
=====>  mount /mnt/srv/pot/jails/rbldnsd-amd64-13_2/m/tmp
defaultrouter: 10.192.0.1 -> 10.192.0.1
===>  Starting the pot rbldnsd-amd64-13_2
ELF ldconfig path: /lib /usr/lib /usr/lib/compat /usr/local/lib /usr/local/lib/compat/pkg /usr/local/lib/compat/pkg
32-bit compatibility ldconfig path: /usr/lib32
Starting Network: lo0 epair0b.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
	options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
	inet6 ::1 prefixlen 128
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
	inet 127.0.0.1 netmask 0xff000000
	groups: lo
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair0b: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=8<VLAN_MTU>
	ether 02:18:0e:94:e0:0b
	inet 10.192.0.3 netmask 0xffc00000 broadcast 10.255.255.255
	groups: epair
	media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
	status: active
	nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
add host 127.0.0.1: gateway lo0 fib 0: route already in table
add net default: gateway 10.192.0.1
add host ::1: gateway lo0 fib 0: route already in table
add net fe80::: gateway ::1
add net ff02::: gateway ::1
add net ::ffff:0.0.0.0: gateway ::1
add net ::0.0.0.0: gateway ::1
Clearing /tmp (X related).
Updating motd:.
Updating /var/run/os-release done.
Creating and/or trimming log files.
Starting syslogd.
Starting cron.
Starting sendmail_outbound.

Fri Sep  8 19:20:40 UTC 2023
/usr/local/etc/pot/flavours/fbsd-update.sh -> /mnt/srv/pot/jails/rbldnsd-amd64-13_2/m/tmp/fbsd-update.sh
=====>  Executing fbsd-update script on rbldnsd-amd64-13_2
src component not installed, skipped
Looking up update.FreeBSD.org mirrors... 2 mirrors found.
Fetching metadata signature for 13.2-RELEASE from update1.freebsd.org... done.
Fetching metadata index... done.
Inspecting system... done.
Preparing to download files... done.

No updates needed to update system to 13.2-RELEASE-p3.
No updates are available to install.
=====>  Stop the pot rbldnsd-amd64-13_2
=====>  Remove p464fb7403ad2f epair network interfaces
=====>  unmount /mnt/srv/pot/jails/rbldnsd-amd64-13_2/m/tmp
=====>  unmount /mnt/srv/pot/jails/rbldnsd-amd64-13_2/m/dev
=====>  Flavour: rbldnsd
=====>  Executing rbldnsd pot commands on rbldnsd-amd64-13_2
=====>  mount /mnt/srv/pot/jails/rbldnsd-amd64-13_2/m/tmp
=====>  Source /usr/local/etc/pot/flavours/rbldnsd.d/local copied in the pot rbldnsd-amd64-13_2
=====>  unmount /mnt/srv/pot/jails/rbldnsd-amd64-13_2/m/tmp
=====>  /mnt/srv/pot/jails/rbldnsd-amd64-13_2/m/dev is already unmounted
=====>  Starting rbldnsd-amd64-13_2 pot for the initial bootstrap
=====>  mount /mnt/srv/pot/jails/rbldnsd-amd64-13_2/m/tmp
defaultrouter: 10.192.0.1 -> 10.192.0.1
===>  Starting the pot rbldnsd-amd64-13_2
ELF ldconfig path: /lib /usr/lib /usr/lib/compat /usr/local/lib /usr/local/lib/compat/pkg /usr/local/lib/compat/pkg
32-bit compatibility ldconfig path: /usr/lib32
Starting Network: lo0 epair0b.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
	options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
	inet6 ::1 prefixlen 128
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
	inet 127.0.0.1 netmask 0xff000000
	groups: lo
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair0b: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=8<VLAN_MTU>
	ether 02:e8:94:1a:e5:0b
	inet 10.192.0.3 netmask 0xffc00000 broadcast 10.255.255.255
	groups: epair
	media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
	status: active
	nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
add host 127.0.0.1: gateway lo0 fib 0: route already in table
add net default: gateway 10.192.0.1
add host ::1: gateway lo0 fib 0: route already in table
add net fe80::: gateway ::1
add net ff02::: gateway ::1
add net ::ffff:0.0.0.0: gateway ::1
add net ::0.0.0.0: gateway ::1
Clearing /tmp (X related).
Updating motd:.
Updating /var/run/os-release done.
Creating and/or trimming log files.
Starting syslogd.
Starting cron.
Starting sendmail_outbound.

Fri Sep  8 19:20:48 UTC 2023
/usr/local/etc/pot/flavours/rbldnsd.sh -> /mnt/srv/pot/jails/rbldnsd-amd64-13_2/m/tmp/rbldnsd.sh
=====>  Executing rbldnsd script on rbldnsd-amd64-13_2
WARNING /var/log/cook.log already exists
Step 1: Bootstrap package repo
pkg already bootstrapped at /usr/local/sbin/pkg
Step 2: Touch /etc/rc.conf
Step 3: Remove ifconfig_epair0b from config
Step 4: Disable sendmail
sendmail disabled in /etc/rc.conf
sendmail_outbound disabled in /etc/rc.conf
sendmail_msp_queue disabled in /etc/rc.conf
Step 5: Create /usr/local/etc/rc.d
Step 6: Install package consul
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	consul: 1.16.0_1

Number of packages to be installed: 1

The process will require 108 MiB more space.
19 MiB to be downloaded.
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching consul-1.16.0_1.pkg: .......... done
Checking integrity... done (0 conflicting)
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/1] Installing consul-1.16.0_1...
===> Creating groups.
Creating group 'consul' with gid '469'.
===> Creating users
Creating user 'consul' with uid '469'.
===> Creating homedir(s)
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting consul-1.16.0_1: ..... done
Step 7: Install package sudo
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The most recent versions of packages are already installed
Step 8: Install package ca_root_nss
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The most recent versions of packages are already installed
Step 9: Install package curl
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The most recent versions of packages are already installed
Step 10: Install package acme.sh
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 2 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	acme.sh: 3.0.6
	socat: 1.7.4.4

Number of packages to be installed: 2

The process will require 2 MiB more space.
383 KiB to be downloaded.
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/2] Fetching acme.sh-3.0.6.pkg: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [2/2] Fetching socat-1.7.4.4.pkg: .......... done
Checking integrity... done (0 conflicting)
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/2] Installing socat-1.7.4.4...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/2] Extracting socat-1.7.4.4: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [2/2] Installing acme.sh-3.0.6...
===> Creating groups.
Creating group 'acme' with gid '169'.
===> Creating users
Creating user 'acme' with uid '169'.
===> Creating homedir(s)
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [2/2] Extracting acme.sh-3.0.6: .......... done
=====
Message from acme.sh-3.0.6:

--
This script will create the following directories if they do not exist:

 ~acme/.acme.sh
 ~acme/certs

The script will also install ~acme/.acme.sh/account.conf.sample which has
sane defaults.  Copy this to ~acme/.acme.sh/account.conf and edit contents
to suit.

If you have EXAMPLES on:

* In the /usr/local/share/examples/acme.sh directory, you can find the dnsapi 
  scripts which will be useful if you decide to use dns-01 challenges. Also 
  included are the deploy scripts.

* A newsyslog.conf sample file is installed at 
  /usr/local/etc/newsyslog.conf.d/acme.sh.conf - you must modify it by
  at least uncommenting the line.

* If you run `newsyslog -NC` it will create the required logfiles.

* Please review /usr/local/share/examples/acme.sh/acme.sh-cron.d - instructions are
  contained in that file.
Step 11: Install package jq
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The most recent versions of packages are already installed
Step 12: Install package jo
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The most recent versions of packages are already installed
Step 13: Install package nano
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The most recent versions of packages are already installed
Step 14: Install package bash
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The most recent versions of packages are already installed
Step 15: Install package rsync
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The most recent versions of packages are already installed
Step 16: Install package node_exporter
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	node_exporter: 1.5.0_6

Number of packages to be installed: 1

The process will require 11 MiB more space.
3 MiB to be downloaded.
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching node_exporter-1.5.0_6.pkg: .......... done
Checking integrity... done (0 conflicting)
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/1] Installing node_exporter-1.5.0_6...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting node_exporter-1.5.0_6: .......... done
=====
Message from node_exporter-1.5.0_6:

--
If upgrading from a version of node_exporter <0.15.0 you'll need to update any
custom command line flags that you may have set as it now requires a
double-dash (--flag) instead of a single dash (-flag).
The collector flags in 0.15.0 have now been replaced with individual boolean
flags and the -collector.procfs` and -collector.sysfs` flags have been renamed
to --path.procfs and --path.sysfs respectively.
Step 17: Install package nginx
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 2 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	nginx: 1.24.0_6,3
	pcre2: 10.42

Number of packages to be installed: 2

The process will require 8 MiB more space.
2 MiB to be downloaded.
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/2] Fetching nginx-1.24.0_6,3.pkg: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [2/2] Fetching pcre2-10.42.pkg: .......... done
Checking integrity... done (0 conflicting)
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/2] Installing pcre2-10.42...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/2] Extracting pcre2-10.42: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [2/2] Installing nginx-1.24.0_6,3...
===> Creating groups.
Using existing group 'www'.
===> Creating users
Using existing user 'www'.
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [2/2] Extracting nginx-1.24.0_6,3: .......... done
=====
Message from nginx-1.24.0_6,3:

--
Recent version of the NGINX introduces dynamic modules support.  In
FreeBSD ports tree this feature was enabled by default with the DSO
knob.  Several vendor's and third-party modules have been converted
to dynamic modules.  Unset the DSO knob builds an NGINX without
dynamic modules support.

To load a module at runtime, include the new `load_module'
directive in the main context, specifying the path to the shared
object file for the module, enclosed in quotation marks.  When you
reload the configuration or restart NGINX, the module is loaded in.
It is possible to specify a path relative to the source directory,
or a full path, please see
https://www.nginx.com/blog/dynamic-modules-nginx-1-9-11/ and
http://nginx.org/en/docs/ngx_core_module.html#load_module for
details.

Default path for the NGINX dynamic modules is

/usr/local/libexec/nginx.
Step 18: Install package rbldnsd
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	rbldnsd: 0.998

Number of packages to be installed: 1

89 KiB to be downloaded.
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/1] Fetching rbldnsd-0.998.pkg: .......... done
Checking integrity... done (0 conflicting)
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/1] Installing rbldnsd-0.998...
===> Creating groups.
Creating group 'rbldns' with gid '153'.
===> Creating users
Creating user 'rbldns' with uid '153'.
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/1] Extracting rbldnsd-0.998: .......... done
=====
Message from rbldnsd-0.998:

--
The rbldnsd port has been installed with an example zone file, located
in /usr/local/etc/rbldnsd/.

After starting the daemon with this example data, you should be able to
test the success of your install with the command:

	% host -a 1.1.31.172.bl.example.com. localhost
or
	% dig @localhost 1.1.31.172.bl.example.com. any
or
	% nslookup -query=any 1.1.31.172.bl.example.com. localhost

If you see a response that mentions 127.0.0.2, the install worked!
--
===>   NOTICE:

The rbldnsd port currently does not have a maintainer. As a result, it is
more likely to have unresolved issues, not be up-to-date, or even be removed in
the future. To volunteer to maintain this port, please create an issue at:

https://bugs.freebsd.org/bugzilla

More information about port maintainership is available at:

https://docs.freebsd.org/en/articles/contributing/#ports-contributing
Step 19: Install package git-lite
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 2 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	expat: 2.5.0
	git-lite: 2.41.0

Number of packages to be installed: 2

The process will require 33 MiB more space.
5 MiB to be downloaded.
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/2] Fetching expat-2.5.0.pkg: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [2/2] Fetching git-lite-2.41.0.pkg: .......... done
Checking integrity... done (0 conflicting)
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/2] Installing expat-2.5.0...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/2] Extracting expat-2.5.0: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [2/2] Installing git-lite-2.41.0...
===> Creating groups.
Creating group 'git_daemon' with gid '964'.
===> Creating users
Creating user 'git_daemon' with uid '964'.
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [2/2] Extracting git-lite-2.41.0: .......... done
=====
Message from git-lite-2.41.0:

--
If you installed the GITWEB option please follow these instructions:

In the directory /usr/local/share/examples/git/gitweb you can find all files to
make gitweb work as a public repository on the web.

All you have to do to make gitweb work is:
1) Please be sure you're able to execute CGI scripts in
   /usr/local/share/examples/git/gitweb.
2) Set the GITWEB_CONFIG variable in your webserver's config to
   /usr/local/etc/git/gitweb.conf. This variable is passed to gitweb.cgi.
3) Restart server.


If you installed the CONTRIB option please note that the scripts are
installed in /usr/local/share/git-core/contrib. Some of them require
other ports to be installed (perl, python, etc), which you may need to
install manually.
Step 20: Install package php82 and related
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 18 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	brotli: 1.0.9,1
	fontconfig: 2.14.2,1
	freetype2: 2.12.1_2
	giflib: 5.2.1
	jbigkit: 2.1_1
	jpeg-turbo: 2.1.5.1
	libargon2: 20190702
	libdeflate: 1.18
	libgd: 2.3.3_5,1
	libxml2: 2.10.4
	php82: 8.2.7
	php82-curl: 8.2.7
	php82-gd: 8.2.7
	php82-mbstring: 8.2.7
	php82-zlib: 8.2.7
	png: 1.6.39
	tiff: 4.4.0_1
	webp: 1.3.0_1

Number of packages to be installed: 18

The process will require 62 MiB more space.
11 MiB to be downloaded.
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/18] Fetching png-1.6.39.pkg: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [2/18] Fetching libxml2-2.10.4.pkg: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [3/18] Fetching php82-curl-8.2.7.pkg: ...... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [4/18] Fetching freetype2-2.12.1_2.pkg: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [5/18] Fetching jpeg-turbo-2.1.5.1.pkg: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [6/18] Fetching libgd-2.3.3_5,1.pkg: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [7/18] Fetching fontconfig-2.14.2,1.pkg: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [8/18] Fetching php82-gd-8.2.7.pkg: ..... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [9/18] Fetching giflib-5.2.1.pkg: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [10/18] Fetching libargon2-20190702.pkg: ........ done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [11/18] Fetching php82-mbstring-8.2.7.pkg: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [12/18] Fetching php82-8.2.7.pkg: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [13/18] Fetching jbigkit-2.1_1.pkg: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [14/18] Fetching webp-1.3.0_1.pkg: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [15/18] Fetching php82-zlib-8.2.7.pkg: ... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [16/18] Fetching brotli-1.0.9,1.pkg: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [17/18] Fetching tiff-4.4.0_1.pkg: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [18/18] Fetching libdeflate-1.18.pkg: .......... done
Checking integrity... done (0 conflicting)
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/18] Installing png-1.6.39...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/18] Extracting png-1.6.39: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [2/18] Installing jpeg-turbo-2.1.5.1...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [2/18] Extracting jpeg-turbo-2.1.5.1: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [3/18] Installing jbigkit-2.1_1...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [3/18] Extracting jbigkit-2.1_1: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [4/18] Installing brotli-1.0.9,1...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [4/18] Extracting brotli-1.0.9,1: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [5/18] Installing libdeflate-1.18...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [5/18] Extracting libdeflate-1.18: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [6/18] Installing freetype2-2.12.1_2...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [6/18] Extracting freetype2-2.12.1_2: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [7/18] Installing giflib-5.2.1...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [7/18] Extracting giflib-5.2.1: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [8/18] Installing tiff-4.4.0_1...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [8/18] Extracting tiff-4.4.0_1: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [9/18] Installing libxml2-2.10.4...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [9/18] Extracting libxml2-2.10.4: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [10/18] Installing fontconfig-2.14.2,1...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [10/18] Extracting fontconfig-2.14.2,1: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [11/18] Installing libargon2-20190702...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [11/18] Extracting libargon2-20190702: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [12/18] Installing webp-1.3.0_1...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [12/18] Extracting webp-1.3.0_1: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [13/18] Installing libgd-2.3.3_5,1...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [13/18] Extracting libgd-2.3.3_5,1: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [14/18] Installing php82-8.2.7...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [14/18] Extracting php82-8.2.7: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [15/18] Installing php82-curl-8.2.7...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [15/18] Extracting php82-curl-8.2.7: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [16/18] Installing php82-gd-8.2.7...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [16/18] Extracting php82-gd-8.2.7: ......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [17/18] Installing php82-mbstring-8.2.7...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [17/18] Extracting php82-mbstring-8.2.7: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [18/18] Installing php82-zlib-8.2.7...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [18/18] Extracting php82-zlib-8.2.7: ........ done
Running fc-cache to build fontconfig cache...
=====
Message from freetype2-2.12.1_2:

--
The 2.7.x series now uses the new subpixel hinting mode (V40 port's option) as
the default, emulating a modern version of ClearType. This change inevitably
leads to different rendering results, and you might change port's options to
adapt it to your taste (or use the new "FREETYPE_PROPERTIES" environment
variable).

The environment variable "FREETYPE_PROPERTIES" can be used to control the
driver properties. Example:

FREETYPE_PROPERTIES=truetype:interpreter-version=35 \
	cff:no-stem-darkening=1 \
	autofitter:warping=1

This allows to select, say, the subpixel hinting mode at runtime for a given
application.

If LONG_PCF_NAMES port's option was enabled, the PCF family names may include
the foundry and information whether they contain wide characters. For example,
"Sony Fixed" or "Misc Fixed Wide", instead of "Fixed". This can be disabled at
run time with using pcf:no-long-family-names property, if needed. Example:

FREETYPE_PROPERTIES=pcf:no-long-family-names=1

How to recreate fontconfig cache with using such environment variable,
if needed:
# env FREETYPE_PROPERTIES=pcf:no-long-family-names=1 fc-cache -fsv

The controllable properties are listed in the section "Controlling FreeType
Modules" in the reference's table of contents
(/usr/local/share/doc/freetype2/reference/index.html, if documentation was installed).
=====
Message from php82-curl-8.2.7:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-curl.ini
=====
Message from php82-gd-8.2.7:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-gd.ini
=====
Message from php82-mbstring-8.2.7:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-mbstring.ini
=====
Message from php82-zlib-8.2.7:

--
This file has been added to automatically load the installed extension:
/usr/local/etc/php/ext-20-zlib.ini
Step 21: Install package syslog-ng
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 8 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	e2fsprogs-libuuid: 1.47.0
	glib: 2.76.5,2
	json-c: 0.16
	libffi: 3.4.4
	mpdecimal: 2.5.1
	pcre: 8.45_3
	python39: 3.9.17
	syslog-ng: 4.2.0

Number of packages to be installed: 8

The process will require 156 MiB more space.
23 MiB to be downloaded.
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/8] Fetching mpdecimal-2.5.1.pkg: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [2/8] Fetching python39-3.9.17.pkg: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [3/8] Fetching pcre-8.45_3.pkg: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [4/8] Fetching glib-2.76.5,2.pkg: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [5/8] Fetching syslog-ng-4.2.0.pkg: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [6/8] Fetching libffi-3.4.4.pkg: ...... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [7/8] Fetching json-c-0.16.pkg: ........ done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [8/8] Fetching e2fsprogs-libuuid-1.47.0.pkg: ..... done
Checking integrity... done (0 conflicting)
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/8] Installing mpdecimal-2.5.1...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [1/8] Extracting mpdecimal-2.5.1: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [2/8] Installing libffi-3.4.4...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [2/8] Extracting libffi-3.4.4: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [3/8] Installing python39-3.9.17...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [3/8] Extracting python39-3.9.17: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [4/8] Installing pcre-8.45_3...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [4/8] Extracting pcre-8.45_3: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [5/8] Installing glib-2.76.5,2...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [5/8] Extracting glib-2.76.5,2: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [6/8] Installing json-c-0.16...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [6/8] Extracting json-c-0.16: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [7/8] Installing e2fsprogs-libuuid-1.47.0...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [7/8] Extracting e2fsprogs-libuuid-1.47.0: .......... done
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [8/8] Installing syslog-ng-4.2.0...
[rbldnsd-amd64-13_2.vsf00001.cpt.za.honeyguide.net] [8/8] Extracting syslog-ng-4.2.0: .......... done
Compiling glib schemas
No schema files found: doing nothing.
Generating GIO modules cache
=====
Message from python39-3.9.17:

--
Note that some standard Python modules are provided as separate ports
as they require additional dependencies. They are available as:

py39-gdbm       databases/py-gdbm@py39
py39-sqlite3    databases/py-sqlite3@py39
py39-tkinter    x11-toolkits/py-tkinter@py39
=====
Message from syslog-ng-4.2.0:

--
syslog-ng is now installed!  To replace FreeBSD's standard syslogd
(/usr/sbin/syslogd), complete these steps:

1. Create a configuration file named /usr/local/etc/syslog-ng.conf
   (a sample named syslog-ng.conf.sample has been included in
   /usr/local/etc). Note that this is a change in 2.0.2
   version, previous ones put the config file in
   /usr/local/etc/syslog-ng/syslog-ng.conf, so if this is an update
   move that file in the right place

2. Configure syslog-ng to start automatically by adding the following
   to /etc/rc.conf:

        syslog_ng_enable="YES"

3. Prevent the standard FreeBSD syslogd from starting automatically by
   adding a line to the end of your /etc/rc.conf file that reads:

        syslogd_enable="NO"

4. Shut down the standard FreeBSD syslogd:

     kill `cat /var/run/syslog.pid`

5. Start syslog-ng:

     /usr/local/etc/rc.d/syslog-ng start
Step 22: Clean package installation
Nothing to do.
Step 23: Clean cook artifacts
Step 24: Install pot local
Step 25: Set file ownership on cook scripts
Step 26: Make cook script executable
setting executable bit on /usr/local/bin/cook
Step 27: Create rc.d script to start cook
creating rc.d script to start cook
Step 28: Make rc.d script to start cook executable
Setting executable bit on cook rc file
Step 29: Enable cook service
enabling cook
cook enabled in /etc/rc.conf
=====>  Stop the pot rbldnsd-amd64-13_2
=====>  Remove p464fb740dad2f epair network interfaces
=====>  unmount /mnt/srv/pot/jails/rbldnsd-amd64-13_2/m/tmp
=====>  unmount /mnt/srv/pot/jails/rbldnsd-amd64-13_2/m/dev
===>  exporting rbldnsd-amd64-13_2 @ 1694200904 to /tmp/rbldnsd-amd64-13_2_0.10.1.xz
xz: Reduced the number of threads from 4 to 3 to not exceed the memory usage limit of 503 MiB

This site © Honeyguide Group (Pty) Ltd, all the hosted software their respective license owners 2020 - 2021 - Disclaimer