Setup
This page describes a minimal setup for using the PCM-4823l as a Free BSD router with some additional services running on. You won’t believe: Just now you are surfing the gagne.homedns.org network served by it ;-)
Kernel configuration
# # Derived from GENERIC/5.1-RELEASE # Config for PCM-4823l with IPF, PLIP # machine i386 cpu I486_CPU ident PCM-4823l-IPF-PLIP-SMI # Firewall options IPFILTER options IPFILTER_DEFAULT_BLOCK options TCP_DROP_SYNFIN options SCHED_4BSD #4BSD scheduler options INET #InterNETworking options FFS #Berkeley Fast Filesystem options SOFTUPDATES #Enable FFS soft updates support options UFS_ACL #Support for access control lists options UFS_DIRHASH #Improve performance on big directories options MD_ROOT #MD is a potential root device options CD9660 #ISO 9660 Filesystem options PSEUDOFS #Pseudo-filesystem framework options COMPAT_43 #Compatible with BSD 4.3 [KEEP THIS!] options COMPAT_FREEBSD4 #Compatible with FreeBSD4 options SCSI_DELAY=15000 #Delay (in ms) before probing SCSI options KTRACE #ktrace(1) support options SYSVSHM #SYSV-style shared memory options SYSVMSG #SYSV-style message queues options SYSVSEM #SYSV-style semaphores options _KPOSIX_PRIORITY_SCHEDULING #Posix P1003_1B real-time extensions options KBD_INSTALL_CDEV # install a CDEV entry in /dev device isa # ATA and ATAPI devices device ata device atadisk # ATA disk drives device atapicd # ATAPI CDROM drives options ATA_STATIC_ID #Static device numbering # atkbdc0 controls both the keyboard and the PS/2 mouse device atkbdc # AT keyboard controller device atkbd # AT keyboard # syscons is the default console driver, resembling an SCO console device sc device vga # VGA video card driver # Floating point support - do not disable. device npx # Power management support (see NOTES for more options) device apm # Add suspend/resume support for the i8254. device pmtimer # Parallel port device ppc device ppbus # Parallel port bus (required) device plip # TCP/IP over parallel device ppi # Parallel port interface device # ISA Ethernet NICs. pccard nics included. device miibus # MII bus support device ed # NE[12]000, SMC Ultra, 3c503, DS8390 cards # Pseudo devices - the number indicates how many units to allocate. device random # Entropy device device loop # Network loopback device ether # Ethernet support device sl # Kernel SLIP device ppp # Kernel PPP device tun # Packet tunnel. device pty # Pseudo-ttys (telnet etc) device md # Memory "disks" device gif # IPv6 and IPv4 tunneling device faith # IPv6-to-IPv4 relaying (translation) # The `bpf' device enables the Berkeley Packet Filter. # Be aware of the administrative consequences of enabling this! device bpf # Berkeley packet filter
Ports installed:
- /lang/mawk
- /print/latex
- /print/dvips
- /security/clamav (with WITH_MILTER)
- /security/openssh-portable (with WITH_OPENSSH_CHROOT)
- /www/thttpd
- /mail/fetchmail
Syscontrol is set to:
## Don't see others procs security.bsd.see_other_uids=0 ## Dir hashing, save ram vfs.vmiodirenable=0 ## Net performance and security net.inet.tcp.recvspace=32768 net.inet.udp.recvspace=16384 net.inet.raw.recvspace=4096 net.inet.tcp.slowstart_flightsize=1 net.inet.tcp.inflight_enable=1 net.inet.tcp.inflight_min=8192 net.inet.ip.check_interface=1 net.inet.tcp.blackhole=2 net.inet.udp.blackhole=1 ## Swap idle procs vm.swap_idle_enabled=1 ## Throttle kern.maxprocperuid=512
Make.conf looks like:
# Make.conf for use with 4823l PERL_VER=5.6.1 PERL_VERSION=5.6.1 PERL_ARCH=mach NOPERL=yo NO_PERL=yo NO_PERL_WRAPPER=yo CPUTYPE=i486 CFLAGS=-m486 -march=i486 -mcpu=i486 COPTFLAGS=-m486 -march=i486 -mcpu=i486