From owner-freebsd-questions@FreeBSD.ORG Wed May 21 04:07:57 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 44B9737B401 for ; Wed, 21 May 2003 04:07:57 -0700 (PDT) Received: from stjohn.stjohn.ac.th (stjohn.stjohn.ac.th [202.21.144.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1634E43F3F for ; Wed, 21 May 2003 04:07:55 -0700 (PDT) (envelope-from mcrogerm@stjohn.ac.th) Received: from tulip.stjohn.ac.th ([203.151.134.104]) by stjohn.stjohn.ac.th (8.9.3+Sun/8.9.3) with ESMTP id SAA19666 for ; Wed, 21 May 2003 18:06:12 +0700 (ICT) Message-Id: <5.2.0.9.0.20030521174604.00a28720@127.0.0.1> X-Sender: stjohn.stjohn.ac.th:mcrogerm@127.0.0.1 X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9 Date: Wed, 21 May 2003 18:04:22 +0700 To: freebsd-questions@FreeBSD.ORG From: Roger Merritt Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Subject: 5.0-RELEASE missing info X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 May 2003 11:07:57 -0000 I hope I'm sending this to the right list. If not, please tell me (suggest?) a more appropriate list. Because of a power supply problem that is taking a long time to fix, I recently had to set up a replacement server (gateway for a LAN). Naturally I chose to set up FreeBSD. Since it was urgent and ordering a CD by mail would take at least a week, I downloaded by ftp. Hope I don't have to do that again soon. Anyway, I followed the instructions in the Handbook, which pointed me to ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/i386/5.0-RELEASE/floppies/. OK, I noticed that "5.0-RELEASE" in there, but I've seen a number of comments in this list that 5.0 is going to be the next STABLE so figured I might as well go ahead. OK, so I successfully installed 5.0-RELEASE by ftp. Then I went to /usr/src/sys/i386/conf to set up my kernel configuration file. To my astonishment, there was no LINT file. Instead there was something called NOTES! And you know what? NOTES does not show a single network option. Luckily the man page for natd (which I need to use) mentions that you have to recompile the kernel with "options IPFIREWALL and options IPDIVERT", or I could have gotten the options from my 4.8-STABLE configuration file, but there was nothing in the GENERIC configuration file or in NOTES to tell me whether or not these options were acceptable. So after sweating for a while I went ahead and added options IPFIREWALL, options IPFIREWALL_VERBOSE, and options IPDIVERT at the end of my configuration file and compiled and installed the new kernel and IT WORKED!!! But I'm still irked by the fact that there is NO mention of what networking options are available or necessary. In my case, I've installed FreeBSD several times over the last few years and have learned about the need to recompile the kernel, but how are newcomers going to find out about this? The sysinstall script gives the impression that the firewall is enabled during installation, but in fact it's not. You get a GENERIC kernel with no way to send packets out -- deny by default! Does this seem like something that should be brought to somebody's attention, or am I just over-dramatizing things? -- Roger