Date: Sun, 28 May 2000 21:25:23 -0400 From: "Crist J. Clark" <cjc@cc942873-a.ewndsr1.nj.home.com> To: John Daniels <jmd526@hotmail.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: 4.0-RELEASE to 4.0-STABLE upgrade Message-ID: <20000528212523.B56917@cc942873-a.ewndsr1.nj.home.com> In-Reply-To: <20000528184808.46909.qmail@hotmail.com>; from jmd526@hotmail.com on Sun, May 28, 2000 at 02:48:08PM -0400 References: <20000528184808.46909.qmail@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, May 28, 2000 at 02:48:08PM -0400, John Daniels wrote: > Thanks for your reply. I just wanted to clarify a point or two. [snip] > > > 3. Oops! I removed /usr/obj *AFTER* the make world, not before. > > > I tried to redo make world but after a few messages (which seemed > > > unimportant) it told me that the proc tables were full. I then > > > compiled and installed a new kernel without any noticeable > > > problems. > > > >If you'd never made world before, there probably was nothing in > >/usr/obj to delete before you got started. > > > Well that's true. This was the first time that I was making world! Any > possible problems from restarting the make world? After a 'make world' or 'make installworld' has completed successfully, there is no reason to buildworld again until the next time you want to remake everything. No need for that stuff to be around for mergemaster or a kernel build. > Later, you wrote: > >If you made the kernel after _installing_ the world (after a 'make > >world' or 'make installworld'), the presence of /usr/obj makes no > >difference. > > In sum, it seems that everything is OK, and the upgrade to -STABLE was > successful. Hurrah! That's good news, but in my newbie ignorance, I was > thinking that the kernel may need some of the /etc, /dev, or /usr/obj files > when it is compiled. Are the linkages to the userland stuff dynamic? (or, > perhaps vis-a-versa: dyanamic links *from* userland to the kernel?) The _new_ kernel does not need anything in /dev or /usr/obj (the running one needs stuff in /dev). You can build a kernel with only the files in /usr/src/sys in fact. As for /etc only /etc/make.conf has an effect, and it should only change _how_ the kernel is compiled, the resulting kernel should be the same. As for dynamic linking, there are lkd(4)'s. They are all of the files under /modules. However, they are not needed at compile time and are only built at a make world, not a typical kernel compile. [snip stuff covered in another thread] > >firewalling is quite easy... figuring out how to make a useful > >ruleset is non-trivial. > > Right now I have a simple system and simple needs. (That will probably > change, though) I just have a single PC connected to a Netopia router, and > I just want to serve web pages, browse the net, send and receive email, and > occasionally download files with ftp. I don't need other services. > > Do I really need a firewall? or do I just need to deny all ports and > connections except what I need? That's pretty much what a filtering firewall does, no? > In any case, it seems that a firewall is > still a good idea if only because I can learn (it's becoming kind of > standard operating procedure). It also seems that it's necessary for > instituting more advanced safety measures like guarding against possible DOS > attacks. Well, all it takes is putting, firewall_enable="YES" firewall_type=<whatever> In your /etc/rc.conf. See the basic rulesets distributed with the system in /etc/rc.firewall and edit them to your satsifaction (once you understand them). > What I am trying to decide now is if ipfw would be sufficient or if I should > use IPfilter (or both - is that possible?). I am thinking that ipfw is > probably enough for now. It _might_ be possible to use both, but it would be a really strange hack to do so. I don't know why anyone would. -- Crist J. Clark cjclark@home.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000528212523.B56917>