From owner-freebsd-questions Sat Sep 23 16:11:50 2000 Delivered-To: freebsd-questions@freebsd.org Received: from pop.hccnet.nl (pop.hccnet.nl [193.172.127.94]) by hub.freebsd.org (Postfix) with ESMTP id 1318237B422 for ; Sat, 23 Sep 2000 16:11:44 -0700 (PDT) Received: from parmenides.utp.net by pop.hccnet.nl via uds7-115.dial.hccnet.nl [193.173.115.7] with ESMTP id BAA01020 (8.8.5/1.13); Sun, 24 Sep 2000 01:11:35 +0200 (MET DST) Received: from localhost (janko@localhost) by parmenides.utp.net (8.9.3/8.9.3) with ESMTP id BAA00909; Sun, 24 Sep 2000 01:11:34 +0200 (CEST) (envelope-from janko@compuserve.com) X-Authentication-Warning: parmenides.utp.net: janko owned process doing -bs Date: Sun, 24 Sep 2000 01:11:34 +0200 (CEST) From: Janko van Roosmalen X-Sender: janko@parmenides.utp.net To: mgruver@reveregroup.com Cc: FreeBSD-questions@FreeBSD.ORG, dleal@webvolution.net Subject: Re: LAN question In-Reply-To: <86256963.0071E0BA.00@main.reveregroup.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Between step 7 and 8 should be a step 7a. "make depend" isn't it? ===Janko van Roosmalen - Vught - Netherlands=== On Sat, 23 Sep 2000 mgruver@reveregroup.com wrote: > > Daniel, > > You have asked a question that I have had for over two months. I also am a > FreeBSD Newbie. However, I have had the assistance of several people, including > Greg Lehey. Everyone has been very helpful. I can't help you with the PPP > configuration because I don't use that. I have a cable modem (I highly > recommend one, if you have the means). > > But I can perhaps help with the other parts. Here is what I would suggest: > > 1. Get the PPP connection (that is the dialup configuration with your modem) to > your ISP working first. If you haven't got that going yet, I suggest just > posting that as the first question. > > 2. Once you can get to your ISP through the modem using FreeBSD then you are > ready to configure the NAT and Firewall. If you have FreeBSD 4.1 installed the > first thing you want to do is make sure you have the source files in > /usr/src/sys/. You can check by doing a "cd /usr/src/sys/" and then doing the > command "ls" you should see the i386 directory in there, if not you will need to > load it using the /stand/sysinstall from the root. > > 3. The next thing is to recompile the Kernel using the IPFIREWALL, IPDIVERT, > and IPFIREWALL_DEFAULT_TO_ACCEPT options. We start this by a "cd > /usr/src/sys/i386/conf", and then "cp GENERIC MYCUSTOM" this will copy the > Generic FreeBSD Kernel configuration file to one named MYCUSTOM. You can name > it anything you want, however it is a unix tradition to use all caps. > > 4. After copying the kernel source we will modify it using vi or you favorite > editor. "vi MYCUSTOM". > > 5. Once you have the kernel source in the editor we are going to page down > through the options section and at the bottom insert a line the the "o" key and > add three: > > options IPFIREWALL > options IPDIVERT > options IPFIREWALL_DEFAULT_TO_ACCEPT > > the save the file with a ":wq" and we are ready to compile it. > > 6. type in "/usr/sbin/config -g MYCUSTOM > This will configure the new kernel file > > 7. next type in "cd ../../compile/MYCUSTOM > this will change to the compilation directory 7a. type "make depend" > > 8. the type in "make" > this will make the new kernel and probably take as long as an hour or so (at > least it does on my old P90 server). > > 9. When the make finishes and you are back to the # prompt type in "make > install" to install the new kernel. > > 10. Boot the new kernel with the "shutdown -r now" > > 11. You will now need to copy the /etc/rc.conf file and edit the original like > "cp /etc/rc.conf /etc/rc.conf.0923" and then "vi /etc/rc.conf" > > 12. we are going to add the following file to the /etc/ directory: > vi /etc/natd.conf > dynamic yes > use_sockets yes > same_ports yes > > 13. we are going to add the following keywords: > gateway_enabled="YES" > firewall_enabled-"YES" > firewall_type="open" > natd_enabled="YES" > natd_interface="" > natd_flags="-f /etc/natd.conf" > > 14. You might want to load a proxy server for http. I would suggest going back > to the /stand/sysinstall in the ports and loading tinyproxy 1.3.3 go to > www.freebsd.org and go to the ports and read the description and go to the web > site. I loaded it as a daemon in the /usr/local/rc.d/tinyproxy.sh on startup. > The command is "/usr/local/sbin/tinyproxy -a Host: -a Authorization:" > > If you need help creating the .sh file in the rc.d directory let me know. A > cool guy name Janko Van Roosmalen helped me with that. I can forward you the > instructions. > > That should get you going. If you don't understand anything, email me for > clarification. Don't mess up your kernel, dude. Be careful! > > Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message