From owner-freebsd-questions Sat Sep 23 19:41:17 2000 Delivered-To: freebsd-questions@freebsd.org Received: from [208.200.134.24] (chicago.reveregroup.com [208.200.134.24]) by hub.freebsd.org (Postfix) with SMTP id 4A32B37B42C for ; Sat, 23 Sep 2000 19:41:10 -0700 (PDT) Received: from MAIN by [208.200.134.24] via smtpd (for hub.FreeBSD.org [216.136.204.18]) with SMTP; 24 Sep 2000 02:41:10 UT Received: by main.reveregroup.com(Lotus SMTP MTA v4.6.6 (890.1 7-16-1999)) id 86256964.000E919B ; Sat, 23 Sep 2000 21:39:07 -0500 X-Lotus-FromDomain: REVERE From: mgruver@reveregroup.com To: FreeBSD-questions@FreeBSD.ORG Cc: janko@compuserve.com, dleal@webvolution.net Message-ID: <86256964.000E9189.00@main.reveregroup.com> Date: Sat, 23 Sep 2000 22:37:28 -0400 Subject: Re: LAN question Mime-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Disposition: inline Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG You know, I think you are right (if fact I am sure your are because the previous step reminds you of this every time), but I don't know why or what the "make depend" does. Greg Lehey doesn't have this step in his book, so when I saw the prompt I made the decision to follow the book and ignore it. I haven't noticed anything wrong yet. Can anyone tell me what will go wrong and when? Mike Janko wrote: Between step 7 and 8 should be a step 7a. "make depend" isn't it? ===Janko van Roosmalen - Vught - Netherlands=== On Sat, 23 Sep 2000 mgruver@reveregroup.com wrote: > > Daniel, > > You have asked a question that I have had for over two months. I also am a > FreeBSD Newbie. However, I have had the assistance of several people, including > Greg Lehey. Everyone has been very helpful. I can't help you with the PPP > configuration because I don't use that. I have a cable modem (I highly > recommend one, if you have the means). > > But I can perhaps help with the other parts. Here is what I would suggest: > > 1. Get the PPP connection (that is the dialup configuration with your modem) to > your ISP working first. If you haven't got that going yet, I suggest just > posting that as the first question. > > 2. Once you can get to your ISP through the modem using FreeBSD then you are > ready to configure the NAT and Firewall. If you have FreeBSD 4.1 installed the > first thing you want to do is make sure you have the source files in > /usr/src/sys/. You can check by doing a "cd /usr/src/sys/" and then doing the > command "ls" you should see the i386 directory in there, if not you will need to > load it using the /stand/sysinstall from the root. > > 3. The next thing is to recompile the Kernel using the IPFIREWALL, IPDIVERT, > and IPFIREWALL_DEFAULT_TO_ACCEPT options. We start this by a "cd > /usr/src/sys/i386/conf", and then "cp GENERIC MYCUSTOM" this will copy the > Generic FreeBSD Kernel configuration file to one named MYCUSTOM. You can name > it anything you want, however it is a unix tradition to use all caps. > > 4. After copying the kernel source we will modify it using vi or you favorite > editor. "vi MYCUSTOM". > > 5. Once you have the kernel source in the editor we are going to page down > through the options section and at the bottom insert a line the the "o" key and > add three: > > options IPFIREWALL > options IPDIVERT > options IPFIREWALL_DEFAULT_TO_ACCEPT > > the save the file with a ":wq" and we are ready to compile it. > > 6. type in "/usr/sbin/config -g MYCUSTOM > This will configure the new kernel file > > 7. next type in "cd ../../compile/MYCUSTOM > this will change to the compilation directory 7a. type "make depend" > > 8. the type in "make" > this will make the new kernel and probably take as long as an hour or so (at > least it does on my old P90 server). > > 9. When the make finishes and you are back to the # prompt type in "make > install" to install the new kernel. > > 10. Boot the new kernel with the "shutdown -r now" > > 11. You will now need to copy the /etc/rc.conf file and edit the original like > "cp /etc/rc.conf /etc/rc.conf.0923" and then "vi /etc/rc.conf" > > 12. we are going to add the following file to the /etc/ directory: > vi /etc/natd.conf > dynamic yes > use_sockets yes > same_ports yes > > 13. we are going to add the following keywords: > gateway_enabled="YES" > firewall_enabled-"YES" > firewall_type="open" > natd_enabled="YES" > natd_interface="" > natd_flags="-f /etc/natd.conf" > > 14. You might want to load a proxy server for http. I would suggest going back > to the /stand/sysinstall in the ports and loading tinyproxy 1.3.3 go to > www.freebsd.org and go to the ports and read the description and go to the web > site. I loaded it as a daemon in the /usr/local/rc.d/tinyproxy.sh on startup. > The command is "/usr/local/sbin/tinyproxy -a Host: -a Authorization:" > > If you need help creating the .sh file in the rc.d directory let me know. A > cool guy name Janko Van Roosmalen helped me with that. I can forward you the > instructions. > > That should get you going. If you don't understand anything, email me for > clarification. Don't mess up your kernel, dude. Be careful! > > Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message