From owner-freebsd-questions@FreeBSD.ORG Fri Jun 7 22:54:42 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id ABDC71F6 for ; Fri, 7 Jun 2013 22:54:42 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx01.qsc.de (mx01.qsc.de [213.148.129.14]) by mx1.freebsd.org (Postfix) with ESMTP id 754041933 for ; Fri, 7 Jun 2013 22:54:42 +0000 (UTC) Received: from r56.edvax.de (port-92-195-136-185.dynamic.qsc.de [92.195.136.185]) by mx01.qsc.de (Postfix) with ESMTP id C88003D17A; Sat, 8 Jun 2013 00:54:34 +0200 (CEST) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id r57MsiGb002860; Sat, 8 Jun 2013 00:54:44 +0200 (CEST) (envelope-from freebsd@edvax.de) Date: Sat, 8 Jun 2013 00:54:44 +0200 From: Polytropon To: Norman Khine Subject: Re: custom kernel installation Message-Id: <20130608005444.6741d6cd.freebsd@edvax.de> In-Reply-To: References: Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: Polytropon List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Jun 2013 22:54:42 -0000 On Sat, 8 Jun 2013 00:37:02 +0200, Norman Khine wrote: > hello, > i have a dedicated server from OVH and have updated freebsd to 9.1 and want > to enable IPFW in the kernel as this is not enabled. Why not use the module for this? For many years now, you do not need a custom kernel if you want to use IPFW (which _had_ to be compiled into the kernel in the past). Use # kldload ipfw.ko and maybe # kldload ipfw_nat.ko if it's just about having IPFW. Of course, if explicitely having it _in_ the kernel is your objective, unread this comment. :-) > the way i updated the system was to copy /boot/kernel.old to /boot/GENERIC > then followed ch25 > http://www.freebsd.org/doc/en/books/handbook/updating-upgrading-freebsdupdate.htmlthis > went well and the system is up to date. So you did freebsd-update to update to 9.1-RELEASE. > so i got the 9.1 sources and now in /usr/src/sys/amd64/conf i have a > GENERIC file, but this is too generic, besides i don't have access to the > physical box. This file is what the GENERIC kernel (distributed with the OS) has been generated from. Use it as a template for your own custom kernel. > what will be the correct way to include the IPFW to existing /boot/kernel > is there a way to generate the GENERIC file from the existing loaded kernel? No, you can simply copy it and then make changes. For example: # cd /usr/src/sys/amd64/conf # cp GENERIC MYKERNEL (or use any other descriptive name) # vi MYKERNEL (make changes as desired, then :wq) # cd /usr/src # make buildkernel KERNCONF=MYKERNEL # make installkernel KERNCONF=MYKERNEL # reboot Keep in mind that kernel and world have to be in sync version-wise! Regarding IPFW, you will probably add lines like the following: options DUMMYNET options IPFIREWALL options IPFIREWALL_DEFAULT_TO_ACCEPT options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=500 options IPFILTER options IPDIVERT Of course you can also remove lines for hardware you don't have in your box, like trimming the support for NICs or SCSI controllers and the like. :-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...