Date: Fri, 7 Jun 2002 09:16:03 +0300 (EEST) From: Alexander V Zubchenko <stalker@hermes-comp.zp.ua> To: Corey Snow <corey@snowpoint.com> Cc: <freebsd-newbies@freebsd.org>, <freebsd-questions@freebsd.org> Subject: Re: Bridging Firewall Message-ID: <20020607090727.L60781-100000@server.hermes-comp.zp.ua> In-Reply-To: <3CFFB86C.31738.5BECA9F@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
Greetings! On Thu, 6 Jun 2002, Corey Snow wrote: > So I'm being a total masochist. I've never used FreeBSD before, and > got it installed on a truly ancient 486 DX2/66 with 32 MB RAM No You are not. My first FreeBSD box was 486DX2/80 with 8 MB RAM and it was really fast. I even worked with X wthout _very_ annoying delays ;-) > yesterday night. It seems to run well (a helluva lot faster than I > thought it would on such ancient hardware) and I'm pleased so far. > I'm reasonably certain it can handle what I want it to do, based on > the research I've done. I was surprised at how little horsepower it > takes to run a decent firewall. If You are not using X, RDBMS or other processor/memory consuming processes like this, real min to run at acceptable speed is 486DX40/8 > > Goal: To add a second NIC to this beast (it has one currently) and > turn it into a bridging firewall using ipfw and the bridging kernel > options. I've never built a custom kernel before, so I'm diving in, > waiting for the appropriate chapters to get spat out of the printer > before going any further. :) Yes, You need to recompile your kernel (this is well documented either in previous answer or in handbook. And b sured to rem/del out any junkj from there (there r a lot of junk in GENERIC kernel). > > Secondary Goal: To add support for my Panasonic CDROM drive, which is > accessed through an old Creative Labs SoundBlaster. I don't care > about sound support, and I haven't installed X (don't need it on a > firewall box) so the only reason the card is in the machine is that > it can't be driven by any other type of card (even though it has a 40- > pin interface like an IDE drive- that was quite annoying). Get a look at supported hardware list. It is in Handbook also. AFAIR, Panasonic CD-ROM is supported, but this also depend on fbsd version (of course ;)) > > I think I'm pretty comfortable with the process as described, and > worst-case is I have to blow my install away and start over (no big > deal at this stage). However, there's one question I'm not certain > about. > > If I want to add a second ISA Ethernet NIC (I have two GeniusLAN > 10BaseT NICS that work as NE2000 NICS) do I have to run the MAKEDEV > shell script before or after rebuilding the kernel, or does it > matter? I assume it's after, from what I've read. Anyway, the plan is > to back up my kernel, follow the directions on the web site and > configure an new one, rebuild, then use MAKEDEV to add the second > NIC. After that, assuming it all goes well, I guess I'll start > playing with bridging and the firewall rules on a dummy network I > have here. No, You shouldn't to play with MAKEDEV, because NIC devices is virtual. They r not present in /dev or any other place, excepting kernel mind ;) Just rebuild kernel, check info on bootstage and ifconfig appropriate device... > > Comments, suggestions, and/or belly laughs at my ignorance would be > appreciated. :) > > Thanks, > > Corey Snow > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > Always at your service, Alexander To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020607090727.L60781-100000>