====== BSD ======
* [[http://www.netlife.co.za/content/view/34/34/|BSD Dual Wan Router (pfsense)]]
* [[http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-building.html|Building and Installing a Custom Kernel]]
* [[http://taosecurity.blogspot.com/2008/12/ossec-and-pf-on-freebsd-to-limit-ssh.html|OSSEC and Pf on FreeBSD to Limit SSH Brute Forcing]]
* [[http://rop.gonggri.jp/?p=269|FreeWDE - FreeBSD with Whole Disk Encryption]]
===== FreeBSD =====
==== Network stuff ====
**Forcing link speed**
ifconfig em0 media 100BaseFX mediaopt full-duplex
^parameter^description^
|**autoselect**|Enables auto-negotiation for speed and duplex.|
|**10baseT/UTP**|Sets 10Mbps operation. Use the mediaopt option to select full-duplex mode.|
|**100baseTX**|Sets 100Mbps operation. Use the mediaopt option to select full-duplex mode.|
|**1000baseSX**|Sets 1000Mbps operation. Only full-duplex mode is supported at this speed.|
|**1000baseTX**|Sets 1000Mbps operation. Only full-duplex mode is supported at this speed.|
|**full-duplex**|Forces full-duplex operation|
|**half-duplex**|Forces half-duplex operation.|
**working with routes (print routing table)**
netstat -rn
**creating interface vlans**
ifconfig vlan0 create
ifconfig vlan0 vlan 4 vlandev fxp0
ifconfig vlan0 inet a.a.a.a netmask x.x.x.x up
**Globetrotter UMTS Card**
cd /usr/ports/comm/hso-kmod/
make install clean
kldload hso
hsoctl -n -a internet -p PIN hso0 -u mobitel -k internet
There is a problem with the code used from ports (at least for me it was).
If you'll get disconnected right after connection, go to http://www.shapeshifter.se/code/hso/ and download/install the code manually.
It's pretty trivial so no problems with it.
**Firewalling**
ipfw list
**Firewalling IPv6**
Below some rules of implementing firewall in FreeBSD. //Using IPFW (please compile your kernel, if it’s not supported).// It’s easy as IPv4.
# Simple Firewall :
(allow network 2404:170::/32 to any host)
ip6fw add 100 allow all from 2404:170::/32 to any in via fxp0
(allow network 2001:dc6::/32 to any host)
ip6fw add 200 allow all from 2001:dc6::/32 to any in via fxp0
(allow all ipv6 to host 2404:170:ee02::10)
ip6fw add 300 allow all from :: to 2404:170:ee02:ee02::10 in via fxp0
(deny other all traffic).
ip6fw add 1000 deny all from any to any in via fxp0
**FreeBSD GRE tunnels**
b0x# kldstat
Id Refs Address Size Name
1 5 0xc0400000 34f898 kernel
2 14 0xc0750000 56270 acpi.ko
3 1 0xc0c97000 1c000 ipl.ko
4 1 0xc15ef000 4000 if_gre.ko
# kldload if_gre.ko
# sysctl -w net.inet.ip.gre_default_mtu=1450
# ifconfig gre1 create
# ifconfig gre1 tunnel 217.154.12.2 212.25.240.34
# ifconfig gre1 mtu 1450
# ifconfig gre1 inet 10.1.12.38 10.1.12.37 netmask 255.255.255.252
# ifconfig gre1 up
or
# ifconfig gre1 inet 10.1.12.37 10.1.12.38 netmask 255.255.255.252 up
# /usr/sbin/greconfig -i gre1 -v -s 212.25.240.34 -d 217.154.12.2
===== OpenBSD =====
* [[http://www.openbsd.org/faq/pf/carp.html|Firewall Redundancy with CARP and pfsync]]
* [[http://www.benzedrine.cx/ackpri.html|Prioritizing empty TCP ACKs with pf and ALTQ]]
**Manual IPv6 configuration**
ifconfig rl0 inet6 2001:470:1f01:115::4 prefixlen 64 # add address
ifconfig rl0 inet6 2001:470:1f01:115::4 delete # remove address
route -n add -inet6 default 2001:470:1f01:115::1 # default route
===== NetBSD =====
**Basic config:**
ifconfig tlp0 inet6 2001:470:1f01:115::8 prefixlen 64 # add address
ifconfig tlp0 inet6 2001:470:1f01:115::8 delete # remove address
route add -inet6 default default_ip6_gateway_addr # default route
**Setting up an IPv6-over-IPv4 tunnel:**
ifconfig gif0 create
ifconfig gif0 tunnel local_ip4_addr remove_ip4_addr
ifconfig gif0 inet6 local_ip6_addr remote_ip6_addr prefixlen /128
For more information on IPv6 and NetBSD, please consult the [[http://www.netbsd.org/Documentation/network/ipv6/|NetBSD IPv6 Networking FAQ]]
===== FruBSD =====
Going through heavy developing phase ...