Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
bsd [2006/08/25 11:54]
a
bsd [2010/06/08 13:50] (current)
a + FreeWDE - FreeBSD with Whole Disk Encryption
Line 1: Line 1:
 ====== BSD ====== ====== BSD ======
 +<html><div float=right></html> 
 +<box 60% round orange right|**BSD related links**> 
 +   * [[http://www.netlife.co.za/content/view/34/34/|BSD Dual Wan Router (pfsense)]] 
 +   * [[http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-building.html|Building and Installing a Custom Kernel]] 
 +   * [[http://taosecurity.blogspot.com/2008/12/ossec-and-pf-on-freebsd-to-limit-ssh.html|OSSEC and Pf on FreeBSD to Limit SSH Brute Forcing]] 
 +   * [[http://rop.gonggri.jp/?p=269|FreeWDE - FreeBSD with Whole Disk Encryption]] 
 +</box> 
 +<html></div></html>
 ===== FreeBSD ===== ===== FreeBSD =====
-[[http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-building.html|Building and Installing a Custom Kernel]]+  
 + 
 + 
 + 
  
 ==== Network stuff ==== ==== Network stuff ====
Line 25: Line 36:
   ifconfig vlan0 vlan 4 vlandev fxp0   ifconfig vlan0 vlan 4 vlandev fxp0
   ifconfig vlan0 inet a.a.a.a netmask x.x.x.x up   ifconfig vlan0 inet a.a.a.a netmask x.x.x.x up
 +
 +**Globetrotter UMTS Card**
 +  cd /usr/ports/comm/hso-kmod/
 +  make install clean
 +  kldload hso
 +  hsoctl -n -a internet -p PIN hso0 -u mobitel -k internet
 +  
 +  There is a problem with the code used from ports (at least for me it was). 
 +  If you'll get disconnected right after connection, go to http://www.shapeshifter.se/code/hso/ and download/install the code manually. 
 +  It's pretty trivial so no problems with it. 
  
 **Firewalling** **Firewalling**
  
   ipfw list   ipfw list
 +
 +**Firewalling IPv6**
 +Below some rules of implementing firewall in FreeBSD. //Using IPFW (please compile your kernel, if it’s not supported).// It’s easy as IPv4.
 +
 +<code>
 +# Simple Firewall :
 +(allow network 2404:170::/32 to any host)
 +ip6fw add 100 allow all from 2404:170::/32 to any in via fxp0
 +
 +(allow network 2001:dc6::/32 to any host)
 +ip6fw add 200 allow all from 2001:dc6::/32 to any in via fxp0
 +
 +(allow all ipv6 to host 2404:170:ee02::10)
 +ip6fw add 300 allow all from :: to 2404:170:ee02:ee02::10 in via fxp0
 +
 +(deny other all traffic).
 +ip6fw add 1000 deny all from any to any in via fxp0
 +</code>
 +
 +**FreeBSD GRE tunnels**
 +
 +<code>
 +b0x# kldstat
 +Id Refs Address Size Name
 +1 5 0xc0400000 34f898 kernel
 +2 14 0xc0750000 56270 acpi.ko
 +3 1 0xc0c97000 1c000 ipl.ko
 +4 1 0xc15ef000 4000 if_gre.ko
 +
 +# kldload if_gre.ko
 +# sysctl -w net.inet.ip.gre_default_mtu=1450
 +# ifconfig gre1 create
 +# ifconfig gre1 tunnel 217.154.12.2 212.25.240.34
 +# ifconfig gre1 mtu 1450
 +# ifconfig gre1 inet 10.1.12.38 10.1.12.37 netmask 255.255.255.252
 +# ifconfig gre1 up
 +<code>
 +
 +or
 +
 +   # ifconfig gre1 inet 10.1.12.37 10.1.12.38 netmask 255.255.255.252 up
 +   # /usr/sbin/greconfig -i gre1 -v -s 212.25.240.34 -d 217.154.12.2
 +
  
 ===== OpenBSD ===== ===== OpenBSD =====
 +   * [[http://www.openbsd.org/faq/pf/carp.html|Firewall Redundancy with CARP and pfsync]]
 +   * [[http://www.benzedrine.cx/ackpri.html|Prioritizing empty TCP ACKs with pf and ALTQ]]
 +
 +**Manual IPv6 configuration** 
 +
 +   ifconfig rl0 inet6 2001:470:1f01:115::4 prefixlen 64  # add address
 +   ifconfig rl0 inet6 2001:470:1f01:115::4 delete        # remove address
 +   route -n add -inet6 default 2001:470:1f01:115::     # default route
 +
 +
 +
 ===== NetBSD ===== ===== NetBSD =====
 +
 +**Basic config:**
 +
 +   ifconfig tlp0 inet6 2001:470:1f01:115::8 prefixlen 64  # add address
 +   ifconfig tlp0 inet6 2001:470:1f01:115::8 delete        # remove address
 +   route add -inet6 default default_ip6_gateway_addr      # default route
 +
 +**Setting up an IPv6-over-IPv4 tunnel:**
 +
 +   ifconfig gif0 create
 +   ifconfig gif0 tunnel local_ip4_addr remove_ip4_addr
 +   ifconfig gif0 inet6 local_ip6_addr remote_ip6_addr prefixlen /128
 +
 +For more information on IPv6 and NetBSD, please consult the [[http://www.netbsd.org/Documentation/network/ipv6/|NetBSD IPv6 Networking FAQ]]
 +
 ===== FruBSD ===== ===== FruBSD =====
 Going through heavy developing phase ...  Going through heavy developing phase ... 
bsd.1156499695.txt.gz · Last modified: 2009/05/25 00:34 (external edit)
CC Attribution-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0 ipv6 ready