User Tools
freebsd:nanobsd_router
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
|
freebsd:nanobsd_router [2015/02/12 10:01] tschulz created |
freebsd:nanobsd_router [2015/02/12 15:57] (current) tschulz [Misc Nanobsd notes] |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== NanoBSD Router ====== | ====== NanoBSD Router ====== | ||
| - | ===== Headline ===== | + | ===== Notes ===== |
| + | * The following configs and files should make a diskimage for a 1GB CF card in use with a Soekris 4801 or better. | ||
| + | * It was designed to work with a 5 ethernet port variant. | ||
| + | * You will need to build this on **FreeBSD 10.1 32bit**. | ||
| + | * port speed is set to **115200** | ||
| + | * root password is set to "pwd" | ||
| + | * When the build process will create a image file **/usr/obj/nanobsd.seokris/nanobsd_seokris.img**. | ||
| + | * Write this file to a CF card using **dd** or something simular | ||
| - | <file> | + | ==== Misc Nanobsd notes ==== |
| + | * by default nanobsd.sh rebuilds world and kernel every build to reuse existing world and kernel builds use the **-b** swtich <file>./nanobsd.sh -c seokris.nano -b</file> | ||
| + | * [[http://bsdrp.net/documentation/technical_docs/nanobsd|Super Handy nanobsd reference]] | ||
| + | * [[https://www.freebsd.org/doc/en/articles/nanobsd/howto.html|Not a terribly usful nanobsd howto]] | ||
| + | * [[https://www.freebsd.org/cgi/man.cgi?query=nanobsd|nanobsd.sh man page]] | ||
| + | ===== seokris.nano (nano BSD build definition) ===== | ||
| + | |||
| + | <file bash seokris.nano> | ||
| NANO_NAME=seokris | NANO_NAME=seokris | ||
| NANO_SRC=/usr/src | NANO_SRC=/usr/src | ||
| Line 37: | Line 51: | ||
| </file> | </file> | ||
| + | ===== Fix nanobsd.sh ===== | ||
| + | I had to comment out **exit 2** on line 849 of **/usr/src/tools/tools/nanobsd/nanobsd.sh** | ||
| + | <file bash /usr/src/tools/tools/nanobsd/nanobsd.sh> | ||
| + | ... | ||
| + | elif [ $now -eq $have ] ; then | ||
| + | echo "FAILED: Nothing happened on this pass" | ||
| + | #exit 2 | ||
| + | break | ||
| + | fi | ||
| + | ... | ||
| + | </file> | ||
| + | |||
| + | ===== Kernel Config ===== | ||
| + | <file kernel /usr/src/sys/i386/conf/NANO> | ||
| + | ... | ||
| + | ident NANO | ||
| + | |||
| + | options IPSEC #IP security | ||
| + | device crypto | ||
| + | options ALTQ | ||
| + | options ALTQ_CBQ # Class Based Queuing (CBQ) | ||
| + | options ALTQ_RED # Random Early Detection (RED) | ||
| + | options ALTQ_RIO # RED In/Out | ||
| + | options ALTQ_HFSC # Hierarchical Packet Scheduler (HFSC) | ||
| + | options ALTQ_PRIQ # Priority Queuing (PRIQ) | ||
| + | |||
| + | #makeoptions DEBUG=-g # Build kernel with gdb(1) debug symbols | ||
| + | ... | ||
| + | </file> | ||
| + | |||
| + | ===== Packages ===== | ||
| + | {{:freebsd:pkg.tar|Download}} the package arch and extract it to **/Pkg** on the build machine. | ||
| + | e.g. <file> | ||
| + | tar xvpf pkg.tar -C / | ||
| + | </file> | ||
| + | |||
| + | |||
| + | |||
| + | ===== Misc Config Files ===== | ||
| + | |||
| + | <file bash /usr/src/tools/tools/nanobsd/Files/boot/loader.conf > | ||
| + | comconsole_speed="115200" | ||
| + | </file> | ||
| + | |||
| + | <file bash /usr/src/tools/tools/nanobsd/Files/etc/rc.conf> | ||
| + | sendmail_enable="NONE" | ||
| + | hostname="fw1.local" | ||
| + | gateway_enable="YES" | ||
| + | pf_enable="YES" | ||
| + | pflog_enable="YES" | ||
| + | pfnat_enable="YES" | ||
| + | sshd_enable="YES" | ||
| + | |||
| + | cloned_interfaces="bridge0" | ||
| + | ifconfig_bridge0="addm sis0 addm sis1 addm sis2 addm sis3 up" | ||
| + | ifconfig_bridge0_alias0="inet 192.168.116.1 netmask 255.255.255.0" | ||
| + | ifconfig_sis0="up" | ||
| + | ifconfig_sis1="up" | ||
| + | ifconfig_sis2="up" | ||
| + | ifconfig_sis3="up" | ||
| + | |||
| + | ifconfig_sis4="DHCP" | ||
| + | |||
| + | dhcpd_enable="YES" | ||
| + | dhcpd_ifaces="bridge0" | ||
| + | </file> | ||
| + | |||
| + | <file bash /usr/src/tools/tools/nanobsd/Files/etc/pf.conf> | ||
| + | ext_if = "sis4" # macro for external interface - use tun0 for PPPoE | ||
| + | int_if = "bridge0" # macro for internal interface | ||
| + | localnet = $int_if:network | ||
| + | |||
| + | # ext_if IP address could be dynamic, hence ($ext_if) | ||
| + | nat on $ext_if from $localnet to any -> ($ext_if) | ||
| + | |||
| + | #block all | ||
| + | pass from { lo0, $localnet } to any keep state | ||
| + | </file> | ||
| + | |||
| + | <file bash /usr/src/tools/tools/nanobsd/Files/etc/ppp/ppp.conf> | ||
| + | WCTA: | ||
| + | set device PPPoE:sis4 | ||
| + | set authname YOURLOGINNAME@wcta.net | ||
| + | set authkey YOURPASSWORD | ||
| + | set dial | ||
| + | set login | ||
| + | add default HISADDR | ||
| + | |||
| + | |||
| + | SEBEKA: | ||
| + | set authname username | ||
| + | set authkey password | ||
| + | set timeout 0 | ||
| + | set ifaddr 0 0 | ||
| + | add 10.1.0.0/22 hisaddr | ||
| + | alias enable yes | ||
| + | </file> | ||
| + | |||
| + | <file named /usr/src/tools/tools/nanobsd/Files/usr/local/etc/dhcpd.conf> | ||
| + | subnet 192.168.116.0 netmask 255.255.255.0 { | ||
| + | range 192.168.116.100 192.168.116.254; | ||
| + | option domain-name-servers 8.8.8.8; | ||
| + | option routers 192.168.116.1; | ||
| + | default-lease-time 600; | ||
| + | max-lease-time 7200; | ||
| + | } | ||
| + | </file> | ||
freebsd/nanobsd_router.1423756873.txt.gz · Last modified: 2015/02/12 10:01 by tschulz
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
