Floe
From Wikifications
Contents
Install
Burn 5.4 ISO, boot from it.
Installer
- Standard
- Delete existing partition
- "a" for use entire disk
- Standard - no boot manager
- A - auto defaults for paritions
- "User" installation set
- "Yes" to ports
- CD / DVD install
- Yes to procede with installation
Initial configuration with sysinstall
- Can run later with:
/usr/sbin/sysinstall
- Yes to create ethernet device
- No to IPv6
- No to DHCP
- Configure as desired
- Yes to bring it up
- Yes to function as a gateway
- No to configure inetd
- Yes to enable SSH
- No to FTP
- No to NFS
- No to NFS Client
- No to customize console settings
- Yes to set time zone
- No
- 2 for America
- 45 - United States
- 16 - Pacific time
- Yes to PDT (or as applicable)
- Yes to linux binary compatability
- No to mouse
- No to browse ports
- Yes to add user account, configure as desired
- Set r00t password
- No to general config menu
- Exit install, remove CD
Ports
Updating Ports with cvsup
- Install the cvsup port
floe# cd /usr/ports/net/cvsup-without-gui floe# make install clean
- As root:
cp /usr/share/examples/cvsup/ports-supfile ~
Edit the ports-supfile
- local mirror, such as freebsd.isc.org
- Comment ports-all, uncomment desired ports or leave as default for maximum safety (no lost dependencies, etc)
Update:
cvsup -g -L 2 /root/ports-supfile
Automating port upgrades
This is probably a good idea. Last thing you want is some horrendous sshd vuln when you're out of the country or something... On the other hand, this represents a leap of faith that we won't end up with broken dependencies during a portupgrade due to some wacky change / failure... We'll cron a cvsup to keep the ports db recent, and use a tool called portupgrade to upgrade our installed ports.
Install portupgrade
cd /usr/ports/sysutils/portupgrade make install clean
Create a package database for portupgrade
pkgdb -u
Run portupgrade
portupgrade -a
Create a script to do it all for us. I'll call it upgrade.sh
# Synchronize your ports collection (using the fastest_cvsup tool to get the fastest CVSup server) FASTEST_CVSUP=`fastest_cvsup -Q -c us`; echo $FASTEST_CVSUP /usr/local/bin/cvsup -g -L 2 -h $FASTEST_CVSUP /root/ports-supfile # Update the ports database /usr/local/sbin/portsdb -Uu # List the installed ports which need upgrading /usr/local/sbin/portversion -l "<" # Upgrade the installed ports /usr/local/sbin/portupgrade -a
Add it to cron
echo "20 4 * * 7 /root/upgrade.sh" > mycron crontab mycron
Set up a forward for root
echo "foo@you.com" > .forward
Ports I like
- screen - a no brainer
- mtr - nice traceroute / ping tool
- ntraceroute - use the -A flag to see AS numbers for each hop
- bash, zsh
- fastest_cvsup
- ifstat - per-interface bandwidth stats
- sudo
Networking
Interface Configuration
Bring additional interface up and verify:
root@floe[/root]ifconfig fxp0 10.0.1.1 255.255.255.0
root@floe[/root]ifconfig fxp0
fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=8<VLAN_MTU>
inet 10.0.1.1 netmask 0xff000000 broadcast 255.255.255.0
inet6 fe80::2a0:c9ff:fedb:5100%fxp0 prefixlen 64 scopeid 0x2
ether 00:a0:c9:db:51:00
media: Ethernet autoselect (100baseTX)
status: active
Configure it for startup In /etc/rc.conf:
ifconfig_fxp0="inet 10.0.1.1 netmask 255.255.255.0"
DHCP Server
- Install /usr/ports/net/isc-dhcp3-server
- Configure /etc/dhcpd.conf as desired. My config:
# Configuration file for ISC dhcpd
# option definitions common to all supported networks...
option domain-name "dreness.com";
option domain-name-servers 64.81.79.2, 216.231.41.2;
default-lease-time 3600;
max-lease-time 86400;
authoritative;
ddns-update-style none;
# This is a very basic subnet declaration.
subnet 10.0.1.0 netmask 255.255.255.0 {
range 10.0.1.10 10.0.1.20;
option routers 10.0.1.1;
}
- Configure dhcp on startup in /etc/rc.local:
#dhcpd at boot up /usr/local/sbin/dhcpd
