[Pcbsd-developer] My current configuration
Status: Beta
Brought to you by:
kmoore134
Menu
▾
▴
[Pcbsd-developer] My current configuration
|
From: Andrei K. <an...@bs...> - 2006-06-11 17:35:04
|
Hello all!
In case somone interested- here is my current PC-BSD configuration:
Only problem so far is flash problem.... PBI version won't work and so as from
ports.
---------------------------------------------------------------------------------------------------------------------------
# uname -a
FreeBSD PCBSD.localhost 6.1-RELEASE-p1 FreeBSD 6.1-RELEASE-p1 #0: Sun Jun 4
14:01:54 EEST 2006 root@PCBSD.localhost:/usr/obj/usr/src/sys/RAIDON i386
---------------------------------------------------------------------------------------------------------------------------
less /root/kernel/RAIDON
# $FreeBSD: src/sys/i386/conf/GENERIC,v 1.429.2.7.2.2 2006/05/01 00:15:12
scottl Exp $
machine i386
#cpu I486_CPU
#cpu I586_CPU
cpu I686_CPU
ident RAIDON
# To statically compile in device wiring instead of /boot/device.hints
#hints "GENERIC.hints" # Default places to look for devices.
#makeoptions DEBUG=-g # Build kernel with gdb(1) debug
symbols
options SCHED_ULE # ULE scheduler
#options SCHED_4BSD # 4BSD scheduler
...............................
# Direct Rendering modules for 3d accelleration
device drm # DRM Core Module
device radeondrm # ATI Radeon
options VESA # Vesa Support for Splash
options SC_PIXEL_MODE # add support for the raster tex
options HZ=1000
options DEVICE_POLLING
device pf
device pflog
device pfsync
options ALTQ
options ALTQ_CBQ # Class Bases Queuing (CBQ)
options ALTQ_RED # Random Early Detection (RED)
options ALTQ_RIO # RED In/Out
options ALTQ_HFSC # Hierarchical Packet Scheduler (HFSC)
options ALTQ_PRIQ # Priority Queuing (PRIQ)
options ALTQ_NOPCC # Required for SMP build
---------------------------------------------------------------------------------------------------------------------------
# pkg_version -v
ImageMagick-6.2.7.7_1 = up-to-date with port
OpenEXR-1.2.2_1 = up-to-date with port
aalib-1.4.r5_2 = up-to-date with port
akode-2.0,1 = up-to-date with port
akode-plugins-mpc-2.0,1 = up-to-date with port
akode-plugins-mpeg-2.0,1 = up-to-date with port
akode-plugins-oss-2.0,1 = up-to-date with port
akode-plugins-resampler-2.0,1 = up-to-date with port
akode-plugins-xiph-2.0,1 = up-to-date with port
amarok-1.3.9_2 = up-to-date with port
amspsfnt-1.0_3 = up-to-date with port
ar-ae_fonts1_ttf-1.1 = up-to-date with port
arts-1.5.3_1,1 = up-to-date with port
artswrapper-1.5.3 = up-to-date with port
aspell-0.60.4_3 = up-to-date with port
autoconf-2.53_3 = up-to-date with port
autoconf-2.59_2 = up-to-date with port
automake-1.5_2,1 = up-to-date with port
bison-1.75_2,1 = up-to-date with port
bitstream-vera-1.10_2 = up-to-date with port
bogofilter-1.0.2_1 = up-to-date with port
<< good baesian spam filter I use it with kmail
cairo-1.0.4_1 = up-to-date with port
calamaris-2.59 = up-to-date with port
cdparanoia-3.9.8_8 = up-to-date with port
cfs-1.4.1_4 = up-to-date with port
clusterit-2.0_2 = up-to-date with port
cmpsfont-1.0_4 = up-to-date with port
compat5x-i386-5.4.0.8_7 = up-to-date with port
cups-1.1.23.0_1 = up-to-date with port
cups-base-1.1.23.0_9 = up-to-date with port
cups-lpr-1.1.23.0_1 = up-to-date with port
cups-pstoraster-8.15 = up-to-date with port
curl-7.15.3 = up-to-date with port
cvsup-without-gui-16.1h_2 = up-to-date with port
cyrus-sasl-2.1.22 = up-to-date with port
db42-4.2.52_4 = up-to-date with port
db43-4.3.29 = up-to-date with port
dclib-0.3.7 = up-to-date with port
dejavu-2.6 = up-to-date with port
diablo-jre-1.5.0.06.00 = up-to-date with port
dirmngr-0.9.3_2 = up-to-date with port
djbfft-0.76_2 = up-to-date with port
dri-6.4.1,2 = up-to-date with port
eject-1.5_2 = up-to-date with port
et-kde-i18n-3.5.3 = up-to-date with port
exiv2-0.10 = up-to-date with port
expat-2.0.0_1 = up-to-date with port
fam-2.6.9_6 = up-to-date with port
fftw3-3.1.1 = up-to-date with port
flac-1.1.2_1 = up-to-date with port
fontconfig-2.3.2_5,1 = up-to-date with port
foomatic-db-20060531 = up-to-date with port
foomatic-db-engine-20060531,1 = up-to-date with port
foomatic-filters-3.0.2_4 = up-to-date with port
freetype2-2.1.10_3 = up-to-date with port
fribidi-0.10.7 = up-to-date with port
fusefs-libs-2.5.2_1 = up-to-date with port
gd-2.0.33_4,1 = up-to-date with port
gettext-0.14.5_2 = up-to-date with port
ghostscript-gnu-7.07_15 = up-to-date with port
gimp-print-4.2.7_2 = up-to-date with port
glib-1.2.10_12 = up-to-date with port
glib-2.10.3 = up-to-date with port
gmake-3.80_2 = up-to-date with port
gnomehier-2.1_2 = up-to-date with port
gnupg-1.4.3 = up-to-date with port
gnupg-devel-1.9.20_1 = up-to-date with port
gnutls-1.2.11 = up-to-date with port
gpgme-1.0.3_1 = up-to-date with port
gsfonts-8.11_2 = up-to-date with port
gsl-1.8 = up-to-date with port
gtar-1.15.1_2 = up-to-date with port
gtk-1.2.10_15 = up-to-date with port
help2man-1.36.4_1 = up-to-date with port
iftop-0.17 = up-to-date with port
imake-6.9.0 = up-to-date with port
imlib-1.9.15_3 = up-to-date with port
iw-elmar-fonts-3.3 = up-to-date with port
ja-sazanami-ttf-20040629_1 = up-to-date with port
ja-truetypefonts-2001.08.18.5 = up-to-date with port
jackit-0.101.1_1 = up-to-date with port
jasper-1.701.0_1 = up-to-date with port
javavmwrapper-2.2 = up-to-date with port
jbigkit-1.6 = up-to-date with port
jpeg-6b_4 = up-to-date with port
kbarcode-2.0.3 = up-to-date with port
<<just one barcode program for testing
kde-xdg-env-1.0,1 = up-to-date with port
kdeadmin-3.5.3 = up-to-date with port
kdebase-3.5.3_1 = up-to-date with port
kdebase-kompmgr-3.5.3 = up-to-date with port
kdegraphics-3.5.3 = up-to-date with port
kdegraphics-kamera-3.5.3 = up-to-date with port
<<for digital camera
kdegraphics-kuickshow-3.5.3 = up-to-date with port
<<good image viewing program
kdehier-1.0_9 = up-to-date with port
kdelibs-3.5.3 = up-to-date with port
kdemultimedia-3.5.3 = up-to-date with port
kdenetwork-3.5.3_2 = up-to-date with port
kdenetwork-kopete-0.11 = up-to-date with port
kdenetwork-lanbrowsing-3.5.3 = up-to-date with port
kdepim-3.5.3 = up-to-date with port
kdeutils-3.5.3 = up-to-date with port
kmplayer-0.9.1.b_1,2 = up-to-date with port
ko-pinetreefonts-1.01 = up-to-date with port
kpdftool-0.22 = up-to-date with port
kphotoalbum-2.2_1 = up-to-date with port
krb5-1.4.3 = up-to-date with port
ktorrent-1.2_2 = up-to-date with port
lame-3.96.1 = up-to-date with port
lcms-1.14_1,1 = up-to-date with port
libXft-2.1.7_1 = up-to-date with port
libart_lgpl2-2.3.17_1 = up-to-date with port
libassuan-0.6.10 = up-to-date with port
libaudiofile-0.2.6 = up-to-date with port
libcddb-1.2.1_1 = up-to-date with port
libcdio-0.77 = up-to-date with port
libdrm-2.0.1_1 = up-to-date with port
libdvdcss-1.2.9_2 = up-to-date with port
libdvdread-0.9.4_1 = up-to-date with port
libexif-0.6.13 = up-to-date with port
libfame-0.9.1_2 = up-to-date with port
libfpx-1.2.0.12 = up-to-date with port
libgcrypt-1.2.2_1 = up-to-date with port
libglut-6.4.2 = up-to-date with port
libgmp-4.2.1_1 = up-to-date with port
libgpg-error-1.3 = up-to-date with port
libgphoto2-2.1.99 = up-to-date with port
libiconv-1.9.2_2 = up-to-date with port
libid3tag-0.15.1b = up-to-date with port
libidn-0.6.3 = up-to-date with port
libijs-0.35_1 = up-to-date with port
libkipi-0.1.2_1 = up-to-date with port
libksba-0.9.13_1 = up-to-date with port
libltdl-1.5.22 = up-to-date with port
libmad-0.15.1b_2 = up-to-date with port
libmal-0.40 = up-to-date with port
libmng-1.0.9 = up-to-date with port
libmodplug-0.8 = up-to-date with port
libmpcdec-1.2.2 = up-to-date with port
libmusicbrainz-2.1.2_2 = up-to-date with port
libogg-1.1.3,3 = up-to-date with port
liboil-0.3.9 = up-to-date with port
libpaper-1.1.14.3 = up-to-date with port
libsamplerate-0.1.2_2 = up-to-date with port
libsndfile-1.0.16 = up-to-date with port
libthai-0.1.5_1 = up-to-date with port
libtheora-1.0.a5 = up-to-date with port
libtool-1.5.22_2 = up-to-date with port
libtunepimp-0.4.2_1,1 = up-to-date with port
libungif-4.1.4_1 = up-to-date with port
libusb-0.1.12 = up-to-date with port
libvorbis-1.1.2,3 = up-to-date with port
libwww-5.4.0_2 = up-to-date with port
libxine-1.1.1_5 < needs updating (port has 1.1.1_6)
libxml2-2.6.26 = up-to-date with port
libxslt-1.1.17 = up-to-date with port
linc-1.0.3_6 = up-to-date with port
linux-expat-1.95.7_1 = up-to-date with port
linux-fontconfig-2.2.3_4 = up-to-date with port
linux_base-rh-9 = up-to-date with port
localedata-5.4 = up-to-date with port
lua-5.0.2_1 = up-to-date with port
m4-1.4.4 = up-to-date with port
mDNSResponder-107.5 = up-to-date with port
mc-4.6.1_3 = up-to-date with port
mpeg2codec-1.2_1 = up-to-date with port
mpeg4ip-libmp4v2-1.5 = up-to-date with port
mplayer-0.99.7_14 = up-to-date with port
mplayer-skins-1.1.2_1 = up-to-date with port
nas-1.8 = up-to-date with port
neon-0.25.5 = up-to-date with port
net-snmp-5.2.2_2 = up-to-date with port
nmap-4.01_2 = up-to-date with port
open-motif-2.2.3_2 = up-to-date with port
openldap-client-2.2.30 = up-to-date with port
openldap-server-2.2.30 = up-to-date with port
openslp-1.2.1_2 = up-to-date with port
p5-GD-2.32 = up-to-date with port
p5-gettext-1.05_1 = up-to-date with port
p5-type1inst-0.6.1_2 = up-to-date with port
pcre-6.6_1 = up-to-date with port
perl-5.8.8 = up-to-date with port
pilot-link-0.11.8_4,1 = up-to-date with port
pkg-config-0.20_2 = up-to-date with port
png-1.2.8_3 = up-to-date with port
poppler-0.5.3 = up-to-date with port
poppler-qt-0.5.3 = up-to-date with port
popt-1.7_1 = up-to-date with port
portaudio-18.1_2 = up-to-date with port
portupgrade-2.1.2_1,1 < needs updating (port has 2.1.3,1)
pth-2.0.6 = up-to-date with port
pure-ftpd-1.0.21 < needs updating (port has 1.0.21_1)
<< outstanding ftp server with lots of features
python-2.4.3 = up-to-date with port
qca-tls-1.0_1 = up-to-date with port
qmake-3.3.6 = up-to-date with port
qt-3.3.6_2 = up-to-date with port
rpm-3.0.6_13 = up-to-date with port
ruby-1.8.4_8,1 = up-to-date with port
ruby18-bdb1-0.2.2 = up-to-date with port
samba-3.0.22,1 = up-to-date with port
samba-libsmbclient-3.0.22 = up-to-date with port
sdl-1.2.9_2,2 = up-to-date with port
smartmontools-5.36 = up-to-date with port
speex-1.0.5_1,1 = up-to-date with port
squid-2.5.14_1 = up-to-date with port
svgalib-1.4.3_5 = up-to-date with port
t1lib-5.1.0_1,1 = up-to-date with port
taglib-1.4_2 = up-to-date with port
teTeX-base-3.0_8 = up-to-date with port
teTeX-texmf-3.0_3 < needs updating (port has 3.0_4)
tex-texmflocal-1.9 = up-to-date with port
texi2html-1.76_1,1 = up-to-date with port
texinfo-4.8_3 = up-to-date with port
tiff-3.8.2 = up-to-date with port
ttmkfdir-20021109_1 = up-to-date with port
valknut-0.3.7 = up-to-date with port
vcdimager-0.7.23_3 = up-to-date with port
vi-vnxfonts-1.1.1 = up-to-date with port
win32-codecs-3.1.0.p7_2,1 = up-to-date with port
xorg-clients-6.9.0_2 < needs updating (port has 6.9.0_3)
xorg-fonts-cyrillic-6.9.0_1 = up-to-date with port
xorg-fonts-encodings-6.9.0_1 = up-to-date with port
xorg-fonts-miscbitmaps-6.9.0_1 = up-to-date with port
xorg-fonts-truetype-6.9.0 = up-to-date with port
xorg-libraries-6.9.0 = up-to-date with port
xorg-server-6.9.0_1 < needs updating (port has 6.9.0_4)
xpdf-3.01_3 = up-to-date with port
xterm-213 = up-to-date with port
xv-3.10a_5 = up-to-date with port
zh-fireflyttf-1.3.0 = up-to-date with port
zh-ttfm-0.9.5_1 = up-to-date with port
---------------------------------------------------------------------------------------------------------------------------
# less rc.conf
background_dhclient="YES"
hostname="PCBSD.localhost"
background_dhclient="YES"
hostname="PCBSD.localhost"
compat5x_enable="YES"
NIC="de em ixgb txp vx bfe bge dc fxp lge nge pcn re rl sf sis sk ste ti tl tx
vge vr wb xl cs ed ex ep fe ie lnc
sn xe an awi nve"
for i in $NIC; do
eval ifconfig_${i}0="DHCP"
eval ifconfig_${i}1="DHCP"
done
blanktime="180"
saver="logo"
sshd_enable="YES"
usbd_enable="YES"
moused_type="auto"
moused_enable="YES"
#Enable samba server
samba_enable="YES"
# Disable LPD
lpd_enable="NO"
# Enable CUPS
cupsd_enable="YES"
background_cupsd="YES"
enable_linux="YES"
# FSCK Enhancements
fsck_y_enable="YES"
background_fsck="YES"
smartd_enable="YES"
pf_enable="YES"
pf_rules="/etc/pf.conf"
pflog_enable="YES"
pflog_logfile="/var/log/pflog"
gateway_enable="YES"
squid_enable="YES"
##### Kohalik v<F5>rk
ifconfig_nve0="inet 192.168.2.1 netmask 255.255.255.240"
##### WiFi
ifconfig_wi0="inet 192.168.1.1 netmask 255.255.255.240 ssid turvaauk channel 9
mediaopt adhoc"
# WPA
#ifconfig_wi0="WPA inet 192.168.1.1 netmask 255.255.255.240 mediaopt hostap
up"
#hostapd_enable="YES"
tmpmfs="YES"
tmpsize="768m"
#tmpmfs_flags="-S -o noatime,noexec,nosuid,nosymfollow"
tmpmfs_flags="-S"
#### Pure-FTP
###pureftpd_enable="YES"
#
# For launch uploadscript daemon define
# pureftpd_upload_enable="YES"
# pureftpd_uploadscript="/full/path/to/launch_script"
tcp_keepalive="YES"
---------------------------------------------------------------------------------------------------------------------------
less /etc/pf.conf
# Macros: define common values, so they can be referenced and changed easily.
ext_if="xl0" # replace with actual external interface name i.e., dc0
int_if="wi0" # replace with actual internal interface name i.e., dc1
int_if2="nve0" # replace with actual internal interface name i.e., dc1
icmp_types="echoreq"
# Normalization: reassemble fragments and resolve or reduce traffic
ambiguities.
scrub in all
# limit outgoing traffic
altq on $ext_if priq bandwidth 33Kb queue { q_pri, q_def }
queue q_pri priority 7
queue q_def priority 1 priq(default)
# I have 2 network interfaces for nat 1 wifi(notebook) and 2 for backup server
nat on $ext_if from $int_if:network to any -> $ext_if
nat on $ext_if from $int_if2:network to any -> $ext_if
# Squid works for transparent proxying
rdr on $int_if inet proto tcp from any to any port www -> 127.0.0.1 port 3128
pass in all
pass out keep state
antispoof for $ext_if inet
# block all incoming packets but allow ssh, pass all outgoing tcp and udp
# connections and keep state, logging blocked packets.
pass in on $int_if proto tcp from any to $int_if port 22 keep state
pass out on $ext_if proto { tcp, udp, icmp } all keep state
pass in on $int_if inet proto tcp from any to 127.0.0.1 port 3128 keep state
pass out on $ext_if inet proto tcp from any to any port www keep state
pass out on $ext_if proto tcp from $ext_if to any flags S/SA keep state queue
(q_def, q_pri)
pass in on $ext_if proto tcp from any to $ext_if flags S/SA keep state queue
(q_def, q_pri)
---------------------------------------------------------------------------------------------------------------------------
NOTE: pf firewall is not completed and some rules are broken!!
|
