Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : Hosting Security and Technology Tutorials : FreeBSD Kernel

[Crucial]

If your running FreeBSD and need to add something to the kernel this is how its done. We will be adding ipfw firewall in this example:

(Change to the kernel config directory)
# cd /usr/src/sys/i386/conf

(rename the DEFAULT config file to a NEWNAME, For this purpose we will call it WEB)

# cp DEFAULT WEB

(we always want to make sure we dont remove the DEFAULT FILE, incase you need it in the future or want to resort to it for reference, if you mess something up)

(Lets edit the config file now, use edit, pico, vi or any text editor on your machine, for learning purposes I will use pico)

# pico WEB

(Under all the option lines towards the top of the config, add the following lines, OR EDIT the KERNEL)

options IPFIREWALL
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=1000
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPDIVERT
options DUMMYNET

(Now its time to CONFIG the kernel, if this errors please re-edit the config and verify its content you added is correctly added)

# /usr/sbin/config WEB

(Now lets CD to the compiled directory)

# cd ../../compile/WEB

(Ok, ALWAYS do a make depend, dont skip this step a lot of people think its wortless please take the time and run it)

# make depend
# make

(Install the new kernel.)

# make install

(If everything completed there will be NO ERRORS, now reboot the system "reboot", "shutdown -r now kernel update)

Enjoy! and be CAREFULL when editing the kernel


FAQ:

Q: The dir "cd /usr/src/sys/i386/conf" dont exsist?
A: You need to isntall cvsup and sup the src. If you have ports installed, "whereis cvsup". cd to the dir, and make install. Once completed it will create example files, goto the files and edit the proper file usally "stable-supfile". Uncomment the src-all and read the entire configuration file, then run the cvsup program (If you read the config, you will know how to run the cvsup program).

Q: Why does make depend give me errors?
A: Check the content of the file, sometimes you added something that wasn't soposed to be added, remove it and run "make clean" and "make depend", please continue the other steps as well..

[eBoundary]

Just FYI, the default kernel on FreeBSD is GENERIC, not DEFAULT.

< Admin Note: Edited to remove signature. >

[chris_lynch]

Everyone forgets these:


OPTIONS NMBCLUSTERS set this to a high number , LINT has 1024, but, I've seen some servers with 16384

OPTIONS NMBUFS, 4 Times your NMBCLUSTERS.

Basically, those options will help out things when your server does tons of traffic.

[Crucial]

Yeah users can add whatever they wish to the kernel, this how to was to inform them how to actually compile/setup the kernel.

I do recomend each user to do some research on each option and make sure there setup properly and you install something you really need.

[IRCCo Jeff]

Its good to know that people are writing tutorials that actually make sense without hours of translation

[rjerina]

dont forget to enable quota in the kernel, if you plan on using cpanel or keep user quotas.

[Cirrostratus]

Another trick for FreeBSD custom kernels is to edit the KERNCONF file like was described above and then instead of doing the cd ../../ && confg KERNCONF && make depend && make etc etc you can


% cd /usr/src
% make buildkernel KERNCONF=YOURKERNFILENAME
% make installkernel KERNCONF=YOURKERNFILENAME
% reboot

Enjoy your custom kernel.

[CR-]

Quote:

Originally posted by delo-
Another trick for FreeBSD custom kernels is to edit the KERNCONF file like was described above and then instead of doing the cd ../../ && confg KERNCONF && make depend && make etc etc you can


% cd /usr/src
% make buildkernel KERNCONF=YOURKERNFILENAME
% make installkernel KERNCONF=YOURKERNFILENAME
% reboot

Enjoy your custom kernel.

nod. that's how i've always done it.

J.