how-to install ipf3.4-current on FreeBSD 4.4-stable
From: Stephen Hilton (nospam@hiltonbsd.com)
Date: 10/17/01
- Next message: Scott Lampert: "Re: Bridging Firewall - 3 interfaces - arp issue"
- Previous message: Kian Haghdad: "Software engineer"
- Next in thread: The Psychotic Viper: "Re: how-to install ipf3.4-current on FreeBSD 4.4-stable"
- Reply: The Psychotic Viper: "Re: how-to install ipf3.4-current on FreeBSD 4.4-stable"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Stephen Hilton" <nospam@hiltonbsd.com> To: "FreeBSD Security" <freebsd-security@FreeBSD.ORG> Date: Wed, 17 Oct 2001 12:21:51 -0500
What is the correct procedure to update a FreeBSD 4.4-release or 4.4-stable
system with the latest ipf3.4-current.tgz build.
Something like this procedure ?:
Get source file ipf3.4-current.tgz
http://coombs.anu.edu.au/~avalon/ipf3.4-current.tgz
untar in a new workdir:
# tar -xvpzf ipf3.4-current.tgz
# chown -R root.wheel ipf3.4-current
# mv -i ipf3.4-current /usr/src/contrib/
# cd /usr/src/contrib/
# mv -i ipfilter ipfilter.orig
# ln -s ipf3.4-current ipfilter
# cd ipfilter
# ./FreeBSD-4.0/kinstall
(this is the step I am really wondering about)
Customize your kernel, make sure it contains:
options IPFILTER #ipfilter support
options IPFILTER_LOG #ipfilter logging
And optionally if you desire add:
options IPFILTER_DEFAULT_BLOCK #block all packets by default
options IPSTEALTH #support for stealth forwarding
Then run through the build/install kernel/world mergemaster procedures
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html
On a related note, is this shell script still correct for updating the
userland parts of ipf without a whole buildworld procedure, or have things
changed under FreeBSD 4.4
The script worked well for me under FreeBSD release 4.3, and was created, I
believe, by Mr. Cy Schubert
---------------snip------------------
#!/bin/sh -
# /root/bin/build_ipf_only.sh
# (shell script to build and install userland portions of ipf)
# (a kernel config and rebuild is also necessary as a separate step)
# DIRS='/usr/src/sbin/ipf /usr/src/sbin/ipfstat /usr/src/sbin/ipmon
/usr/src/sbin/ipnat /usr/src/usr.sbin/ipftest /usr/src/usr.sbin/ipresend
/usr/src/usr.sbin/ipsend /usr/src/usr.sbin/iptest
/sys/modules/ipfilter'
DIRS='/usr/src/sbin/ipf /usr/src/sbin/ipfstat /usr/src/sbin/ipmon
/usr/src/sbin/ipnat /usr/src/usr.sbin/ipftest /usr/src/usr.sbin/ipresend
/usr/src/usr.sbin/ipsend /usr/src/usr.sbin/iptest'
error() {
echo $@
echo terminating abnormally
exit 1
}
echo
for I in $DIRS; do
echo "***** $I *****"
echo
cd $I || error cannot cd to $I
make cleandir || error make clean failed
# we do this twice in case there is any cruft in /usr/src itself
make cleandir || error make clean failed
make obj || error make obj failed
make || error make failed
make install cleandir || error make install failed
echo
done
echo `basename $0` finished successfully
---------------snip------------------
Thanks for any help,
Stephen Hilton
nospam@hiltonbsd.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Scott Lampert: "Re: Bridging Firewall - 3 interfaces - arp issue"
- Previous message: Kian Haghdad: "Software engineer"
- Next in thread: The Psychotic Viper: "Re: how-to install ipf3.4-current on FreeBSD 4.4-stable"
- Reply: The Psychotic Viper: "Re: how-to install ipf3.4-current on FreeBSD 4.4-stable"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
