This page is now old and some of the links will not work. It is personal use only.
Please e-mail:
aakesson@code-donkey.org A. Aakesson April, 2004
Last updated on the 21 of September, 2000.
Please note; some of the instructions have been taken from the
various README's that come with the drivers, as well as the KAME
instructions.
If you can get a tarred copy of the original /etc and put it into the /usr/local/src.
If you can, copy the kernel config file. "uname -a" will tell you which one it is. Copy it to /usr/local/src, and use it as a ref.
1. atmdriver-kame.tar.gz Check Google (If ATM support is needed.) Place in /usr/local/src/.
2. MRTd can be downloaded from the Merit ftp site. Place in /usr/local/src/. The web site for the The Merit Network. which has configuration information for MRTd.
3. etc.what.ever.tar.gz [tar up your original /etc is possible]. Place in /usr/local/src/.
4. ntp-4.0.99b.tar.gz Check Google Place in /usr/local/src/.
5. ucd-snmp-3.6.1.tar Check Google or /usr/ports for the Simple Network Management Protocol. Place in /usr/local/src/.
6. t1.tar.gz
7. Get jdk [1.1.8 at least] from /usr/ports/java/
8. Get ssh-1.2.27 [at least] from /usr/ports/security/
9. Get autoconf from /usr/ports/
10. Get rpm from /usr/ports/
11. Go to /usr/ports/emulators/linux_base, and do a "make" "make install".
12. The Active Network Backbone.
These sites are related to the Active Network Backbone project (Abone).
1. Download the disks from the FreeBSD web site.
Go to The FreeBSD site, and follow the instructions for creating the floppy disk, and Ftp the OS.
Refer to the FreeBSD handbook for more information.Once you have booted you system with the boot disks. Select the option to skip kernel configuration. Then the next screen you will see has various options available too you.
Now choose #4 Custom.
Next select:
1 Options
- check and be sure that the "Release Name" says "/pub/FreeBSD/releases/i386/3.4-RELEASE" then type Q to Quit.
Select option 2 (Partition) to "Allocate disk space for FreeBSD"
Scroll up one line to select the FreeBSD slice and enter D to delete the slice. The Desc column will identify which slice is FreeBSD or unused.
Press A and respond Yes to remain cooperative with any future possible operating systems on the drive(s). The disk space table will appear
Scroll up one line and select the FreeBSD slice and enter S to make it a bootable partition. An A will appear under the Flags column
Press Q to finish
The Boot Manager Menu will appear. Select BootMgr, which should be the default, and press OK
The Custom Installation Options Menu should appear
Select option 3 (Label) to "Label allocated disk partitions"
At this point you should create the partitions. I usually make the root partition 200m. The swap partition 400m. The var partition 200m, and use the remainder of the disk should be devoted to the usr partition. I am working on the primes that the disk is about 4 GIG [although it need not be.]
I generally make the swap partition twice the size of the root partition.
When in the FreeBSD Disklabel Editor (this the point when you will be creating the labels for root (/), swap (/swap), var (/var) and usr (/usr).
1. Select "c" to create the labels.
2. Back space over the cylinders, and add in the amount you want to use for the root (/). Say 200m. A window will pop up and ask you if the partition type is to be FS (A file system), or Swap (A swap partition.) Select FS. You will be prompted for a mount point. Use "/" for root. Press enter.
3. Select "c" to create a label. Back space over the cylinders, and add in the amount you want to use for the swap partition. In this case I will use 400m for the swap (x2 the /). Press enter. Now select Swap (A swap partition.) The utility will automatically add the mount point.
4. Select "c" to create a label. Back space over the cylinders, and add in the amount you want to use for the var (/var) partition. This should be about 200m. Press enter, and then select FS. You will be prompted for a mount point which will be /var.
5. For the last time select "c" again, and this time don't backspace over the cylinders. Instead just press enter. Now choose FS for the file system, and press enter. Add the mount point /usr, and press enter. You are now finished with the "FreeBSD Disklabel Editor" so press "q" to quit, and you will return to the Custom Installation Options Menu.
Select option 4 (Distributions) to "Select distributions(s) to extract"
Scroll down to option 8 and choose "All sources and binaries" and press the SPACE bar
The DES cryptographic software menu will appear asking for confirmation/approval. Select YES and press ENTER.
The encryption facilities menu will appear next. Select the Basic DES encryption services and Sources for DES using the SPACE bar. Select OK and press ENTER
Select YES and press ENTER to install the FreeBSD ports collection
The Choose Distributions menu will appear and option 8 will have an X next to it. Choose OK and press ENTER
Select option 5 (Choose) to "Choose the installation media type"
Select #2 to ftp from an FTP server. Select the Primary FreeBSD site (if this is congested you may also try the other FreeBSD sites in the USA. Look for them at the bottom of the list.)
The network interface selection menu will appear. Select the appropriate interface device and press ENTER.
Next, the network configuration menu will appear. Fill in the requested information (host, domain, gateway, name server, ip address and netmask). Don't fill in the Extra options to ifconfig. Select OK and press ENTER.
Select option 6 (Commit) to "Perform any pending Partition/Label/Extract actions"
Please read the message carefully and understand that you will LOOSE the contents of your hard disk. Select YES and press ENTER to continue.
2. .rhosts & /etc/hosts
In /root make a file <.rhosts> and put an entire for in it. This is needed for the rdist script to be effective. When you have created this change the permissions to 600, so that only root has access to file. e.g. chmod 600 .rhosts.
Next, edit the /etc/hosts file. Add: xxx.xxx.xxx.xxx helpmann.code-donkey.org helpmann
3. ssh & tcsh
Install ssh and tcsh from /usr/ports/security/ssh and /usr/ports/shells/tcsh respectively -- you will need to reboot to make them operative.
Move tcsh to /bin and make a soft-link back to the original dir. Also edit the /etc/shells to reflect this change.
You will need to edit make.conf and give permission to download ssh. In make.conf search for USA, and uncomment "YES". #USA_RESIDENT= YES
4. rdist
You should contact donkeynoc@code-donkey for this.
5. Account, group and passwd information should be installed when the rdist script is run.
Make sure that your account is in the wheel group, and that "mail:*:6:" and "network:*:12:" are on individual lines. Also remember that when rdist is run all of the passwords in the /etc/master.passwd file are effaced, and replaced by the ones downloaded by the rdist script.
6. /home
tar up the original /home and dump it into the new /usr/home. You may need to make a soft-link to the /home. donkeynoc will add the home directories for the remainder of the accounts.
7. Build openssl in /usr/ports/security/openssl This is so tcpdump can display encrypted text
8. /etc/rc.conf & /usr/local/etc/rc.d/rc.local.sh
/etc/rc.conf. Check against the old one, and get any local info.
If running v6, you will need:
ipv6_enable="YES"
ipv6_gateway_enable="NO"
In /etc/rc.conf, you should also make sure to disable sourcerouting, enable TCP extensions.
If there are addition bits that you need; check the /etc/defaults/rc.conf, and copy the information to /etc/rc.conf
The rc.local is now rc.local.sh and is in /usr/local/etc/rc.d/ You will(may) need to make this file. Make sure you have the permissions set correctly . If possable use the oringal /etc/rc.local as a reference.
In the rc.local.sh add:
if [ -f
/usr/local/v6/etc/rc.net6 ]; then
sh /usr/local/v6/etc/rc.net6
fi
9. libcr
Run "ls -al" against /usr/lib/libcr* this
should show
libdescrypt.a
libdescrypt.so.2.0
libdescrypt_p.a
10. resolv.conf
/etc/resolv.conf [check against the original one if poss.]
11. /etc/copyfiles.sh & /etc/master.passwd.local
This is needed for any local passwds. They are passwds which are NOT part of the Code-donkey passwd distribution.
12. mrouted
Make sure mrouted is installed if needed. Use the old mrouted.conf as a ref. if possible. The call for mrouted is placed into /usr/local/etc/rc.d/rc.local.sh
13. Install the KAME-IPv6 at this point.
Follow the KAME instructions on installation, and setup of
binaries if you are planning on installing KAME-v6.
----------
The current KAME-v6 SNAP KIT install is as follows. ----------
1.
tarred /usr/src and /usr/include
2. untared kame.snap in
/usr/local/src
----If you did step 7 don't do this.---
2a. Installed
openssl-0.9.4.tar.gz in
/usr/local/src [untared etc...]
Then
cd to openssl-0.9.4
now run ./config
then:
make, make
test, make install.
---------------------------------------
3. view INSTALL
4. In /usr/local/src/kame run
make
TARGET=freebsd3 prepare
5. cd /usr/local/src/kame/freebsd3
6.
view INSTALL
7. cp /kernel /kernel.previous
8. cd /usr
mkdir include.clean
cd include.clean
(cd ../include; tar
Bpcf - . ) | tar Bpxf -
9. From /usr/local/src/kame/freebsd3
cd
sys/i386/conf
10. cp GENERIC.v6 CONFIGFILE
10a. Make sure
the kernel configuration includes 4 bpfilters
pseudo-device
bpfilter 4 #Berkeley packet filter
then
/usr/sbin/config
CONFIGFILE
11. cd ../../compile/CONFIGFILE
then
make
depend
make
make install
12. From
/usr/local/src/kame/freebsd3 cd to the following directories
eaytest, kmpstat and racoon. Edit the Makefile, and add what is
below if you do not the next step [make includes will not make]:
Userland 'make' fails. Need to edit _all_ Makefile's in
/usr/local/src/kame/freebsd3/usr.sbin/racoon/eaytest
/usr/local/src/kame/freebsd3/usr.sbin/racoon/kmpstat
/usr/local/src/kame/freebsd3/usr.sbin/racoon/racoon
directories, so the following lines:
-----------------
.if exists(/usr/local/lib/libcrypto.a)
LDADD+= -L/usr/local/lib -lcrypto -lRSAglue -lrsaref
DPADD+=
/usr/local/lib/libcrypto.a /usr/local/lib/libRSAglue.a
.endif
----------------
Make sure they appear earlier than a statement like: .include
Then add to the
/usr/local/src/kame/freebsd3/usr.sbin/tcpdump/Makefile: -lRSAglue
-lrsaref
To the end of [with a space]
LDADD+=
-L/usr/local/lib -lcrypto
So it looks like:
LDADD+= -L/usr/local/lib -lcrypto -lRSAglue
-lrsaref
Or apply the following patch to
usr.sbin/tcpdump/Makefile
------------ CUT HERE -----------
***
usr.sbin/tcpdump/Makefile.orig Wed Dec 22 16:14:07 1999
---
usr.sbin/tcpdump/Makefile Wed Feb 9 14:18:33 2000
***************
*** 57,63 ****
CFLAGS+=-I/usr/local/ssl/include/openssl
.endif
.endif
! LDADD+= -L/usr/local/lib -lcrypto
DPADD+= /usr/local/lib/libcrypto.a
.endif
--- 57,63 ----
CFLAGS+=-I/usr/local/ssl/include/openssl
.endif
.endif
! LDADD+= -L/usr/local/lib -lcrypto
-lRSAglue -lrsaref
DPADD+= /usr/local/lib/libcrypto.a
.endif
------------ CUT HERE -----------
12. Then as donkeynoc [from /usr/local/src/kame/freebsd3> ]
Don't do 12 as a normal user. Do it as root and it works. So:
Then as root [from /usr/local/src/kame/freebsd3]
run "make
includes"
then "make install-includes"
now
run "make"
next "make install"
This will install necessary userland tools into
/usr/local/v6/{bin,sbin,whatever}. This should not replace existing
IPv4-only userland tools, so it is safe.
/usr/local/v6/bin
/usr/local/v6/sbin
/usr/local/v6/bin:/usr/local/v6/sbin
Now
type:
# makewhatis /usr/local/v6/man
13. Now Reboot.
14. Now go back and read the INSTALL file
in freebsd3 to do the final config.
E-1. Most of configuration files are placed in /usr/local/v6/etc. You may want to copy those foo.sample files into non-sample (foo), edit as necessary. You may also want to invoke /usr/local/v6/etc/rc.net6 from /etc/rc.local, by adding the following into /etc/rc.local:
if [ -f /usr/local/v6/etc/rc.net6 ]; then
sh
/usr/local/v6/etc/rc.net6
fi
E-2. If you would like to use IPv6-ready inetd, you will need
to also invoke /usr/local/v6/sbin/inet46d. It can coexist with
original /usr/sbin/inetd, but when each of them is invoked, IPv4
connection accept is always treated by /usr/sbin/inetd. When only
/usr/local/v6/sbin/inet46d is invoked, it accept each of IPv4 and
IPv6 connection request.
Configuration file is placed in
/usr/local/v6/etc/inet6d.conf, but with enhanced syntax. Inet46d
accepts either of IPv4 and IPv6 connection by default, but you can
configure it to accept only one of those protocols by each daemon
basis. Consult manpages for details.
E-4. There are batch of documents installed into
/usr/local/v6/man and /usr/local/v6/share/doc. Please read them as
necessary. If you wish to develop your own programs, we suggest you
to read through supplied documents, RFCs, and other documents to
learn how.
Additional configuration information.
Edit /usr/local/v6/etc/rc.net6 (which has a symbolic link
/etc/rc.net6)
i) ip6router=YES
i) run_route6d=NO
iii) Replace
[
-x $route6d ] && $route6d $route6dflags
with
if [
X"${run_route6d}" = X"YES" ]; then
[ -x
$route6d ] && $route6d $route6dflags
fi
----------------------End of KAME
installation.------------------------------
14. mrtd
mrtd can be down loaded from MERIT. Put the source code into /usr/local/src (you may need to make this directory.) mrtd.conf if placed into /etc with a reference to it in /usr/local/etc/rc.d/rc.local.sh
You should use the original
/etc/mrtd.conf as a reference.
Make sure that the port info is
in /etc/services
mrtd 5674/tcp #mrtd routing daemon
If you
have to make an /etc/mrtd.conf file, be sure to add:
password
mrtipv6
debug all /var/log/mrtd.log 5000000
!
at the top
of the file. This will let you telnet to the mrtd program and
control it. e.g. telnet localhost mrtd and the passwd is: mrtipv6
Untar the mrt-src file in /usr/local/src. Then [as root] run
make-sym-links
cd src.freebsd3.4
./configure
make
depend
make
make install
15. copyfiles.sh & master.passwd.local
Copy copyfiles.sh & master.passwd.local to /etc [if they exist.] These files are for copying any local passwd files in to the /etc/master.passwd file.
16. namedb & named
Tar and copy the /etc/namedb and /etc/named directories.
Keep up with the current ver. of BIND. Run "witch" against the installed ver. of named and "grep" for ver..
An entire for the named (BIND)in the /etc/rc.conf would look
like this:
named_program="/usr/sbin/named"
named_flags="-b /etc/named/named.conf"
I had to
edit the named.conf file and change the line from the section.
named-xfer
"/usr/misc/bind-current/src/bin/named-xfer/named-xfer"; to
named-xfer "/usr/libexec/named-xfer";
17. snmp
down load and untar the new "ucd-snmp-.tar in
/usr/local/src. Then follow the instructions and build it.
run
./configure
Check that config.h has made these changes:
#define SYSTEM_INCLUDE_FILE "s/generic"
has
changed to:
#define SYSTEM_INCLUDE_FILE "s/freebsd3.h"
and that
#undef HAVE_NETINET_IN_H 1
has changed to:
#define HAVE_NETINET_IN_H 1
and try again.
run make
run make install.
18. ntp
Down load and untar the most recent version of ntp in
/usr/local/src.
The current version is ntp-4.0.99b.
run
./configure
make check
make
make install
Add the files ntp.conf, ntp.keys and ntp.drift to /etc. If
the files do not exist in the original /etc, then you can check
either donkeypc, donkeyepc or udelpc's /etc files. Also you can reference
NTP
19. Make a symbolic link between /sys and /usr/local/src/kame/freebsd3/sys.
20. ATM setup.
untar atmdriver-kame.tar.gz in /usr/local/src/
cd to /usr/local/src/atmdriver. cp or mv sys.tar to
/usr/local/src/kame/freebsd3/ and then untar sys.tar.
Ref.
the README in /usr/local/src/atmdriver for the instructions.
cd
/usr/local/src/kame/freebsd3/sys/conf and then
cp files files.bk
cp options options.bk
Then you will need to use the patches files.diff, and
options.fbsd3x.diff. From /usr/local/src/kame/freebsd3/sys/conf
patch < files.diff
patch < options.fbsd3x.diff
At this point you you will need to edit the kernel
/usr/local/src/kame/freebsd3/sys/i386/conf/FBSD-34-KAME-20000103
[or what the currnet kernel name is.]
Add the following to the
kernel
device en0 # FreeBSD PCI
device enp5 # To support 1 pvc
on each ATM card
# (enp5 to support 6 PVC's each -
# the
Amax allowed number for adaptec)
pseudo-device atm # FreeBSD
only
options NATM # native atm
Then config, make, and
install the new kernel.
If the config barffs, you may need to go to: ../../conf/options and remove the duplicate option INET6.
Once the kernel has been compiled. You need to copy, then make
and install the following directories:
atmrate, atminfo,
atmconf, and atmstat.
Copy them from /usr/local/src/atmdriver to
/usr/local/src/kame/freebsd3/sbin useing the following commands
# cp -p -r atmrate /usr/local/src/kame/freebsd3/sbin
# cd
/usr/local/src/kame/freebsd3/sbin/atmrate
# make
# make
install
Do this for each of the directories.
21. T1 setup.
Untar the file t1.tar.gz [or equivalent] in
/usr/local/src.
cd to t1 and:
First add the entire for
device nn0 to you kernel config. The
configuration file is in
/usr/local/src/kame/freebsd3/sys/i386/conf.
device nn0 at isa0 port 0x280 net irq 10 drq 6
Next apply the patch file files.i386.diff to /usr/local/src/kame/freebsd3/sys/i386/conf/files.i386, then
patch < files.i386.diff
Now copy if_nn.c and if_nnreg.h to
/sys/i386/isa directory.
Then configure, build and install the
new kernel.
Now reboot and configure the interface.
22. KERNEL
be sure to add:
options MROUTING #Multicast
to the kernel