Tim Aslat <[EMAIL PROTECTED]> writes: > In the immortal words of "Jason Burris" <[EMAIL PROTECTED]>... > > I need to compile a kernel with IPFW on a remote machine running > > FreeBSD4.7. I followed the steps listed at: > > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-building.html > > Following the handbook isn't a bad start.
It's nice to see someone actually do it for a change. > > In my COMPUTERNAME config file I've add the following three lines to > > the end for IPFW: > > > > options IPFIREWALL > > options IPFIREWALL_VERBOSE > > options IPFIREWALL_DEFAULT_TO_ACCEPT > > > > And I changed this line, which I read was necessary: > > > > ident COMPUTERNAME > > Not bad, but a more secure way would be to default to deny rather than > accept, but that's personal preference. In this case, where the machine is remote and you could lock yourself out, it's probably better to default to accept instead. Eventually, there will be a firewall rule denying unmatched packets, and even then you have to be careful about backing out the ruleset automatically if you lock yourself out. > > I'm able to run: > > > > /usr/sbin/config COMPUTERNAME > > cd ../../compile/COMPUTERNAME > > > > When I run > > > > make depend > > > > Everything runs fine until it dies with the error: > > > > make: don't know how to make iconv.h. > > Stop*** Error code 2 > > Stop in /usr/src/sys/modules.*** > > Error code 1 > > > > I've checked and this file is in my /usr/src/sys directory.What am I > > doing wrong? Do I even need this header to be compiled intothe > > kernel? > > You might want to try the "newer" method of building a kernel. > > cd /usr/src > make buildkernel KERNCONF=COMPUTERNAME > <wait a bit> > make installkernel KERNCONF=COMPUTERNAME I don't think that will be any better. Either way, he needs to have sources that match his system, and the "old" way will work fine when that is the case. _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"