Tim Aslat <[EMAIL PROTECTED]> writes:

> In the immortal words of "Jason Burris" <[EMAIL PROTECTED]>...
> > I need to compile a kernel with IPFW on a remote machine running
> > FreeBSD4.7.  I followed the steps listed at:
> > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-building.html
> 
> Following the handbook isn't a bad start.

It's nice to see someone actually do it for a change.

> > In my COMPUTERNAME config file I've add the following three lines to
> > the end for IPFW:
> > 
> > options IPFIREWALL
> > options IPFIREWALL_VERBOSE
> > options IPFIREWALL_DEFAULT_TO_ACCEPT
> > 
> > And I changed this line, which I read was necessary:
> > 
> > ident COMPUTERNAME
> 
> Not bad, but a more secure way would be to default to deny rather than
> accept, but that's personal preference.

In this case, where the machine is remote and you could lock yourself
out, it's probably better to default to accept instead.  Eventually,
there will be a firewall rule denying unmatched packets, and even then
you have to be careful about backing out the ruleset automatically if
you lock yourself out.

> > I'm able to run:
> > 
> > /usr/sbin/config COMPUTERNAME
> > cd ../../compile/COMPUTERNAME
> > 
> > When I run
> > 
> > make depend
> > 
> > Everything runs fine until it dies with the error:
> > 
> > make: don't know how to make iconv.h.
> > Stop*** Error code 2
> > Stop in /usr/src/sys/modules.***
> > Error code 1
> > 
> > I've checked and this file is in my /usr/src/sys directory.What am I
> > doing wrong?  Do I even need this header to be compiled intothe
> > kernel?
> 
> You might want to try the "newer" method of building a kernel.
> 
> cd /usr/src
> make buildkernel KERNCONF=COMPUTERNAME
> <wait a bit>
> make installkernel KERNCONF=COMPUTERNAME

I don't think that will be any better.  Either way, he needs to have
sources that match his system, and the "old" way will work fine when
that is the case.
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to