Difference between revisions of "Netbsd vpn gateway basic setup"

From ENTS
Jump to: navigation, search
m (prep to recompile the kernel)
(prep to recompile the kernel)
Line 57: Line 57:
 
make directories
 
make directories
  
  mkdir /usr/src
+
  # mkdir /usr/src
  chown chaosvpn_user /usr/src
+
  # chown chaosvpn_user /usr/src
  
 
get the actual source
 
get the actual source
 
   
 
   
  ftp -i ftp://ftp.NetBSD.org/pub/NetBSD/NetBSD-5.2/source/sets/
+
  $ ftp -i ftp://ftp.NetBSD.org/pub/NetBSD/NetBSD-5.2/source/sets/
mget *.tgz
+
  mget *.tgz
 
   
 
   
 
extract  
 
extract  
  
  for i in *.tgz
+
  $ for i in *.tgz
do
+
  do
tar -xzf $i  
+
  tar -xzf $i  
done
+
  done
  
 
after you realize youve extracted to the wrong dir
 
after you realize youve extracted to the wrong dir
  
  mv /usr/src/usr/src/* /usr/src
+
  $ mv /usr/src/usr/src/* /usr/src
  
 
copy config stuff
 
copy config stuff
  
  cd /usr/src/sys/arch/i386
+
  $ cd /usr/src/sys/arch/i386
  cp GENERIC i686_CVPN_x300
+
  $ cp GENERIC i686_CVPN_x300
  
 
start editing
 
start editing
  
  pico i686_CVPN_x300
+
  $ pico i686_CVPN_x300
  
 
reference
 
reference
Line 105: Line 105:
 
Time to start building the new kernel
 
Time to start building the new kernel
  
  config ./i686_CVPN_x300
+
  $ config ./i686_CVPN_x300
  cd ../compile/i686_CVPN_x300
+
  $ cd ../compile/i686_CVPN_x300
  make depend && make
+
  $ make depend && make
 +
 
 +
And install
 +
 
 +
$ su -
 +
# cp /netbsd /netbsd.orig
 +
# cp netbsd /

Revision as of 16:12, 31 July 2013

basic setup after vanilla install

---

vi /root/.profile

change the path for the pkgsrc repo to:

ftp://ftp.netbsd.org/pub/pkgsrc/packages/NetBSD/i386/5.0/All/
pkg_add lynx
pkg_add pico
pkg_add screen

---

vi /etc/ifconfig.fxp0

192.168.0.20{1,2} netmask 255.255.255.0 

---

vi /etc/sysctl.conf

net.inet.ip.forwarding=1

---

vi /etc/resolv.conf

nameserver 64.59.184.13

---

vi /etc/rc.conf

hostname=chaosvpn{1,2}.440bx.net
defaultroute=192.168.0.1
sshd=yes

---

useradd -m -G wheel chaosvpn_user
passwd chaosvpn_user

---

continue with the steps at:

https://wiki.hamburg.ccc.de/ChaosVPN:NetBSDHowto


---

prep to recompile the kernel

make directories

# mkdir /usr/src
# chown chaosvpn_user /usr/src

get the actual source

$ ftp -i ftp://ftp.NetBSD.org/pub/NetBSD/NetBSD-5.2/source/sets/
  mget *.tgz

extract

$ for i in *.tgz
  do
  tar -xzf $i 
  done

after you realize youve extracted to the wrong dir

$ mv /usr/src/usr/src/* /usr/src

copy config stuff

$ cd /usr/src/sys/arch/i386
$ cp GENERIC i686_CVPN_x300

start editing

$ pico i686_CVPN_x300

reference

http://gcc.gnu.org/onlinedocs/gcc/i386-and-x86_002d64-Options.html

CFLAGS:

CPUFLAGS="-march=pentium3m -mtune=pentium3m"

Uncommented:

PERFCTRS #since this is going to be non-smp kernel (may or may not ever use this)
GATEWAY
IPSEC
IPSEC_ESP
IPSEC_NAT_T

Might dig more into "tuning" later.

Time to start building the new kernel

$ config ./i686_CVPN_x300
$ cd ../compile/i686_CVPN_x300
$ make depend && make

And install

$ su -
# cp /netbsd /netbsd.orig
# cp netbsd /
Personal tools
Namespaces

Variants
Actions
Navigation
Members
Toolbox