
平台论坛博客文库

› 论坛 › 操作系统 › BSD › FreeBSD 6.X 内核编译

12 / 2 页下一页

[FreeBSD] FreeBSD 6.X 内核编译 [复制链接]

BSD_KT

丰衣足食

论坛徽章:: 0

电梯直达

1楼 [收藏(0)] [报告]

发表于 2006-08-07 15:00 |只看该作者 |倒序浏览

发现网络、防火墙相关的配置在内核中已经去掉了，是吗？

#
# GENERIC -- Generic kernel configuration file for FreeBSD/i386
#
# For more information on this file, please read the handbook section on
# Kernel Configuration Files:
#
# http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-config.html
#
# The handbook is also available locally in /usr/share/doc/handbook
# if you've installed the doc distribution, otherwise always see the
# FreeBSD World Wide Web server (http://www.FreeBSD.org/) for the
# latest information.
#
# An exhaustive list of options and more detailed explanations of the
# device lines is also present in the ../../conf/NOTES and NOTES files.
# If you are in doubt as to the purpose or necessity of a line, check first
# in NOTES.
#
# $FreeBSD: src/sys/i386/conf/GENERIC,v 1.429.2.3.2.1 2005/10/28 19:22:41 jhb Exp $
machine i386
cpu I486_CPU
cpu I586_CPU
cpu I686_CPU
ident GENERIC
# To statically compile in device wiring instead of /boot/device.hints
#hints "GENERIC.hints" # Default places to look for devices.
makeoptions DEBUG=-g # Build kernel with gdb(1) debug symbols
#options SCHED_ULE # ULE scheduler
options SCHED_4BSD # 4BSD scheduler
options PREEMPTION # Enable kernel thread preemption
options INET # InterNETworking
options INET6 # IPv6 communications protocols
options FFS # Berkeley Fast Filesystem
options SOFTUPDATES # Enable FFS soft updates support
options UFS_ACL # Support for access control lists
options UFS_DIRHASH # Improve performance on big directories
options MD_ROOT # MD is a potential root device
options NFSCLIENT # Network Filesystem Client
options NFSSERVER # Network Filesystem Server
options NFS_ROOT # NFS usable as /, requires NFSCLIENT
options MSDOSFS # MSDOS Filesystem
options CD9660 # ISO 9660 Filesystem
options PROCFS # Process filesystem (requires PSEUDOFS)
options PSEUDOFS # Pseudo-filesystem framework
options GEOM_GPT # GUID Partition Tables.
options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!]
options COMPAT_FREEBSD4 # Compatible with FreeBSD4
options COMPAT_FREEBSD5 # Compatible with FreeBSD5
options SCSI_DELAY=5000 # Delay (in ms) before probing SCSI
options KTRACE # ktrace(1) support
options SYSVSHM # SYSV-style shared memory
options SYSVMSG # SYSV-style message queues
options SYSVSEM # SYSV-style semaphores
options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
options KBD_INSTALL_CDEV # install a CDEV entry in /dev
options AHC_REG_PRETTY_PRINT # Print register bitfields in debug
# output. Adds ~128k to driver.
options AHD_REG_PRETTY_PRINT # Print register bitfields in debug
# output. Adds ~215k to driver.
options ADAPTIVE_GIANT # Giant mutex is adaptive.
device apic # I/O APIC
# Bus support.
device eisa
device pci
# Floppy drives
device fdc
# ATA and ATAPI devices
device ata
device atadisk # ATA disk drives
device ataraid # ATA RAID drives
device atapicd # ATAPI CDROM drives
device atapifd # ATAPI floppy drives
device atapist # ATAPI tape drives
options ATA_STATIC_ID # Static device numbering
# SCSI Controllers
device ahb # EISA AHA1742 family
device ahc # AHA2940 and onboard AIC7xxx devices
device ahd # AHA39320/29320 and onboard AIC79xx devices
device amd # AMD 53C974 (Tekram DC-390(T))
device isp # Qlogic family
#device ispfw # Firmware for QLogic HBAs- normally a module
device mpt # LSI-Logic MPT-Fusion
#device ncr # NCR/Symbios Logic
device sym # NCR/Symbios Logic (newer chipsets + those of `ncr')
device trm # Tekram DC395U/UW/F DC315U adapters
device adv # Advansys SCSI adapters
device adw # Advansys wide SCSI adapters
device aha # Adaptec 154x SCSI adapters
device aic # Adaptec 15[012]x SCSI adapters, AIC-6[23]60.
device bt # Buslogic/Mylex MultiMaster SCSI adapters
device ncv # NCR 53C500
device nsp # Workbit Ninja SCSI-3
device stg # TMC 18C30/18C50
# SCSI peripherals
device scbus # SCSI bus (required for SCSI)
device ch # SCSI media changers
device da # Direct Access (disks)
device sa # Sequential Access (tape etc)
device cd # CD
device pass # Passthrough device (direct SCSI access)
device ses # SCSI Environmental Services (and SAF-TE)
# RAID controllers interfaced to the SCSI subsystem
device amr # AMI MegaRAID
device arcmsr # Areca SATA II RAID
device asr # DPT SmartRAID V, VI and Adaptec SCSI RAID
device ciss # Compaq Smart RAID 5*
device dpt # DPT Smartcache III, IV - See NOTES for options
device hptmv # Highpoint RocketRAID 182x
device iir # Intel Integrated RAID
device ips # IBM (Adaptec) ServeRAID
device mly # Mylex AcceleRAID/eXtremeRAID
device twa # 3ware 9000 series PATA/SATA RAID
# RAID controllers
device aac # Adaptec FSA RAID
device aacp # SCSI passthrough for aac (requires CAM)
device ida # Compaq Smart RAID
device mlx # Mylex DAC960 family
device pst # Promise Supertrak SX6000
device twe # 3ware ATA RAID
# atkbdc0 controls both the keyboard and the PS/2 mouse
device atkbdc # AT keyboard controller
device atkbd # AT keyboard
device psm # PS/2 mouse
device vga # VGA video card driver
device splash # Splash screen and screen saver support
# syscons is the default console driver, resembling an SCO console
device sc
# Enable this for the pcvt (VT220 compatible) console driver
#device vt
#options XSERVER # support for X server on a vt console
#options FAT_CURSOR # start with block cursor
device agp # support several AGP chipsets
# Power management support (see NOTES for more options)
#device apm
# Add suspend/resume support for the i8254.
device pmtimer
# PCCARD (PCMCIA) support
# PCMCIA and cardbus bridge support
device cbb # cardbus (yenta) bridge
device pccard # PC Card (16-bit) bus
device cardbus # CardBus (32-bit) bus
# Serial (COM) ports
device sio # 8250, 16[45]50 based serial ports
# Parallel port
device ppc
device ppbus # Parallel port bus (required)
device lpt # Printer
device plip # TCP/IP over parallel
device ppi # Parallel port interface device
#device vpo # Requires scbus and da
# If you've got a "dumb" serial or parallel PCI card that is
# supported by the puc(4) glue driver, uncomment the following
# line to enable it (connects to the sio and/or ppc drivers):
#device puc
# PCI Ethernet NICs.
device de # DEC/Intel DC21x4x (``Tulip'')
device em # Intel PRO/1000 adapter Gigabit Ethernet Card
device ixgb # Intel PRO/10GbE Ethernet Card
device txp # 3Com 3cR990 (``Typhoon'')
device vx # 3Com 3c590, 3c595 (``Vortex'')
# PCI Ethernet NICs that use the common MII bus controller code.
# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs!
device miibus # MII bus support
device bfe # Broadcom BCM440x 10/100 Ethernet
device bge # Broadcom BCM570xx Gigabit Ethernet
device dc # DEC/Intel 21143 and various workalikes
device fxp # Intel EtherExpress PRO/100B (82557, 82558)
device lge # Level 1 LXT1001 gigabit Ethernet
device nge # NatSemi DP83820 gigabit Ethernet
device nve # nVidia nForce MCP on-board Ethernet Networking
device pcn # AMD Am79C97x PCI 10/100(precedence over 'lnc')
device re # RealTek 8139C+/8169/8169S/8110S
device rl # RealTek 8129/8139
device sf # Adaptec AIC-6915 (``Starfire'')
device sis # Silicon Integrated Systems SiS 900/SiS 7016
device sk # SysKonnect SK-984x & SK-982x gigabit Ethernet
device ste # Sundance ST201 (D-Link DFE-550TX)
device ti # Alteon Networks Tigon I/II gigabit Ethernet
device tl # Texas Instruments ThunderLAN
device tx # SMC EtherPower II (83c170 ``EPIC'')
device vge # VIA VT612x gigabit Ethernet
device vr # VIA Rhine, Rhine II
device wb # Winbond W89C840F
device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'')
# ISA Ethernet NICs. pccard NICs included.
device cs # Crystal Semiconductor CS89x0 NIC
# 'device ed' requires 'device miibus'
device ed # NE[12]000, SMC Ultra, 3c503, DS8390 cards
device ex # Intel EtherExpress Pro/10 and Pro/10+
device ep # Etherlink III based cards
device fe # Fujitsu MB8696x based cards
device ie # EtherExpress 8/16, 3C507, StarLAN 10 etc.
device lnc # NE2100, NE32-VL Lance Ethernet cards
device sn # SMC's 9000 series of Ethernet chips
device xe # Xircom pccard Ethernet
# ISA devices that use the old ISA shims
#device le
# Wireless NIC cards
device wlan # 802.11 support
device an # Aironet 4500/4800 802.11 wireless NICs.
device awi # BayStack 660 and others
device ral # Ralink Technology RT2500 wireless NICs.
device wi # WaveLAN/Intersil/Symbol 802.11 wireless NICs.
#device wl # Older non 802.11 Wavelan wireless NIC.
# Pseudo devices.
device loop # Network loopback
device random # Entropy device
device ether # Ethernet support
device sl # Kernel SLIP
device ppp # Kernel PPP
device tun # Packet tunnel.
device pty # Pseudo-ttys (telnet etc)
device md # Memory "disks"
device gif # IPv6 and IPv4 tunneling
device faith # IPv6-to-IPv4 relaying (translation)
# The `bpf' device enables the Berkeley Packet Filter.
# Be aware of the administrative consequences of enabling this!
# Note that 'bpf' is required for DHCP.
device bpf # Berkeley packet filter
# USB support
device uhci # UHCI PCI->USB interface
device ohci # OHCI PCI->USB interface
device ehci # EHCI PCI->USB interface (USB 2.0)
device usb # USB Bus (required)
#device udbp # USB Double Bulk Pipe devices
device ugen # Generic
device uhid # "Human Interface Devices"
device ukbd # Keyboard
device ulpt # Printer
device umass # Disks/Mass storage - Requires scbus and da
device ums # Mouse
device ural # Ralink Technology RT2500USB wireless NICs
device urio # Diamond Rio 500 MP3 player
device uscanner # Scanners
# USB Ethernet, requires miibus
device aue # ADMtek USB Ethernet
device axe # ASIX Electronics USB Ethernet
device cdce # Generic USB over Ethernet
device cue # CATC USB Ethernet
device kue # Kawasaki LSI USB Ethernet
device rue # RealTek RTL8150 USB Ethernet
# FireWire support
device firewire # FireWire bus code
device sbp # SCSI over FireWire (Requires scbus and da)
device fwe # Ethernet over FireWire (non-standard!)

复制代码

文库|博客

小猪快跑

稍有积蓄

论坛徽章:: 0

2楼 [报告]

发表于 2006-08-07 15:06 |只看该作者

是也不是
网络相关？？指的是什么
防火墙，默认内核是没有的

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

BSD_KT

丰衣足食

论坛徽章:: 0

3楼 [报告]

发表于 2006-08-07 15:15 |只看该作者

可在我的内核(6.0)中没有看见相关的信息，如果有，我记得应该是注释掉的
---
刚看了手册。看来得手动添加进去才行~~

不好意思。当我灌水了一把

[ 本帖最后由 BSD_KT 于 2006-8-7 15:20 编辑 ]

pilgrim_kevin

家境小康

论坛徽章:: 0

4楼 [报告]

发表于 2006-08-07 15:24 |只看该作者

不知道你说的“网络相关是指什么”
防火墙默认是没有配置的。

HonestQiao

版主

论坛徽章:: 1

5楼 [报告]

发表于 2006-08-07 15:53 |只看该作者

默认是没有的啊。

6.0
6.1pre
6.1

我都编译国的啊

BSD_KT

丰衣足食

论坛徽章:: 0

6楼 [报告]

发表于 2006-08-07 16:32 |只看该作者

谢谢，指点，对于 pf ，是不是不需要进行内核里进行配置阿？

小猪快跑

稍有积蓄

论坛徽章:: 0

7楼 [报告]

发表于 2006-08-08 08:35 |只看该作者

原帖由 BSD_KT 于 2006-8-7 16:32 发表
谢谢，指点，对于 pf ，是不是不需要进行内核里进行配置阿？

同上

HonestQiao

版主

论坛徽章:: 1

8楼 [报告]

发表于 2006-08-08 08:37 |只看该作者

http://cnsnap.cn.freebsd.org/doc ... k/firewalls-pf.html
以下原文拷贝手册：
4.1 启用 PF
　　PF 作为 FreeBSD 5.3 和更高版本基本系统安装的一部分，作为一个可以动态加载的模块出现。如果在 rc.conf 中配置了 pf_enable="YES" 则系统会自动加载对应的内核模块。可加载内核模块在构建时启用了 pflog(4)。

注意: 这个模块假定 options INET 和 device bpf 是存在的。除非编译时指定了 NOINET6 (对 FreeBSD 6.0-RELEASE 之前的版本) 或 NO_INET6 (对更新一些的版本) (例如在 make.conf(5) 中定义) 它还需要 options INET6。

　　一旦加载了这个内核模块，或者将 PF 支持静态联编进内核，就可以随时通过 pfctl 来启用或禁用 pf 了。

　　下面的例子展示了如何启用 pf：

# pfctl -e
　　pfctl 命令提供了一种与 pf 防火墙交互的方法。要了解进一步的信息，参考 pfctl(

联机手册是一个不错的办法。

26.4.2 内核选项
　　将下面这些选项加入到 FreeBSD 内核的编译配置文件中并不是启用 PF 的强制性要求。这里列出它们主要是为了介绍一些背景信息。将 PF 编译到内核中之后，就不再需要使用可加载内核模块了。

　　如何在内核编译配置中加入对于 PF 选项的例子可以在内核源代码中的 /usr/src/sys/conf/NOTES 这个文件中找到。这里列举如下：

device pf
device pflog
device pfsync
　　device pf 用于启用 “Packet Filter” 防火墙的支持。

　　device pflog 启用可选的 pflog(4) 伪网络设备，用以通过 bpf(4) 描述符来记录流量。 pflogd(

服务可以用来存储信息，并把它们以日志形式记录到磁盘上。

　　device pfsync 启用可选的 pfsync(4) 伪网络设备，用以监视 “状态变更”。由于这不是那个可加载内核模块的一部分，因此如果需要使用它，就必须自行编译定制的内核了。

　　这些设置只有在您使用它们构建和安装新内核之后才会生效。

26.4.3 可用的 rc.conf 选项
　　您需要在 /etc/rc.conf 中添加如下配置，以便在启动时激活 PF：

pf_enable="YES"                # 启用 PF (如果需要的话，自动加载内核模块)
pf_rules="/etc/pf.conf"       # pf 使用的规则定义文件
pf_flags=""                   # 启动时传递给 pfctl 的其他选项
pflog_enable="YES"             # 启动 pflogd(

pflog_logfile="/var/log/pflog"  # pflogd 用于记录日志的文件名
pflog_flags=""                # 启动时传递给 pflogd 的其他选项
　　如果您的防火墙后面有一个 LAN，而且需要通过它来转发 LAN 上的包，或进行 NAT，还必须同时启用下述选项：

gateway_enable="YES"          # 启用为 LAN 网关