A Network Tutorial/How-To Guide
for the FreeBSD OS
by Nick Rogness
Now that you have FreeBSD installed, lets go over how to enable and disable services that come with the system. That will lead us nicely into the next section. In order to turn on and off these services, we will need to do some configuration of the system. Let's do it!
Compared to most Unices, FreeBSD has a pretty nice way of setting things up quickly. It has 1 main configuration file that starts every service up when you boot your system (This is not entirely true but will hold for this section). This file is called rc.conf and it resides in /etc. Let's take a look:
> vi /etc/rc.conf
You should see a bunch of lines like the following:
gateway_enable="YES" network_interfaces="xl0 lo0" firewall_enable="YES" firewall_type="OPEN" ifconfig_xl0="inet 10.0.0.10 netmask 255.255.255.0"
These are options that are set at boot time. An important concept to understand is that this file is for options that are different from the defaults. That is, you only need to put options in here if you wish to override the defaults. So how do you know what the defaults are? There is a default rc.conf located at /etc/defaults/rc.conf. This default rc.conf file not only has the default boot options for services, it also contains general descriptions for the options. I STRONGLY suggest you look through this file. The rc.conf man page is also very valueable as it gives you all the information about rc.conf, including the full options.
Turning on options is now a snap. Let's look at a couple of examples for adding and changing options for rc.conf.
Example 1 => Changing the default gateway
Your gateway address gets set when you first install FreeBSD. So if you wanted to change it, you would edit
/etc/rc.conf :
# vi /etc/rc.confand change:
defaultrouter="10.0.0.1"to:
defaultrouter="10.0.21.2"What you just did is change the default gateway from 10.0.0.1 to 10.0.21.2. Save and exit the file.
Keep in mind that these options are set at boot time. They are not changed automatically when you save the file. In order for your change to take affect you would have to reboot your FreeBSD machine.
And yes, you can change your default gateway without rebooting, but that comes later.
Example 2 => Activating a firewall
Suppose you wanted to turn a firewall on to play with or secure your network. You would add the following
options to /etc/rc.conf:
firewall_enable="YES" firewall_type="OPEN"This turns on the ipfw firewall within the kernel. Like before, it does not become active until you reboot. Setting firewall_type="OPEN" just means to keep the firewall open to all packets. You want to add that until you actually configure the firewall or you will be not be able to do anything on the network as the default is to DENY all packets. Firewalling will be covered later.
As you can see, its pretty easy to turn basic system services on and off by working with /etc/rc.conf. We will visit /etc/rc.conf through the rest of this Tutorial.
I went over how to turn on and off system services (ie, Programs that come with the system) above. FreeBSD has another collection of addon programs which you can choose from and install onto your system. These 3rd-party programs are known as the Ports Collection. There are currently 6000+ programs you can install on your system. If you chose to install the "Ports Collection" when you installed FreeBSD, you should have the ports collection on your system. If you did not choose to install the ports during the install process...don't worry...you can still get them. First let's explain what the ports are.
All the ports collection is is a categorized skeleton structure of how to retrieve, compile, and install a program on your system. This skeleton is installed in /usr/ports. Within /usr/ports lies the ports Categories. Lets have a look:
> cd /usr/ports > ls INDEX audio editors mail sysutils LEGAL benchmarks emulators math textproc Makefile biology ftp mbone vietnamese Mk cad games misc www README chinese german net x11 README.html comms graphics news x11-clocks Templates converters irc palm x11-fm Tools databases japanese print x11-fonts YEAR2000 deskutils java russian x11-servers archivers devel korean security x11-toolkits astro distfiles lang shells x11-wmThese are the Categories. Actually they are directories. For example, the "games" directory contains all the ports that deal with games, the "databases" directory contains all the ports that deal with databases. You get the idea. How do you know which ports are what? You can find out a several of ways. The easiest way is to look inside the port directory for a file called pkg-descr or DESCR. WIthin this file will be a brief description of what the port is. Let's looks at one.
Let's look in Math Categories: # cd /usr/ports/math # ls Makefile femlab libranlib pspp umfpack PDL fftpack linalg py-gnuplot vtk R-a4 fftw linpack py-scientific wingz R-letter freefem metis pygist wmcalc README.html fudgit netcdf rcalc xgfe Scilab geg ngraph rng xgraph abs glove ntl sc xldlas add gnumeric numpy siag xlispstat apc gnuplot octave simpack xmgr blas gnuplot+ oleo slsc xplot calc grace p5-MatrixReal snns xspread calctool grpn p5-Set-IntSpan spin xwpl concorde gsl pari ss dcdflib hexcalc parmetis superlu eispack lapack pkg topaz eval libneural plplot umatrix Hmm, what is 'spin'? Let's find out: # cd spin # cat pkg-descr Spin is an efficient on-the-fly verification system (a `model checker') for asynchronous concurrent systems, such as data communication protocols, distributed operating systems, database systems, etc. It can be used to prove both safety and liveness properties, including all correctness requirements expressible in linear time temporal logic. Spin uses a high level language to specify systems descriptions, called PROMELA (PROcess MEta LAnguage). #Now we know what the spin program is. There is also an online ports listing at the bottom of this page at www.freebsd.org.
Now let's actually install spin !
Let's make sure we're in the right place to install 'spin': # pwd /usr/ports/math/spin Good, Let's install it now: # make installWhat your FreeBSD system does at this point is:
1) Download the source tarball (The actual source code for spin) from the internet 2) Place the tarball in /usr/ports/distfiles 3) Extract the tarball in the 'work' directory in the current directory (ie, /usr/ports/math/spin/work) 4) apply any source code patches that are needed for your system to run this program 5) if you need other ports to compile or run this port (dependancies), repeat steps 1-6 6) compile dependancies and this port 7) Install dependancies and this portAll ports related files usually get installed in /usr/local. This includes your compiled program, config files, libraries, etc. So its usually safe to say that everything in /usr/local is anything you've added to your system that is not part of the base FreeBSD system. The 'make' process takes care of worrying about dependancies you may need to compile/run your port.
Uninstalling ports is just as easy. Let's uninstall the 'spin' port we just installed above.
Let's make sure we're in the right place to uninstall 'spin': # pwd /usr/ports/math/spin Good, Let's uninstall it now: # make deinstallThis will remove spin from your system.
So that's the famous Ports collection. Very powerful and easy to use. There are other ways of installing 3rd party programs. You can get precompiled binaries (aka FreeBSD packages) as well. This is usually another way to get the program you want without actually compiling it. You can also manually download the source code compile and install it yourself without ever using the ports or packages.
FreeBSD also comes with a GUI called sysinstall. You can use this GUI to do a lot of the main configuration of the system as well as:
-Upgrading the System (aka Binary Upgrade) -Add System distribution sets (add on system software, not ports) -Partition and label newly added hard drives -Configure a mouse -Configure some system startup services (like we did above in the Config section) -Install FreeBSD packages (packages not ports) - and so on and etc.Sysinstall is a nice little GUI that can do a lot of things, but not all things. It's worth mentioning because I wanted to follow up on the question I posed earlier: What if I didn't install the ports collection during the install process. You can now use sysinstall to install the ports skeleton framework.
# /stand/sysinstall A window will pop up. Select: "Do post-install configuration of FreeBSD" then select: "Install additional distribution sets" then hit the space bar to put an "X" in the line at says: "The FreeBSD Ports Collection" hit [ENTER] button. Now choose where you want to install it from.Once this gets done you can exit out of sysinstall and you should now have a complete ports skeleton framework in /usr/ports!
You might have recognized sysinstall...you used it when you installed FreeBSD for the first time! I would recommend running through the menus as I will not be going into great detail simply because it's a GUI.
If you are looking for help on a problem there are a few resources you can use for free:
Mailing lists
News Groups
Web Resources
The mailling lists are a valuable resource of information. If you really want to learn and you're new to FreeBSD, I would recommend subscribing to freebsd-questions@freebsd.org. It's a pretty high volume mailling list but you can learn quite a bit just from watching the messages and responses. Don't be afraid to ask a question on that list. Everyone has to start somewhere. If you're new to FreeBSD, I would shy away from the other technical lists until you're comfortable. Also freebsd-newbies may be OK too.
There is also a few companies that offer tech support for FreeBSD for a small fee. Information for them can be found at www.freebsd.org website.