mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2025-01-24 01:57:06 +01:00
9b632708fe
Obtained from: Darren Reed via http://cheops.anu.edu.au/~avalon/
60 lines
1.7 KiB
Plaintext
60 lines
1.7 KiB
Plaintext
|
|
To build a kernel for use with the loadable kernel module, follow these
|
|
steps:
|
|
1. do "make netbsd"
|
|
|
|
2. do "make install-bsd"
|
|
(probably has to be done as root)
|
|
|
|
3(a) NetBSD systems prior to 1.2:
|
|
run "NetBSD/minstall" as root
|
|
3(b) NetBSD 1.2 systems or later:
|
|
run "NetBSD-1.2/minstall" as root
|
|
|
|
4. build a new kernel
|
|
|
|
5. install and reboot with the new kernel
|
|
|
|
6. use modload(8) to load the packet filter with:
|
|
modload if_ipl.o
|
|
|
|
7. do "modstat" to confirm that it has been loaded successfully.
|
|
|
|
There is no need to use mknod to create the device in /dev;
|
|
- upon loading the module, it will create itself with the correct values,
|
|
under the name (IPL_NAME) from the Makefile. It will also remove itself
|
|
from /dev when it is modunload'd.
|
|
|
|
To build a kernel with the IP filter, follow these steps:
|
|
|
|
1. do "make netbsd"
|
|
|
|
2. do "make install-bsd"
|
|
(probably has to be done as root)
|
|
|
|
3(a) NetBSD systems prior to 1.2:
|
|
run "NetBSD/kinstall" as root
|
|
3(b) NetBSD 1.2 systems or later:
|
|
run "NetBSD-1.2/kinstall" as root
|
|
3(c) If conf.c fails on the 2nd hunk of the patch, you will have to
|
|
manually apply the patch.
|
|
|
|
4. build a new kernel
|
|
|
|
5. Create device files. For NetBSD-1.2 (or later), use 49 as the
|
|
major number. For NetBSD-1.1 or earlier, use 59. Run these
|
|
commands as root, substituting <major> for the appropriate number:
|
|
|
|
mknod /dev/ipl c <major> 0
|
|
mknod /dev/ipnat c <major> 1
|
|
mknod /dev/ipstate c <major> 2
|
|
mknod /dev/ipauth c <major> 3
|
|
|
|
** NOTE: both the numbers 49 and 59 should be substituted with
|
|
whatever number you inserted it into conf.c as.
|
|
|
|
6. install and reboot with the new kernel
|
|
|
|
Darren Reed
|
|
darrenr@pobox.com
|