Changes between Version 97 and Version 98 of FreeBSD10_Guide
- Timestamp:
- Dec 9, 2014, 12:13:58 PM (10 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
FreeBSD10_Guide
v97 v98 15 15 - update scripts to use 'drill' instead of 'dig' 16 16 - remove the "rcvar='set_rcvar'" statement from startup scripts in /etc/rc.d/ and /usr/local/etc/rc.d 17 18 ToDo:19 17 - based on FreeBSD-10.1-RELEASE 20 18 - [http://unbound.net/ unbound] replaces bind; recursive dns server on standard-node; authorative server for wleiden.net domain on two special servers in the network; [https://calomel.org/unbound_dns.html unbound tutorial]. Unbound optimizes forwarders automatically, so nameservershuffle is no longer needed. 19 - replaced thttpd by [http://httpd.apache.org/ apache-2.4] 20 21 ToDo: 21 22 - Patch unbound for security flaw. The patch is available: http://unbound.net/downloads/patch_cve_2014_8602.diff 22 23 Apply this patch with patch -p0 < the_patch_file. 23 - update captive portal to increase speed: use static html pages orwrite in C24 - update captive portal to increase speed: use static html pages and/or rewrite in C 24 25 - add 'welcome back' page to captive portal (activated when connection interrupted) 25 - replace thttpd:light version of [http://httpd.apache.org/ apache-2.4] ? [http://nginx.org/en/ nginx]?26 26 - bsnmp replaces net-snmp 27 27 - patch isc-dhcpd (#580.3) or use dnsmasq as dhcpd-server (?) 28 - wl-web pag inaredesign for local users / maintainance28 - wl-web page redesign for local users / maintainance 29 29 - add ssh-guard or no password-login, only keys 30 30 - watchdog for critical daemons? 31 - evaluate use of nsd for wleiden.net local domain dns service 32 - get rid of perl (comes with apache24) 31 33 32 34 Will keep … … 39 41 40 42 41 Gradually we are implementing the various changes, starting from the present software configuration (9.0-RELEASE) on FreeBSD10 -STABLE with the next generation package management system (pkgng). The procedure to build this 'work-in-progress' nodefactory-host is described below.43 Gradually we are implementing the various changes, starting from the present software configuration (9.0-RELEASE) on FreeBSD10.1-RELEASE with the next generation package management system (pkgng). The procedure to build this 'work-in-progress' nodefactory-host is described below. 42 44 43 45 A [http://svn.wirelessleiden.nl/svn/node-config/genesis/nodes/HybridTestTienThuis/wleiden.yaml test-node-configuration] is available in svn. 44 This wleiden.yaml file can be used to test the image by installing on an Alix-board with connection to the local network. 46 This wleiden.yaml file can be used to test the image by installing on an Alix-board with connection to the local network. We are also evaluating the new APU-board, see the wiki-page. 45 47 46 48 == A. Setup a FreeBSD host == … … 52 54 Get yourself a fresh i386 freebsd host with ports and subversion installed as follows: 53 55 === A.1. Run the basic CD installer === 54 The procedure below has been tested with 10. 0(standard developer install - no ports -, e.g. with default partitioning will fit our needs). Installing FreeBSD is outside the scope of this document, take a look into [http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/bsdinstall.html the FreeBSD handbook Chapter 2 Installing FreeBSD] if you do not know the details.56 The procedure below has been tested with 10.1 (standard developer install - no ports -, e.g. with default partitioning will fit our needs). Installing FreeBSD is outside the scope of this document, take a look into [http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/bsdinstall.html the FreeBSD handbook Chapter 2 Installing FreeBSD] if you do not know the details. 55 57 56 58 Please do mind that all commands below need to be executed as root, because of the many mounts and unmounts done in various phases. It maybe convenient to ''' permit ssh root login''' (''modify /etc/ssh/sshd_config'' accordingly).