FreeBSD/Building ALIX Image

From TomJudge.com
Jump to: navigation, search

Contents

FreeBSD on an ALIX

Before you start

I would recommend using a dedicated build system to generate the images so that you don't pollute the built images with other things.

You must also make sure that all ports in your build host are up to date with respect to the current ports tree in /usr/ports or the package building phase may fail.


Getting started

First you will need to decide what sort of system you are going to support you will need to look at the options in src.conf(5) and make.conf(5) in detail and make sure you don't build/install things that you don't want.

For this system I will be building a simple router that will need:

  • IPSec support
  • PF Support
  • Bind server
  • SSH Server
  • Dhcp Client
  • Wireless stack with hostapd
  • Some ports
    • miniupnpd
    • Quagga
    • bash
    • vim-lite
    • isc-dhcp-server


My src.conf would contain the following for a build to support this:

File contents from SVN: src.conf
WITHOUT_ACPI=YES
WITHOUT_AMD=YES
WITHOUT_APM=YES
WITHOUT_ATM=YES
WITHOUT_BLUETOOTH=YES
WITHOUT_EXAMPLES=YES
WITHOUT_GAMES=YES
WITHOUT_GSSAPI=YES
WITHOUT_HTML=YES
WITHOUT_INET6=YES
WITHOUT_INFO=YES
WITHOUT_IPFILTER=YES
WITHOUT_IPFW=YES
WITHOUT_IPX=YES
WITHOUT_JAIL=YES
WITHOUT_KERBEROS=YES
WITHOUT_LOCALES=YES
WITHOUT_LPR=YES
WITHOUT_MAKE=YES
WITHOUT_NDIS=YES
WITHOUT_NETGRAPH=YES
WITHOUT_NIS=YES
WITHOUT_OBJC=YES
WITHOUT_PMC=YES
WITHOUT_PORTSNAP=YES
WITHOUT_PPP=YES
WITHOUT_PROFILE=YES
WITHOUT_QUOTAS=YES
WITHOUT_RCMDS=YES
WITHOUT_RCS=YES
WITHOUT_ROUTED=YES
WITHOUT_SHAREDOCS=YES
WITHOUT_ZFS=YES


NOTE: I have disabled IPv6 in this build as I will not need it

The Kernel

It is considered good practice to use the GENERIC FreeBSD kernel as a starting point for your configuration.

File contents from SVN: ALIXv1
## Include the base config from FreeBSD
include GENERIC
 
## Set our kernels image Name
ident		ALIXv1
 
nomakeoptions DEBUG
makeoptions    NO_MODULES=yes
# Alix has a Geode CPU
options CPU_GEODE
 
# Crypto framework for IPSec
device crypto
device cryptodev
 
# Geode cpu has hardware crypto support
device glxsb
 
# Firewall
device pf
device pflog
device pfsync
# IPSec options
options IPSEC
options IPSEC_FILTERTUNNEL
device enc
 
 
 
## Stuff i we dont need
 
## No cd driver
nooptions 	MSDOSFS			# MSDOS Filesystem
nooptions 	CD9660			# ISO 9660 Filesystem
 
nooptions 	INET6			# IPv6 communications protocols
nooptions 	SCTP			# Stream Control Transmission Protocol
nooptions 	UFS_GJOURNAL		# Enable gjournal-based UFS journaling
 
## No Debugging stuff
nooptions INVARIANTS
nooptions INVARIANT_SUPPORT
nooptions WITNESS
nooptions WITNESS_SKIPSPIN
 
# Floppy drives
nodevice		fdc
 
## Disable various ATA systems we will never have
nodevice		ataraid		# ATA RAID drives
nodevice		atapicd		# ATAPI CDROM drives
nodevice		atapifd		# ATAPI floppy drives
nodevice		atapist		# ATAPI tape drives
 
## SCSI Controllers
nodevice ahb
nodevice ahc
nodevice ahd
nodevice amd
nodevice hptiop
nodevice isp
nodevice mpt
nodevice sym
nodevice trm
nodevice adv
nodevice adw
nodevice aha
nodevice aic
nodevice bt
nodevice ncv
nodevice nsp
nodevice stg
nodevice amr
nodevice arcmsr
nodevice asr
nodevice ciss
nodevice dpt
nodevice hptmv
nodevice hptrr
nodevice iir
nodevice ips
nodevice mly
nodevice twa
 
## Raid controllers
nodevice aac
nodevice aacp
nodevice ida
nodevice mfi
nodevice mlx
nodevice pst
nodevice twe
 
## Other stuff thats not in an alix
nodevice		atkbdc		# AT keyboard controller
nodevice		atkbd		# AT keyboard
nodevice		psm		# PS/2 mouse
 
nodevice		kbdmux		# keyboard multiplexer
 
nodevice		vga		# VGA video card driver
 
nodevice		splash		# Splash screen and screen saver support
 
# syscons is the default console driver, resembling an SCO console
nodevice		sc
 
nodevice		agp		# support several AGP chipsets
 
 
# PCCARD (PCMCIA) support
# PCMCIA and cardbus bridge support
nodevice		cbb		# cardbus (yenta) bridge
nodevice		pccard		# PC Card (16-bit) bus
nodevice		cardbus		# CardBus (32-bit) bus
# Parallel port
nodevice		ppc
nodevice		ppbus		# Parallel port bus (required)
nodevice		lpt		# Printer
nodevice		plip		# TCP/IP over parallel
nodevice		ppi		# Parallel port interface device
 
## Nics
nodevice de
nodevice em
nodevice igb
nodevice ixgb
nodevice le
nodevice ti
nodevice txp
nodevice vx
 
nodevice		ae		# Attansic/Atheros L2 FastEthernet
nodevice		age		# Attansic/Atheros L1 Gigabit Ethernet
nodevice		alc		# Atheros AR8131/AR8132 Ethernet
nodevice		ale		# Atheros AR8121/AR8113/AR8114 Ethernet
nodevice		bce		# Broadcom BCM5706/BCM5708 Gigabit Ethernet
nodevice		bfe		# Broadcom BCM440x 10/100 Ethernet
nodevice 		bge
nodevice		dc		# DEC/Intel 21143 and various workalikes
nodevice		et		# Agere ET1310 10/100/Gigabit Ethernet
nodevice		fxp		# Intel EtherExpress PRO/100B (82557, 82558)
nodevice		jme		# JMicron JMC250 Gigabit/JMC260 Fast Ethernet
nodevice		lge		# Level 1 LXT1001 gigabit Ethernet
nodevice		msk		# Marvell/SysKonnect Yukon II Gigabit Ethernet
nodevice		nfe		# nVidia nForce MCP on-board Ethernet
nodevice		nge		# NatSemi DP83820 gigabit Ethernet
#device		nve		# nVidia nForce MCP on-board Ethernet Networking
nodevice		pcn		# AMD Am79C97x PCI 10/100 (precedence over 'le')
nodevice		re		# RealTek 8139C+/8169/8169S/8110S
nodevice		rl		# RealTek 8129/8139
nodevice		sf		# Adaptec AIC-6915 (``Starfire'')
nodevice		sis		# Silicon Integrated Systems SiS 900/SiS 7016
nodevice		sk		# SysKonnect SK-984x & SK-982x gigabit Ethernet
nodevice		ste		# Sundance ST201 (D-Link DFE-550TX)
nodevice		stge		# Sundance/Tamarack TC9021 gigabit Ethernet
nodevice		tl		# Texas Instruments ThunderLAN
nodevice		tx		# SMC EtherPower II (83c170 ``EPIC'')
nodevice		vge		# VIA VT612x gigabit Ethernet
nodevice		wb		# Winbond W89C840F
nodevice		xl		# 3Com 3c90x (``Boomerang'', ``Cyclone'')
 
# ISA Ethernet NICs.  pccard NICs included.
nodevice		cs		# Crystal Semiconductor CS89x0 NIC
# 'device ed' requires 'device miibus'
nodevice		ed		# NE[12]000, SMC Ultra, 3c503, DS8390 cards
nodevice		ex		# Intel EtherExpress Pro/10 and Pro/10+
nodevice		ep		# Etherlink III based cards
nodevice		fe		# Fujitsu MB8696x based cards
nodevice		ie		# EtherExpress 8/16, 3C507, StarLAN 10 etc.
nodevice		sn		# SMC's 9000 series of Ethernet chips
nodevice		xe		# Xircom pccard Ethernet
 
## WIFI
nodevice		an		# Aironet 4500/4800 802.11 wireless NICs.
nodevice		ral		# Ralink Technology RT2500 wireless NICs.
nodevice		wi		# WaveLAN/Intersil/Symbol 802.11 wireless NICs.
 
## USB Stuff
nodevice		rum		# Ralink Technology RT2501USB wireless NICs
nodevice		ural		# Ralink Technology RT2500USB wireless NICs
nodevice		uath		# Atheros AR5523 wireless NICs
nodevice		zyd		# ZyDAS zb1211/zb1211b wireless NICs\
nodevice		urio		# Diamond Rio 500 MP3 player
# USB Serial devices
nodevice		u3g		# USB-based 3G modems (Option, Huawei, Sierra)
nodevice		uark		# Technologies ARK3116 based serial adapters
nodevice		ubsa		# Belkin F5U103 and compatible serial adapters
nodevice		uftdi		# For FTDI usb serial adapters
nodevice		uipaq		# Some WinCE based devices
nodevice		uplcom		# Prolific PL-2303 serial adapters
nodevice		uslcom		# SI Labs CP2101/CP2102 serial adapters
nodevice		uvisor		# Visor and Palm devices
nodevice		uvscom		# USB serial support for DDI pocket's PHS
# USB Ethernet, requires miibus
nodevice		aue		# ADMtek USB Ethernet
nodevice		axe		# ASIX Electronics USB Ethernet
nodevice		cdce		# Generic USB over Ethernet
nodevice		cue		# CATC USB Ethernet
nodevice		kue		# Kawasaki LSI USB Ethernet
nodevice		rue		# RealTek RTL8150 USB Ethernet
nodevice		udav		# Davicom DM9601E USB
 
# FireWire support
nodevice		firewire	# FireWire bus code
nodevice		sbp		# SCSI over FireWire (Requires scbus and da)
nodevice		fwe		# Ethernet over FireWire (non-standard!)
nodevice		fwip		# IP over FireWire (RFC 2734,3146)
nodevice		dcons		# Dumb console driver
nodevice		dcons_crom	# Configuration ROM for dcons


References

http://www.freebsd.org/doc/en/articles/nanobsd/howto.html

Retrieved from "http://www.tomjudge.com/index.php/FreeBSD/Building_ALIX_Image"
Personal tools