FreeBSD Handbook: Setting Up the Serial Console
Boot Config
###
### rc.conf Boot Config File
### by Andreas Bachmann
###
### CONSOLE ####################################################################
font8x14="NO"
font8x16="swiss-8x16"
font8x8="swiss-8x8"
inetd_enable="NO"
keymap="swissgerman.cp850"
### NETWORK ####################################################################
hostname="gateway.lan.bachi.net"
ifconfig_vr0="DHCP"
ifconfig_vr1="10.0.0.1 255.0.0.0"
### ifconfig_vr2="10.0.0.5 255.0.0.0"
gateway_enable="YES"
### FIREWALL ###################################################################
pf_enable="YES"
pf_rules="/etc/pf.conf"
pf_flags=""
pflog_enable="YES"
pflog_logfile="/var/log/pf.log"
pflog_flags=""
### DAEMONS ####################################################################
sendmail_enable="NONE"
dhcpd_enable="YES"
dhcpd_ifaces="vr1"
sshd_enable="YES"
snmpd_enable="YES"
snmpd_flags="-a"
snmpd_pidfile="/var/run/snmpd.pid"
ntpdate_enable="YES"
ntpdate_hosts="swisstime.ethz.ch"
NTP
server 0.ch.pool.ntp.org
server 1.ch.pool.ntp.org
server 2.ch.pool.ntp.org
server 3.ch.pool.ntp.org
Kernel Config
###
### BACHI-NET Kernel Configurations File
### by Andreas Bachmann
###
machine i386
cpu I586_CPU
ident GATEWAY-CF
###############################################################################
# CPU OPTIONS
options CPU_GEODE
device cpufreq # CPU frequency control
options HZ=1000 # Smoother scheduling
options FLOWTABLE # per-cpu routing cache
###############################################################################
# SCHEDULING
options SCHED_ULE # new scheduler
options PREEMPTION # Preemptive Scheduler
###############################################################################
# POSIX P1003.1B
options P1003_1B_SEMAPHORES # POSIX-style semaphores
options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
###############################################################################
# PARTITIONING
options GEOM_PART_GPT # GUID Partition Tables.
options GEOM_LABEL # Provides labelization
###############################################################################
# TRUSTEDBSD MAC FRAMEWORK
options MAC # TrustedBSD MAC Framework
###############################################################################
# FILE SYSTEM
options FFS # Berkeley Fast Filesystem
options PROCFS # Process filesystem (requires PSEUDOFS)
options PSEUDOFS # Pseudo-filesystem framework
options SOFTUPDATES # Enable FFS soft updates support
options UFS_ACL # Support for access control lists
options UFS_DIRHASH # Improve performance on big directories
options UFS_GJOURNAL # Enable gjournal-based UFS journaling
options MD_ROOT # MD is a potential root device
###############################################################################
# CRYPTO SUBSYSTEM
device crypto # core crypto support
device cryptodev # /dev/crypto for access to h/w
###############################################################################
# SECURITY POLICY PARAMETERS
options AUDIT # Security event auditing
###############################################################################
# COMPATIBILITY OPTIONS
options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!]
options COMPAT_FREEBSD4 # Compatible with FreeBSD4
options COMPAT_FREEBSD5 # Compatible with FreeBSD5
options COMPAT_FREEBSD6 # Compatible with FreeBSD6
options COMPAT_FREEBSD7 # Compatible with FreeBSD7
options SYSVSHM # SYSV-style shared memory
options SYSVMSG # SYSV-style message queues
options SYSVSEM # SYSV-style semaphores
###############################################################################
# BUS TYPES
device eisa # Extended Industry Standard Architecture (EISA) Bus
device pci # Peripheral Computer Interface (PCI) Bus
device uart # Universal Asynchronous Receiver/Transmitter (UART) Bus
device miibus # Media Independent Interface (MII) Bus
###############################################################################
# SYSTEM MANAGEMENT INTERFACE DEVICES
device pmtimer
###############################################################################
# DISK DEVICES
device md # Memory "disks"
###############################################################################
# ATA DEVICES
device ata #
device atadisk # ATA disk drives
device atapicam # emulate ATAPI devices as SCSI ditto via CAM
###############################################################################
# SCSI OPTIONS AND DEVICES
device scbus # Base SCSI Code
device ch # SCSI media changers
device da # SCSI direct access devices (aka disks)
device sa # SCSI tapes
device cd # SCSI CD-ROMs
device pass # CAM passthrough driver
options SCSI_DELAY=300 # Delay (in ms) before probing SCSI
###############################################################################
# NETWORKING OPTIONS AND DEVICES
options INET # InterNETworking
options NETGRAPH # netgraph(4) system
options ALTQ # Alternate queuing
options ALTQ_CBQ # Class Bases Queueing
options ALTQ_RED # Random Early Detection
options ALTQ_RIO # RED In/Out
options ALTQ_HFSC # Hierarchical Packet Scheduler
options ALTQ_CDNR # Traffic conditioner
options ALTQ_PRIQ # Priority Queueing
options ALTQ_NOPCC # Required for SMP build
device loop # Network loopback
device ether # Ethernet support
device bpf # Berkeley packet filter
device bridge # Network bridge device
device pf # PF OpenBSD packet-filter firewall
device pflog # logging support interface for PF
device vr # VIA Rhine, Rhine II
###############################################################################
# PERIPHERAL DEVICES
device atkbdc # AT keyboard controller
device atkbd
device kbdmux # keyboard multiplexer
device psm
options KBD_INSTALL_CDEV # Install a CDEV entry in /dev
###############################################################################
# GRAPHIC DEVICES AND OPTIONS
device vga # VGA video card driver
device agp # support several AGP chipsets
device splash # Splash screen and screen saver support
###############################################################################
# SYSTEM CONSOLE DEVICES AND OPTIONS
device sc # syscons console driver
###############################################################################
# MISCELLANEOUS DEVICES AND OPTIONS
device random # Entropy device
device pty # Pseudo-ttys (telnet etc)
device snp # Snoop device
device firmware # firmware assist module
###############################################################################
# UBS DEVICES AND OPTIONS
device uhci # UHCI controller
device ohci # OHCI controller
device ehci # EHCI controller
device usb # General USB code (mandatory for USB)
device udbp # USB Double Bulk Pipe devices
device uhid # Human Interface Device
device ukbd # USB keyboard
device ums # USB mouse
device ulpt # USB printer
Bootloader Config
console="comconsole"
TTY Config
[...]
console none unknown off secure
#
ttyv0 "/usr/libexec/getty Pc" cons25 off secure
# Virtual terminals
ttyv1 "/usr/libexec/getty Pc" cons25 off secure
ttyv2 "/usr/libexec/getty Pc" cons25 off secure
ttyv3 "/usr/libexec/getty Pc" cons25 off secure
ttyv4 "/usr/libexec/getty Pc" cons25 off secure
ttyv5 "/usr/libexec/getty Pc" cons25 off secure
ttyv6 "/usr/libexec/getty Pc" cons25 off secure
ttyv7 "/usr/libexec/getty Pc" cons25 off secure
ttyv8 "/usr/local/bin/xdm -nodaemon" xterm off secure
# Serial terminals
# The 'dialup' keyword identifies dialin lines to login, fingerd etc.
ttyu0 "/usr/libexec/getty std.9600" vt100 on secure
ttyu1 "/usr/libexec/getty std.9600" dialup off secure
ttyu2 "/usr/libexec/getty std.9600" dialup off secure
ttyu3 "/usr/libexec/getty std.9600" dialup off secure
# Dumb console
dcons "/usr/libexec/getty std.9600" vt100 off secure
# Pseudo terminals
ttyp0 none network
[...]
fstab Config
# Device Mountpoint FStype Options Dump Pass#
/dev/ad0s1b none swap sw 0 0
/dev/ad0s1a / ufs rw 1 1
/dev/ad0s1d /tmp ufs rw 2 2
/dev/ad0s1f /usr ufs rw 2 2
/dev/ad0s1e /var ufs rw 2 2
Disk Slices
[root@gateway /home/bachi]# df
Filesystem 1K-blocks Used Avail Capacity Mounted on
/dev/ad0s1a 253678 27696 205688 12% /
devfs 1 1 0 100% /dev
/dev/ad0s1d 253678 12 233372 0% /tmp
/dev/ad0s1f 2358280 997176 1172442 46% /usr
/dev/ad0s1e 507630 9778 457242 2% /var
[root@gateway /home/bachi]# fdisk
[...]
parameters extracted from in-core disklabel are:
cylinders=7964 heads=16 sectors/track=63 (1008 blks/cyl)
Media sector size is 512
Information from DOS bootblock is:
The data for partition 1 is:
sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD)
start 63, size 8016372 (3914 Meg), flag 80 (active)
beg: cyl 0/ head 1/ sector 1;
end: cyl 498/ head 254/ sector 63
[...]
PF Config
if_inet="vr0" # Internet
if_lan="vr1" # Intranet
torrent_client="10.0.0.251"
net_lan="10.0.0.0/8"
users = "{
10.0.0.251,
10.0.0.11,
10.0.0.249,
10.0.0.250,
10.0.0.17
}"
nat on $if_inet from $net_lan to any -> ($if_inet)
#rdr on $if_inet proto tcp from any to $if_inet port { 6881, 6882, 8713 } -> $torrent_client
#rdr on $if_inet proto tcp from any to $if_inet port { 4000, 4001, 4002, 4080, 4662, 4666, 9335, 53357, 14890 } -> $torrent_client
#rdr on $if_inet proto tcp from any to $if_inet port { 80, 8080, 443 } -> $torrent_client
#rdr on $if_inet proto tcp from any to $if_inet port { 6000 } -> $torrent_client
block all
pass in on $if_inet all
pass in on $if_lan from $users to any
pass out all
DHCPD Config
###
### GATEWAY DHCP Server Configuration
### by Andreas Bachmann
###
authoritative;
ddns-update-style ad-hoc;
default-lease-time 600;
max-lease-time 7200;
subnet 10.0.0.0 netmask 255.0.0.0 {
option subnet-mask 255.0.0.0;
option broadcast-address 10.255.255.255;
option domain-name-servers 195.134.157.20;
option routers 10.0.0.1;
range 10.0.0.10 10.0.0.254;
}