45 lines
1.8 KiB
Plaintext
45 lines
1.8 KiB
Plaintext
|
|
||
|
BSD/OS 3.x users.
|
||
|
-----------------
|
||
|
|
||
|
First, you will need to either:
|
||
|
(a) have a source license for the kernel so you can patch some files or
|
||
|
(b) obtain the relevant pre-compiled .o files (I can't supply these yet).
|
||
|
|
||
|
The files which you will need patched are:
|
||
|
ip_input.c, ip_output.c (maybe in_proto.c and ioconf.c.i386 too - NOT sure).
|
||
|
|
||
|
First, you need to build IP Filter. Do this from the "ip_fil3.2.x"
|
||
|
directory with the command "make bsdos". If this completes successfully,
|
||
|
install the various bits and pieces with "make install-bsd".
|
||
|
|
||
|
Prior to starting, it is a good idea for you to know what your kernel config
|
||
|
file is (it appears that the script guesses incorrectly at present).
|
||
|
|
||
|
Once you have that in mind, run the 'kinstall' script in the BSDOS3
|
||
|
directory. This will attempt to patch a bunch of files. If you've
|
||
|
obtained the relevant .o files, ignore the errors, otherwise please
|
||
|
report them to me and mention which version of BSD/OS you are using
|
||
|
and on what platform (Sparc, i386, etc). It will also go and install
|
||
|
all the IP Filter .c and .h files where they can be find when it comes
|
||
|
time to build the kernel.
|
||
|
|
||
|
The script will then pause and ask you for your kernel configuration
|
||
|
file. After you enter this, it will add "options IPFILTER" to your
|
||
|
kernel configuration file. IF YOU WANT TO DO LOGGING, ADD
|
||
|
"options IPFILTER_LOG" to your kernel configuration file NOW!
|
||
|
|
||
|
Now that you've got your kernel configuration file done, use config
|
||
|
to setup a new kernel build and complete with make.
|
||
|
|
||
|
When the kernel rebuilt is complete, put it into / and reboot with
|
||
|
your new kernel. If IP Filter has been configured into your kernel
|
||
|
correctly, you will see a message like this when your system boots:
|
||
|
|
||
|
IP Filter: initialized. Default = pass all, Logging = enabled
|
||
|
|
||
|
Upon logging in, the IP Filter commands ipfstat, et al, should all
|
||
|
function properly.
|
||
|
|
||
|
Darren
|