Author Archives: dan

Installing gnome GUI on FreeBSD 8

Most people seem to think installing a GUI on FreeBSD is a difficult task.¬† Here’s how to do it, including little tweaks to make it work even better ūüėČ

Login to your computer as root (or su to root from a regular user)

Use your favourite editor (check my blog for instructions on using ‘ee’ which is included in FreeBSD) to edit /boot/loader.conf – add the following lines:

linux_load=”YES”

linprocfs_load=”YES”

atapicam_load=”YES”

This will load the linux compatibility layer, and linux procfs compatibility modules (these will most likely be used later when you need to install flash plugins) and also the ATAPI scsi emulation driver.  This is used for cd/dvd recording tools within gnome.

Next make sure that the linux proc folder exists by typing:

mkdir -p /compat/linux/proc

And now we will edit the /etc/fstab file.  Add the following lines if they do not exist already:

proc /proc procfs rw 0 0

linproc /compat/linux/proc linprocfs rw 0 0

Next, we will tell FreeBSD to initialise the linux compatibility layer on boot-up.  Edit /etc/rc.conf and add:

linux_enable=”YES”

Ok, now you’re ready to install gnome.¬† Make sure you’re connected to the internet, and type:

pkg_add -r xorg gnome2

This will install xorg (if needed) and gnome.¬† It will fetch all dependencies it needs, so it may take a while.¬† You will be returned to a prompt when it’s finished.

Now to help things move along smoothly, you need to find out your computer’s hostname and add it to your hosts file…¬† Run the following command to get your hostname:

hostname

Next edit /etc/hosts and add the following line at the bottom (replace ‘hostname’ with the output of the above command):

127.0.0.1 hostname

Now just one thing left to do, and that is to tell FreeBSD to load the gnome components next reboot… Edit /etc/rc.conf and add:

gnome_enable=”YES”

hald_enable=”YES”

gdm_enable=”YES”

dbus_enable=”YES”

reboot, and you will be presented with the gnome login prompt ūüôā

Step-by-Step guide to install FreeBSD 8.1

A few people have asked me recently how to install FreeBSD 8.1.¬† A few managed it by themselves, but using auto defaults which can cause various problems.¬† So I decided to publish this guide.¬† It uses the simplest method for users (not always “the best”, but certainly working) – I have taken screenshots throughout the entire process to assist you in installing.

First of all, download and burn the installation CD (disc1) or DVD (dvd1) image from your nearest FreeBSD mirror.  For our purposes, there is no difference between the two images.

Boot from the CD/DVD, and you will reach the following screen:

Choose your language from the list.¬† As i’m in the UK I will select United Kingdom with the cursor keys, and press Enter.¬† You will see the next screen:

You need to select your keyboard layout here.  I will choose UK ISO for me and press Enter.  This will bring us to the next screen:

Select ‘Standard’ from the menu and press enter to move to the next screen:

This is just an information screen so press enter to move to the next screen:

NOTE: you will only see this screen if you have more than one disk drive in your computer.  If you do not see this screen, skip to the next screenshot.

Select the first disk (either ad0 or ad4 or da0 depending on your computer setup) using the space bar to go to the next screen (if you have a single disk only, you will automatically go to the next screen):

If you are using an existing disk, you will have more than one line shown here.  Use the cursor keys to go down to all the entries and press D to delete them.  Repeat until you only have one line (unused).  Press A for use entire disk followed by Q to go to the next screen.  (If you have multiple disks, you will go back to the previous image Рpress TAB then enter to continue to the next screen if so)

This page allows you to select a boot manager.¬† You don’t need a boot manager for FreeBSD, so choose ‘Standard’ and press enter to continue to the next page:

This is an informational page again, press enter to continue to the next screen:

This is where most people choose Auto defaults Рbut this is almost always not suitable for you.  Instead, press C to create which goes to this screen:

Delete the number with the backspace key.  We need to enter a suitable value for swap space here.  Take your memory size to the nearest 1GB and double the figure. (e.g. if you have 1GB ram, use the figure 2G) Рnote you must only put G not GB.  press enter to go to this screen:

Use the cursor keys to go to “Swap” and press enter.¬† This will take you back to the black screen again.¬† Press C again to go to this screen:

Leave the number that is given in the box for you and press Enter to go to the next screen:

Select “FS” and press enter to go to the next screen:

Enter “/” into this box and press enter to go back to the black screen.¬† On this screen, use the cursor keys to go down to the entry listed as mount “/” and press the S key.¬† You will see the newfs item change to “UFS+S” like this image:

On this screen, you should now just have the “swap” and “/” entries.¬† Press Q to continue to the next step:

Use the cursor keys to go down to “Custom” and press the space bar to continue to the next step:

Using the cursor keys and space bar, select the following items on this page: base, lib32, man, catman, proflibs, ports, kernels. When you press space on “kernels”, you will be shown this screen:

Go down to GENERIC and press space, then back up to Exit and press space.  This will return you to the previous screen.

Select SRC using the space bar, when you do, you will be shown the following screen:

Go down to ALL and press space to select all items, then go to Exit and press space to return to the previous screen like this:

Go back up to Exit at the top of the page and press space to move onto the next step:

Go up to Exit and press space to move onto the next page:

Select CD/DVD here and press enter to move to the next step:

Ok, up to this point you haven’t made any changes to your disks.¬† This is your last chance (as it says) to change your mind.¬† Press enter to start formatting your drives:

After formatting (only takes a minute or two – similar to a quick format), you will see the following page as it installs files:

Once all the files have been copied, it will start to install the ports collection.  This has no progress bar and will take a while so be patient.  The screen looks like so:

Once everything is installed, and ports copied over – it will confirm the installation with the following page:

Press enter to move onto the post-installation questions.  You will enter the next step:

This will allow you configure WIRED networking (if you have wireless networking and do not wish to configure a wired network select NO here!)

If you would like to configure wired networking, select yes and press enter to move to the next step:

Your network card(s) will be shown here.  Network card names depend on your specific card.  If you have multiple network cards, you will see multiple lines here.  Ignore the plip0 device.

Select the network card you wish to configure and press enter to go to the next step:

Select NO here and press enter.  (If you want to use IPv6, enable it after installation).  This will bring you to the next step:

If your network uses DHCP for IP assignments, select YES and continue.  Otherwise select NO for static configuration.  The next page is identical regardless of which you choose Рexcept with DHCP it will part-fill out IP addresses for you as given by DHCP.  The next page looks like this:

Fill out the host name and press tab.  This will auto-populate the domain section unless DHCP already did it for you.  If you chose not to use DHCP (or no DHCP servers were found), you will need to fill out gateway, nameserver, ip address and netmask fields.  Use the tab key to move between fields.  When done, tab until OK is highlighted and press enter to move onto the next screen:

Select NO here and press enter to move to the next step:

Select NO and press enter to move to the next step:

If you require access from outside of your computer (e.g. if it is a server, or if you like to remote access it from other computers etc), select YES here.  Otherwise select NO.  Either choice will move to the next screen:

Select NO here and press enter to continue to the next step:

Select NO here as we can configure this later if you want to use it.  This will continue onto the next stage:

Select NO here to move onto the next step:

Select YES here as we want to configure our console settings to something a little nicer.  This will move onto the next page:

Move down to FONT and press space to move to the next page:

Select the best font for you.  For me, this is IBM 437.  Press enter to return to the previous page.

Select KEYMAP and press space to move to the next page:

Select the best codepage for you.  For me, this is UK ISO.  Press enter to return to the previous page.

Select REPEAT and press space to move to the next page:

Select FAST and press enter to return to the previous page.

Select SCREENMAP and press space to move onto the next page:

Select the best screenmap for you.  For me, this is ISO 8859-1 TO IBM437.  Press enter to return to the previous screen.

Move up to EXIT and press enter to move onto the next page:

Select YES to set our timezone, this will move onto the next screen:

Select NO here to move onto the next screen:

Select your region from the list.  For me, this is EUROPE.  Press enter to go to the next screen:

Select your country/region from the list.  For me, this is UNITED KINGDOM.  Press enter to move to the next screen:

Check the timezone abbreviation is correct and say YES if it is.  For me, this is BST or GMT depending on summer time.  If you select NO you will go back to the previous page to reselect.  Selecting YES moves to the next step:

Select YES to move to the next step:

Don’t bother selecting any details in this page (they will be autodetected) – just go to EXIT and press enter to move to the next screen:

Select NO so that we do not install any packages.  This will move to the next page:

Select YES to add a user to the system.  This will move onto the following page:

Move down to USER and press enter to move onto the next page:

Add your username (all in lowercase) and use TAB to move between fields.¬† Enter a password and confirm in the relevant boxes.¬† In ‘Member groups’ put wheel (in lowercase).¬† Your home directory will automatically be set based on your login id.¬† The default shell is /bin/sh however I prefer /bin/tcsh.¬† TAB to OK and press enter to continue.

This will go back to the add user menu, select EXIT and press enter to move onto the next page:

Select OK to set a new root password for your computer.  The screen will look like this:

Enter your new root password twice to continue to the next page:

Select NO to continue to the next screen (the original installation screen):

Use the right cursor key to select EXIT INSTALL and press enter to continue.

Select YES to confirm you want to reboot.

Remove the CD/DVD from the drive and press ENTER to reboot.

When the computer as rebooted (assuming no problems) you will be presented with a login prompt like this:

Your computer is now installed and ready to use.  See my other posts for information on how to perform other tasks.

I hope this helps anyone hoping to install FreeBSD, and I welcome any questions.

Patch for RTG to add graph titles and friendly legends

A lot of people asked me about my patches for RTG when I ran kewlio as they had titles and meaningful legends…

You can download my diff for rtg 0.7.4 from here

After you extra rtg, go into the rtg-0.7.4 folder and type:

patch -p0 < /path/to/dan-rtg-add-titles.diff

Build and install RTG as normal.

You can now add the following additional items to the rtgplot urls:

title=<url encoded graph title>
t1_name=<url encoded legend for t1>
t2_name=<url encoded legend for t2>
etc…

Yes… I know kewlio’s graphs had a cool background image too – but that’s not in this diff, sorry…¬† maybe later ūüôā

Enjoy!

Dan.

Booting from ZFS RAID0/1/5/6 in FreeBSD 8.x

Ok, this is a long post but a useful one.¬† This is how to make freebsd boot from a ZFS volume (whether it be raid0, raid5 or raid6).¬† The freebsd installer doesn’t support anything exotic so we have to do this manually.

If you’re using FreeBSD 9.0, then follow the guide at https://www.dan.me.uk/blog/2012/01/22/booting-from-zfs-raid0156-in-freebsd-9-0-release/

First, grab yourself a copy of DVD1 iso or the memory stick image and boot from it.  No other boot image will work Рit MUST be the DVD or memory stick image!

Once you’ve booted into the installer and chosen your country and keyboard layouts, go to the Fixit menu and choose either CDROM/DVD or USB depending on the installation media you used.¬† This will open up a terminal window into a live filesystem booted from the DVD/USB.

For my example, i’m going to build a RAID5 array on disks da0 da1 and da2.

First, we need to remove any existing GPT partition info from the disks – ignore the ‘invalid argument’ message if you get it at this stage:

gpart destroy da0
gpart destroy da1
gpart destroy da2

Now we need to initialise the GPT partitions on each disk:

gpart create -s gpt da0
gpart create -s gpt da1
gpart create -s gpt da2

We will now make a boot (64KB) and ZFS (remaining space) partition on each disk in turn:

gpart add -s 128 -t freebsd-boot da0
gpart add -s 128 -t freebsd-boot da1
gpart add -s 128 -t freebsd-boot da2

gpart add -t freebsd-zfs -l disk0 da0
gpart add -t freebsd-zfs -l disk1 da1
gpart add -t freebsd-zfs -l disk2 da2

And now we have to install the protected MBR boot code into all the drives:

gpart bootcode -b /mnt2/boot/pmbr -p /mnt2/boot/gptzfsboot -i 1 da0
gpart bootcode -b /mnt2/boot/pmbr -p /mnt2/boot/gptzfsboot -i 1 da1
gpart bootcode -b /mnt2/boot/pmbr -p /mnt2/boot/gptzfsboot -i 1 da2

Now that we’ve configured the disks, we need to load the ZFS kernel modules from the CD so that we can build ZFS volumes:

kldload /mnt2/boot/kernel/opensolaris.ko
kldload /mnt2/boot/kernel/zfs.ko

And create a ZFS pool.  If you want a RAID6 volume, choose raidz2 instead of raidz1 here.  If you want a mirror, use mirror or if you want RAID0 (or single disk) just omit the raidz1 completely:

zpool create zroot raidz1 /dev/gpt/disk0 /dev/gpt/disk1 /dev/gpt/disk2
zpool set bootfs=zroot zroot

Ok, now we’ve made our ZFS pool (and it’s currently mounted at /zroot/) – we need to make all our filesystems on it… this is complicated, but here we go:

zfs set checksum=fletcher4 zroot
zfs create -o compression=on -o exec=on -o setuid=off zroot/tmp
chmod 1777 /zroot/tmp
zfs create zroot/usr
zfs create zroot/usr/home
cd /zroot; ln -s /usr/home home
zfs create -o compression=lzjb -o setuid=off zroot/usr/ports
zfs create -o compression=off -o exec=off -o setuid=off zroot/usr/ports/distfiles
zfs create -o compression=off -o exec=off -o setuid=off zroot/usr/ports/packages
zfs create zroot/var
zfs create -o compression=lzjb -o exec=off -o setuid=off zroot/var/crash
zfs create -o exec=off -o setuid=off zroot/var/db
zfs create -o compression=lzjb -o exec=on -o setuid=off zroot/var/db/pkg
zfs create -o exec=off -o setuid=off zroot/var/empty
zfs create -o compression=lzjb -o exec=off -o setuid=off zroot/var/log
zfs create -o compression=gzip -o exec=off -o setuid=off zroot/var/mail
zfs create -o exec=off -o setuid=off zroot/var/run
zfs create -o compression=lzjb -o exec=on -o setuid=off zroot/var/tmp
chmod 1777 /zroot/var/tmp

Now we’re ready to install FreeBSD onto the new ZFS partitions.¬† We’re going to install the base, manual pages, all sources and a generic kernel – this takes some time so be patient…

cd /dist/8.1-RELEASE/
export DESTDIR=/zroot
for dir in base manpages ; do (cd $dir ; ./install.sh) ; done
cd src ; ./install.sh all
cd ../kernels ; ./install.sh generic
cd /zroot/boot ; cp -Rlp GENERIC/* /zroot/boot/kernel/

Now we need to set /var/empty to readonly:

zfs set readonly=on zroot/var/empty

And now we’re ready to configure the installation.¬† To make things easier, we will chroot into the environment:

chroot /zroot

We need to setup an initial /etc/rc.conf which will mount all ZFS filesystems:

echo ‘zfs_enable=”YES”‘ > /etc/rc.conf

And an initial /boot/loader.conf that will load the ZFS modules and set our root mountpoint:

echo ‘vfs.zfs.prefetch_disable=”1″‘ > /boot/loader.conf
echo ‘vfs.root.mountfrom=”zfs:zroot”‘ >> /boot/loader.conf
echo ‘zfs_load=”YES”‘ >> /boot/loader.conf

Now you can set your root password:

passwd root

And configure your timezone:

tzsetup

And setup a dummy aliases file for sendmail to keep it quiet ūüėČ

cd /etc/mail
make aliases

You can do other configuration here, like adding a user etc – but when you’re done we can exit the environment:

exit

Now, we need to export our ZFS configuration (and reimport it) so we can save out the cache file:

mkdir /boot/zfs
cd /boot/zfs
zpool export zroot && zpool import zroot
cp /boot/zfs/zpool.cache /zroot/boot/zfs/zpool.cache

We now create an empty /etc/fstab file as follows:

touch /zroot/etc/fstab

This is the tricky part, we need to unmount the ZFS partitions and re-assign their mountpoints for the root filesystems:

export LD_LIBRARY_PATH=/mnt2/lib
zfs unmount -a
zfs set mountpoint=legacy zroot
zfs set mountpoint=/tmp zroot/tmp
zfs set mountpoint=/usr zroot/usr
zfs set mountpoint=/var zroot/var

Now we can exit the fixit shell, remove the media and reboot the computer.  Do this as soon as you can.

The computer should reboot into a ZFS-based filesystem, booted from a software RAID array on fully protected disks.

Once it’s booted, you can login and run sysinstall to configure other options like networking and startup programs (like SSH!)

Enjoy!

PPTP VPN in FreeBSD (for Windows XP/Vista/7 clients)

Here’s a simple guide to setting up a VPN server on FreeBSD so that Windows clients can connect using their built-in VPN clients…

First, make sure your ports collection is up-to-date, then build poptop in /usr/ports/net/poptop:

# cd /usr/ports/net/poptop/
# make
# make install

Next we need to create a config file for poptop… create the file /usr/local/etc/pptpd.conf as follows:

nobsdcomp
proxyarp
pidfile /var/run/pptpd.pid
+chapms-v2
mppe-40
mppe-128
mppe-stateless

Next we need to create a PPP configuration file called /etc/ppp/ppp.conf (overwrite the existing file) as follows (edit the IPs to suit your network requirements):

loop:
set timeout 0
set log phase chat connect lcp ipcp command
set device localhost:pptp
set dial
set login
# Server (local) IP address, Range for Clients, and Netmask
set ifaddr 192.168.31.254 192.168.31.120-192.168.31.128 255.255.255.255
set server /tmp/vpn-in-%d “” 0177

loop-in:
set timeout 0
set log phase lcp ipcp command
allow mode direct

pptp:
load loop
disable pap
disable passwdauth
disable ipv6cp
enable proxy
accept dns
enable MSChapV2
enable mppe
disable deflate pred1
deny deflate pred1
set device !/etc/ppp/secure

Every line above except those ending with a colon(:) should be indented or ppp.conf will not work – the CMS in use on this site wont indent – sorry ūüôĀ

Next we need to create a file called /etc/ppp/secure with the following contents:

#!/bin/sh
exec /usr/sbin/ppp -direct loop-in

And set it to be executable with chmod 0755 /etc/ppp/secure – this script will be run automatically during the VPN setup process.

Now we need to add a login for the VPN (you can have multiple username/passwords in this file) called /etc/ppp/ppp.secret like so:

user1 pass1
user2 pass2
user3 pass3

Now we need to enable proxy ARP in Freebsd.  Add the following line into /etc/sysctl.conf:

net.link.ether.inet.proxyall=1

To activate it without a reboot, type sysctl net.link.ether.inet.proxyall=1

And finally set the VPN server to start on bootup automatically by adding the following into /etc/rc.conf:

pptpd_enable=”YES”

Now startup the VPN server by running:

/usr/local/etc/rc.d/pptpd start

Your VPN server is now ready on your FreeBSD server and you’re ready to configure your Windows clients to connect to it.¬† I’ll give you an example of how to do it on Windows 7, i’m sure you can find out how to do it on earlier versions of windows…

  1. Go to Start
  2. Open Control Panel
  3. Under Network and Internet, click View network status and tasks
  4. Click Set up a new connection or network at the bottom of the page
  5. Choose Connect to a workplace and click Next
  6. Select No, create a new connection and click Next
  7. Select Use my Internet connection (VPN)
  8. Enter the IP address of your VPN server in Internet address and give it a description below.
  9. Check Don’t connect now; just set it up so I can connect later and click Next
  10. Enter the username and password from your ppp.secret file, leave Domain blank, click Create
  11. Click Close
  12. Click Change adapter settings on the left of your Network and Sharing Center window
  13. Right-click on your new VPN and go to Properties
  14. Go to the Networking tab, click Internet Protocol Version 4 (TCP/IPv4) and click Properties
  15. Click Advanced
  16. Uncheck Use default gateway on remote network (this enables split tunnelling mode which is probably what you will want to use)
  17. Click Ok then Ok then Ok and close the Network Connections window.

Now your VPN is setup, you can connect by clicking on the network icon in your taskbar, clicking your VPN in the list and clicking on Connect.

Windows Vista is similar to Windows 7 to configure.  Windows XP is a little different Рbut the general setup is identical on all three flavours of Windows.

Split Tunnelling mode is when you join the remote network but not route your entire internet connection via it.  If you want to route your entire connection via the VPN you can skip steps 12-17 above.

RAID5/6 (using ZFS) in FreeBSD 8.x

Ok, FreeBSD still lacks a decent RAID5 implementation within its core system (some people use the geom_raid5 3rd party module that you can find in freenas) – but with ZFS moved into production status in freebsd 8 now we can use this.

ZFS supports various raid levels.¬† We will use RAID5 in this example – I’ll explain how to use RAID6 later in the article.

Ok, for my example I will use 6 x 2TB hard drives freshly installed in my system (listed as ad10 ad12 ad14 ad16 ad18 ad20 in dmesg) to generate a RAID5 raid set, giving 5 x 2TB of usable space and capable of a single disk failure without loss of data.  Remember, you need a minimum of 3 disks to do RAID5, and you get N-1 capacity (N-2 for RAID6)

First, we need to load ZFS into the system… add the following into your /boot/loader.conf:

vfs.zfs.prefetch_disable=”1″
zfs_load=”YES”

This will cause ZFS to load in the kernel during each boot.¬† The prefetch_disable is set by default on servers with less than 4GB of ram, but it’s safe to add it anyway.¬† I’ve found this produces far more stable results in live systems so go with it ūüėČ

Next, add the following into your /etc/rc.conf file:

zfs_enable=”YES”

This will re-mount any ZFS filesystems on every boot, and setup any necessary settings on each boot.

Now, we will add all 6 disks into a raid5 set called ‘datastore’ – run the following as root:

zpool create datastore raidz ad10 ad12 ad14 ad16 ad18 ad20

‘raidz’ is ZFS’s name for RAID5 – to do RAID6 you would use ‘raidz2’ instead.¬† You can confirm the command was successful with zpool status as follows:

pool: datastore
state: ONLINE
scrub: none
config:

NAME        STATE     READ WRITE CKSUM
datastore   ONLINE       0     0     0
raidz1    ONLINE       0     0     0
ad10    ONLINE       0     0     0
ad12    ONLINE       0     0     0
ad14    ONLINE       0     0     0
ad16    ONLINE       0     0     0
ad18    ONLINE       0     0     0
ad20    ONLINE       0     0     0

errors: No known data errors

This shows the raid set is online and healthy.  When there are problems, it will drop to DEGRADED state.  If you have too many disk failures, it will show FAULTED and the entire array is lost (in our example we would need to lose 2 disks to cause this, or 3 in a RAID6 setup)

Now we will set the pool to auto-recover when a disk is replaced, run the following as root:

zpool set autoreplace=on datastore

This will cause the array to auto-readd when you replace a disk in the same physical location (e.g. if ad16 fails and you replace it with a new disk, it will re-add the disk to the pool)

You will now notice that you have a /datastore folder with the entire storage available to it.  you can confirm this with zfs list as follows:

NAME             USED  AVAIL  REFER  MOUNTPOINT
datastore       2.63T  6.26T  29.9K  /datastore

You now have a working RAID5 (or RAID6) software raid setup in FreeBSD.

Generally to setup RAID6 instead of RAID5 you replace the word raidz with raidz2.  RAID5 allows for a single disk failure without data loss, RAID6 allows for a double disk failure without data loss.

After a disk failure, run zpool status to ensure the state is set to ONLINE for all the disks in the array then run the command zpool scrub datastore to make zfs rebuild the array.¬† Rebuilding takes time (it rebuilds based on used data so the more full your array the longer the rebuild time!) – once it’s completed the scrub or “resilver” process, your array will return back to ONLINE status and be fully protected against disk failures once again.

As this process can take (literally) hours to complete some people prefer a RAID6 setup to allow for a 2nd disk failure during those few hours.  This is a decision you should make based on the importance of the data you will store on the array!

WiFi configuration in FreeBSD (including WPA/WPA2)

Ok, once you have your drivers installed for your WiFi in FreeBSD, you’re ready to setup your WiFi.¬† I’m using an NDIS driver (see my post on Project Evil for more info) – so my wireless device is called ndis0.

I’m going to assume that you are using WPA/WPA2 and DHCP (the most common setup for WiFi) in this document.

To configure your wireless interface, add the following lines into /etc/rc.conf:

wlans_ndis0=”wlan0″
ifconfig_wlan0=”WPA DHCP”

Now we need to configure the WPA/WPA2 settings.¬† I will assume we have 2 wireless networks for this – “wifi1” and “wifi2” which have the WPA/WPA2 keys of “one” and “two” respectively.¬† We will prefer to connect to “wifi1” when possible.

To setup WPA/WPA, edit (or create) the file /etc/wpa_supplicant.conf and add the following:

network={
priority=1
ssid=”wifi1″
psk=”one”
}

network={
priority=2
ssid=”wifi2″
psk=”two”
}

Next time you restart your computer, you will have a ‘wlan0’ interface which will attempt to connect to the listed networks (in order of priority).¬† You can confirm it is associated with ifconfig wlan0 – in my case, i get:

wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether xx:xx:xx:xx:xx:xx
inet 172.31.0.100 netmask 0xffffff00 broadcast 172.31.0.255
media: IEEE 802.11 Wireless Ethernet autoselect mode 11g
status: associated
ssid wlan1 channel 7 (2442 Mhz 11g) bssid yy:yy:yy:yy:yy:yy
country US authmode WPA2/802.11i privacy OFF txpower 0 bmiss 7
mcastrate 0.5 mgmtrate 0.5 scanvalid 60 protmode CTS roaming MANUAL
bintval 0

Now, although it says “11g”, it actually achieves 802.11n speeds so you can ignore this.

NDIS WiFi Drivers in FreeBSD (Project Evil)

Sooo… if you have a WiFi card that doesn’t have native FreeBSD drivers, you might be able to use ‘Project Evil’ to wrap around the Windows driver for the card.¬† I had to do this on my new netbook…

First, you should install libiconv if you haven’t already.¬† The easiest way is to do:

pkg_add -r libiconv

Next, you need to obtain the Windows driver for the network card (I find that windows 2000 drivers are generally the most reliable).  You need the .INF and .SYS files from the driver package.  Place these somewhere on your FreeBSD computer (I put mine into /drv/)

Now we need to convert them into an NDIS kernel module…¬† In my case, the files are called net8192se.inf and rtl8192se.sys (RealTek 8191SE 802.11n wireless).¬† To convert them, type (as root):

ndisgen /drv/net8192se.inf /drv/rtl8192se.sys

Press enter until you’re returned to the command prompt, and you will now see a .ko file with the kernel module in.¬† This is named after the .sys file – so in my case, it is called rtl8192se_sys.ko.¬† Copy this file to the /boot/modules/ folder like so:

mv rtl8192se_sys.ko /boot/modules/

and you can activate it by adding the following line to /boot/loader.conf:

rtl8192se_sys_load=”YES”

You can also load the driver without rebooting by typing:

kldload rtl8192se_sys

This will give you some output to the console – e.g. on my netbook:

ndis0: <Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC> port 0x3000-0x30ff mem 0xfa000000-0xfa003fff irq 17 at device 0.0 on pci3
ndis0: [ITHREAD]
ndis0: NDIS API version: 5.1

If you get this far, you should be ready to go.  Check my other posts for how to configure WiFi in FreeBSD.

Encrypted swap space

This will enable you to use a memory-based one-time encryption key for your swap space.

First, you need to enable the geom_eli kernel module… to do this, add the following line to your /boot/loader.conf file:

geom_eli_load=”YES”

Now, to enable the encrypted swap space, edit your /etc/rc.conf file, and add:

geli_swap_flags=”-e AES -l 128 -s 4096 -d”

And finally, add .eli to the device name in your /etc/fstab file for the line marked “swap”.¬† For example:

# Device                Mountpoint      FStype  Options         Dump    Pass#
/dev/da0s1b.eli         none            swap    sw              0       0

Next time you reboot, your swap space will be encrypted with AES 128-bit encryption using a one-time key stored in memory.

Full System Backups using dump/restore in FreeBSD

This is useful to keep identical copies of your data on a 2nd disk.¬† It’s NOT a replacement for using RAID1 mirroring – but it can be useful.¬† e.g. you can access data from the previous backup on a per-file basis.¬† You could also use it to mirror a current disk to a new disk to go into a seperate server (disk cloning).

What it is REALLY useful for is to copy your data from a smaller disk to a larger disk Рbut you should do that offline not live.  The examples here are all done using a live filesystem.  To do a non-live filesystem, boot into single user mode, mount the old drives as readonly with mount -o ro -a, then mount the new drive as normal and run the same commands to dump/restore.

Ok, so i’m going to assume that you want to dump the /usr filesystem into /mnt/usr (a filesystem mounted on a seperate disk)…

cd /mnt/usr

dump -L -0 -f- /usr | restore -r -f-

This will dump ALL files in /usr into /mnt/usr.  Status updates are written to the screen every 5 minutes.

As this can be run on a live filesystem, you can run backups during normal operation (although the disk performance hit should be taken into account)

What is really useful is that you can pipe the restore command via ssh to restore to a remote server anywhere on the internet… an example would be…

dump -L -0 -f- /usr | ssh -2 -C -l remoteuser 10.0.0.1 restore -r -f-

That would restore the files into the home directory of ‘remoteuser’ on the remote server.