Tag Archives: FreeBSD

FreeBSD PPPoE setup for UK ISPs

I recently changed ISP from ‘Be’ to ‘Goscomb’ (in order to get native IPv6 delivered direct to my broadband).  My ADSL modem does not support IPv6, so I decided to use it as a bridge to my FreeBSD router which would handle everything for me.

These instructions should work for any UK ISP – and quite probably other non-UK ISPs too.

First of all, you need to configure your ADSL modem to be in fully bridged mode (this varies so much depending on your modem that I can’t really comment here other than to say… read the manual!)  The ATM configuration will be done on your modem, but do not specify any authentication.  As I was using Be,  my modem was already in bridged unauthenticated configuration (all Be multiple-IP customers will be bridged)

Once you have done this, connect your ADSL modem directly into an interface on the FreeBSD router.  Make a note of its interface name (for me, I will use adsl0)

OK, first we need to configure ppp to do the PPPoE authentication.  Edit /etc/ppp/ppp.conf in your favourite editor and add a section for your ISP (I will use goscomb) like so:

set speed sync
set mru 1492
set mtu 1492
set ctsrts off

enable echo
set echoperiod 15
enable lqr
set lqrperiod 15

set log Phase tun

enable ipv6cp
enable ipcp
disable dns

set device PPPoE:adsl0
set server /tmp/pppoe-adsl0 “” 0177

set authname usernamehere@goscomb.net
set authkey passwordhere

add! default HISADDR
add! default HISADDR6

There’s a few things you may wish to change… First you need to replace all occurrences of adsl0 with your interface name.

If your ISP does not support IPv6, you should change enable ipv6cp to disable ipv6cp and remove add! default HISADDR6

Next we need to config the startup sequences… Edit /etc/rc.conf in your favourite editor and add the following:


# PPPoE configuration


Change the three references to goscomb to be the name of your ppp section.  Also change adsl0 to the name of your PPPoE interface.

If you haven’t already, you need to tell your FreeBSD server to be a router by adding the following into /etc/rc.conf:


Of course, you can just add the first line if you have no IPv6 connectivity.

You should be all set.  Everytime you reboot, your router will auto-connect to the PPPoE (and reconnect if the connection drops).

To confirm after you have connected, you can check out /var/log/ppp.log which should show things being connected.

Booting FreeBSD from GPT (for large disks)

This is how to make freebsd boot from a GPT volume (needed for large RAID arrays etc).  The freebsd installer doesn’t support anything exotic so we have to do this manually.

NOTE: FreeBSD 9.0 installer supports GPT by default now, so these instructions are for 8.x only

First, grab yourself a copy of DVD1 iso or the memory stick image and boot from it.  No other boot image will work – it MUST be the DVD or memory stick image!

Once you’ve booted into the installer and chosen your country and keyboard layouts, go to the Fixit menu and choose either CDROM/DVD or USB depending on the installation media you used.  This will open up a terminal window into a live filesystem booted from the DVD/USB.

Here, I’m going to use an Adaptec RAID disk (/dev/aacd0) which is multi-TB.  I will create a 100GB boot drive, and mount the remaining disk into /data using GPT all the way.

First, we need to remove any existing GPT partition info from the disk – ignore the ‘invalid argument’ message if you get it at this stage:

gpart destroy aacd0

Now we need to initialise the GPT partitions on the disk:

gpart create -s gpt aacd0

We will now make a boot (64KB), swap (4GB) and two UFS (100GB + remaining space) partition on the disk:

gpart add -s 128 -t freebsd-boot aacd0

gpart add -s 4G -t freebsd-swap -l swap aacd0

gpart add -s 100G -t freebsd-ufs -l boot aacd0
gpart add -t freebsd-ufs -l data aacd0

And now we have to install the protected MBR boot code into the drive:

gpart bootcode -b /mnt2/boot/pmbr -p /mnt2/boot/gptboot -i 1 aacd0

Ok, now we’ve made our UFS partitions, we need to format and mount them:

newfs -O2 -U /dev/gpt/boot
newfs -O2 -U /dev/gpt/data
mount /dev/gpt/boot /mnt

Now we’re ready to install FreeBSD onto the new UFS partition.  We’re going to install the base, manual pages, ports, all sources and a generic kernel – this takes some time so be patient…

cd /dist/8.1-RELEASE/
export DESTDIR=/mnt
for dir in base manpages ports ; do (cd $dir ; ./install.sh) ; done
cd src ; ./install.sh all
cd ../kernels ; ./install.sh generic
cd /mnt/boot ; cp -Rlp GENERIC/* /mnt/boot/kernel/

And now we’re ready to configure the installation.  To make things easier, we will chroot into the environment:

chroot /mnt

Set your root password:

passwd root

And configure your timezone:


And setup a dummy aliases file for sendmail to keep it quiet 😉

cd /etc/mail
make aliases

You can do other configuration here, like adding a user etc – but when you’re done we can exit the environment:


We now add our UFS and swap devices to the /etc/fstab file as follows:

echo ‘/dev/gpt/boot / ufs rw 0 0’ > /mnt/etc/fstab
echo ‘/dev/gpt/data /data ufs rw 1 1’ >> /mnt/etc/fstab
echo ‘/dev/gpt/swap none swap sw 0 0’ >> /mnt/etc/fstab

And finally, create the mountpoint for the data partition:

mkdir /mnt/data

Now we can exit the fixit shell, remove the media and reboot the computer.

Once it’s booted, you can login and run sysinstall to configure other options like networking and startup programs (like SSH!)


Installing Samba (for windows file sharing) in FreeBSD

People keep telling me that they have trouble getting Samba to work properly.  I found it difficult to get working properly too, so here’s a guide that should make it a lot easier…

First of all, we need to install it!  Make sure you have updated your Ports tree (see other posts) and then, as root:

cd /usr/ports/net/samba34
make config

This will show the configuration dialog box for options for the port.  Using the space bar and cursor keys, deselect ALL the options, and then enable only these:


Press TAB to go to OK and press enter.  Now you can build and install the port with:

make install distclean

It will go off and install dependencies if it needs to.  If you see any other configuration boxes, just accept the defaults and move on.

This takes a while as it has to install quite a few packages/ports, mostly for the file alteration monitor support – but it’s worth it so be patient.  If you already have X/gnome2 installed, this process will be much quicker.

Once the port is installed, we need to make a few changes to the limits within FreeBSD to make samba a little happier…  edit /etc/sysctl.conf and add the following:


And we also need to add another kernel module.  edit /boot/loader.conf and add the following:


Now, we need to tell samba to start on bootup, edit /etc/rc.conf and add the following:


And finally, we need to make ourselves a config file.  Edit /usr/local/etc/smb.conf and remove its entire contents.  Replace with the following template:

server string = Server Name
interfaces = em0
bind interfaces only = Yes
map to guest = Bad User
passdb backend = tdbsam
log file = /var/log/samba34/log.%m
max log size = 500
name resolve order = wins lmhosts bcast host
load printers = No
os level = 10
preferred master = No
domain master = No
dns proxy = No
wins support = No
ldap ssl = no
hosts allow =,,
hosts deny =
case sensitive = Yes
level2 oplocks = Yes
oplocks = Yes

comment = Temp Folder
path = /tmp
guest only = Yes
guest ok = Yes
read only = No

Replace ‘interfaces’ with your network interface name (mine is em0)

Your windows netbios name, by default, will be the hostname of your FreeBSD server up to the first dot.  E.g. for test.dan.me.uk the netbios name is TEST.

Reboot to startup samba with all the relevant changes.  Browse to the server and you will see “tmp” share which is a user nobody access to /tmp.

Check the samba documentation on how to define other shares, such as per-user homedir shares.

Switching from MD5 to Blowfish/SHA512 password hashes in FreeBSD

By default, FreeBSD uses MD5 hashes for its encrypted passwords for users (SHA512 for FreeBSD 9.1+).  However, blowfish is available in all recent versions of FreeBSD and it’s really easy to change the default…

edit the file /etc/login.conf and change the following line:


To read the following:


Then rebuild the login database with the following command:

cap_mkdb /etc/login.conf

Now all passwords you change or set when adding a user will be encrypted using blowfish.  You can change your current password with passwd and when changed, your password will be blowfish encrypted.

If your system uses MD5, it’s preferrable to change over to Blowfish as it’s more secure… However, if your system supports SHA512 you should prefer this (passwd_format=sha512) – except for very few situations. (SHA512 is supported in FreeBSD 9.1+ only)

DirectAdmin requires the system to use md5 not blowfish or sha512, otherwise you will never be able to login to your DA web console.


Upgrading FreeBSD (using source method)

From time-to-time you will want to upgrade your FreeBSD system.  My preferred method is the source method.

To start, we need to create a file to define our source update.  Part of this requires you to choose a release engineering tag.  This is quite simple to generate.  It is the word RELENG followed by an underscore and the version number.  For example, if your system is running FreeBSD 8.1-RELEASE then your release engineering tag is RELENG_8_1.  If your system is FreeBSD 7.2-RELEASE, your tag is RELENG_7_2.

You can also, if you’re slightly braver, choose the ‘stable’ branch for your version of FreeBSD.  This is the tag with only the major number.  e.g. RELENG_8 for FreeBSD 8 stable.  This is my preferred version so I will use this in my examples.

Edit/create a file called /root/bsdsrc containing:

*default tag=RELENG_8
*default host=cvsup2.us.freebsd.org
*default prefix=/usr
*default release=cvs delete use-rel-suffix compress


You can change the host to be your local mirror.  See my post on updating the ports tree for a list of mirror sites.

Now, to update your source tree (the files in /usr/src), make sure you’re connected to the internet and run the following command:

csup /root/bsdsrc

This will take a while as it updates any files required based on your released engineering tag.  Once completed, your FreeBSD kernel/OS sources are up-to-date.

Now, we need to build a new kernel and recompile the entire OS.  This sounds far worse than it is 😉

To rebuild the OS, type the following:

cd /usr/src
make buildworld

If you have multiple CPUs/cores in your computer, you can speed this process up by using:

make -j5 buildworld

The number after the ‘j’ should be the number of cores plus one for optimal usage.

This will take a while depending on your system specification.  Once it is complete, you can build a new kernel.  If you are running a custom kernel, you would replace the kernel configuration name with your custom one below.  To compile a new kernel, type:

make buildkernel KERNCONF=GENERIC

Again, you can use the “-j5” notation from above to speed things up.

Ok, now you have both the OS and kernel recompiled and ready to install.  At this point, you have not installed any updates, merely compiled them ready to install.

To install, type:

make installkernel KERNCONF=GENERIC
make installworld

This will install the new kernel and install the OS files.  Now, there’s just one step remaining.  The files in /etc/ are never replaced by the install process – but they may have changed between versions.

FreeBSD includes a handy little utility that compares RCS/CVS ids on these files and allows you to see the difference and install them.

To do this, type the following while in the /usr/src folder:

mergemaster -iFU

This will automatically install any files that the user has not modified, or new files.  Follow any instructions on the screen to handle other files.

Be weary about changes to /etc/group and /etc/master.passwd files.  If you’re unsure, pressing enter will make no changes to the file.

Once this process is complete, you just need to restart your computer and it will boot with the latest kernel and OS.

Formatting external disks for use with FreeBSD

A common question I get asked is how to reformat an external hard drive or USB penstick for use with FreeBSD.

NOTE: this will render the disk only usable in FreeBSD systems.  If you plug the disk into a windows computer, it will say it is not formatted.

First… plug the disk in, then check your console for details about the disk.  You can do this by typing:

tail /var/log/messages

You are looking for the disk name.  It will usually be something like da0 but it could be a different number at the end.

You may notice your disk has been automounted (if you’re running gnome for example) – check your current mounted disks with:


If your disk is mounted, you will need to unmount it before you can format it.  You can unmount it using is path (the bit after ” on ” in the output above).  If your disk was mounted on /media/usbdisk you would unmount with:

umount /media/usbdisk

Once the disk is unmounted (or if it wasnt already mounted) we need to wipe the start of the disk to remove any existing partitions.  You will need the disk name from the console earlier.  I will assume it is da0.  Wipe the start of the drive with:

dd if=/dev/zero of=/dev/da0 bs=1m count=128

This command will write zero’d (blank) data to the first 128MB of the disk at da0.

Next we are ready to format the disk for FreeBSD’s use using UFS2 filesystem.  You will need to decide a name/label for the drive.  I will assume it is usbdisk here.  Format with the following command:

newfs -L usbdisk -O2 -U -m 6 /dev/da0

Once the format is complete, any automounter will auto-mount the disk for you.  Check with the mount command to find out.

If the disk is not mounted, you can mount it with the following command:

mount /dev/ufs/usbdisk /mnt

By default, FreeBSD filesystems have ownership by root only.  You will most likely want to change the ownership to your user on the system.  If your username is ‘dan’ you would do this like so:

chown dan /mnt

That should be everything 🙂

Installing Flash Plugin 10 for Firefox in FreeBSD 8

Flash is annoying.  Adobe seem to have forgotten that other operating systems exist outside of windows, mac and linux.  Because of this, we have to use the linux-based flash plugin for FreeBSD.

However, this is (mostly) easy enough to configure if you know how.  Here’s a guide to do it.

First of all, update your ports tree (see other posts on my blog on how to do this)

Next we need to install the linux compatibility base system (if you haven’t already) – to do this, type the following as root:

cd /usr/ports/emulators/linux_base-f10
make install distclean

This will take a while as it installs a few helpers (like rpm), and downloads many linux RPM packages.

Once it is complete, we can install the linux flash plugin by typing:

cd /usr/ports/www/linux-f10-flashplugin10
make install distclean

This will fetch the linux flash plugin.  If it complains about size mismatches or MD5 checksum failures, then you have likely not updated your ports tree like you were told!

Once this is installed, we need to install a plugin wrapper to make it work… To do this, we type:

cd /usr/ports/www/nspluginwrapper
make install distclean

Now we need to make a quick file link.  To do this, type the following:

cd /usr/local/lib/browser_plugins/
ln -fs /usr/local/lib/npapi/linux-f10-flashplugin/libflashplayer.so

Ok, just one final step now (honest!).  For each user that you want to use the plugin, open a terminal as that user and DO NOT “su root”.  Then type:

nspluginwrapper -v -a -i

If all is well, you’ll see some mention of flash.  Next time you open firefox, flash will be enabled and fully working – including sound.

Feel free to complain to Adobe about the existence of other Operating Systems 🙂

Updating the ports tree in FreeBSD 8

After you have installed your system, you will no doubt want to update your ports tree regularly.

To do this, edit/create a file called /root/bsdports which contains the following:

*default tag=.
*default host=cvsup2.us.freebsd.org
*default prefix=/usr
*default release=cvs delete use-rel-suffix compress


You should change the host “cvsup2.us.freebsd.org” to be one of your local mirrors.  You can see a list of mirrors at http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvsup.html#CVSUP-MIRRORS

Now to update your ports tree, type:

csup /root/bsdports

This takes quite a while, and will report any files it is updating as it goes.  Once it completes, your ports tree will be up to date.

Loading soundcard drivers in FreeBSD

By default, FreeBSD does not load any sound card drivers for you.

However, almost all soundcards are supported.  First you need to identify your soundcard.  You can do this with:

pciconf -lv | more

This shows a list of PCI devices in your system.  You are looking for a device which has a “class” of “multimedia”.

Mine, for example, shows the following:

none0@pci0:0:27:0:      card=0x022e1028 chip=0x284b8086 rev=0x02 hdr=0x00
vendor     = ‘Intel Corporation’
device     = ‘Intel audio controller embedded with the 82801H chipset ( ICH8 chipset ) (82801H)’
class      = multimedia
subclass   = HDA

If “subclass” says “HDA” (most new soundcards do) then the driver you will need later is snd_hda.  If not, most likely you will want the snd_ich driver.  If your system is really old, you may need another driver – check the list of drivers available by typing:

ls -al /boot/kernel/snd_*.ko

and select the one that looks most promising.

To test the driver is correct, we need to manually load it.  Do this with the following command:

kldload snd_hda

(substitute snd_hda with your required driver)

If all is well, your console screen (or type tail /var/log/messages if you’re not using the console – e.g. if you’re using SSH) will show a few messages about “pcm”.  If the driver is incorrect, nothing will be shown.

If you’re happy with your selection, we need to tell FreeBSD to load the driver on boot every time.  Edit the file /boot/loader.conf and add:


If you’re using another driver (e.g. snd_ich) then alter the above line to match the driver name followed by _load=”YES”

Everytime you reboot, your computer will load the driver automatically.

Using ‘ee’ to edit files in FreeBSD

When you install FreeBSD, you have a choice of two editors… vi or ee – vi is, for most people, over complicated and scary… so here’s a brief introduction to using ee.

To edit or create a file, you issue the command

ee /path/to/filename.txt

This will bring you into an interactive editor.  You can use the cursor keys to move around and type wherever the cursor is.

At the top of the window, you will see a list of commands.  These are all prefixed with a “^” symbol – this means the Control key.

To do a search, it says to use ^y – press Ctrl Y and type the text you want to search for.  To repeat the last search, press Ctrl X.

To save and exit a file, press ESC then enter twice.  To exit without saving, press ESC, enter then select no save and press enter.

It takes a little getting used to, but it’s a very simple editor and definitely the easiest choice for you in FreeBSD.