1. download kernel source.
ftp://ftp.freebsd.org/pub/FreeBSD/releases/5.1-RELEASE/src/ssys*,install.sh2. install kernel source.
./install.sh ssys3. modify kernel, add these options.
# Packet Filter support
options PFIL_HOOKS
options RANDOM_IP_ID4. rebuild kernel
config IMPETUS && cd ../compile/IMPETUS
make depend && make && make install5. reboot
6. download the ports collection
7. install the ports collection
8. install the PF port
cd /usr/ports/security/pf
make && make install9. install the PF startup script
cd /usr/local/etc/rc.d
mv pf.sh.sample pf.sh10. add the following to /etc/rc.conf
pf_enable="Yes"
pf_logd="Yes"
pf_conf="/etc/pf.conf"11. update /etc/pf.conf with your PF rules, e.g.
block in all
pass in quick on { lo0 }
pass out quick all keep state
No comments:
Post a Comment