Recompiling your FreeBSD kernel

Let's custom configure your kernel and then recompile it. Here goes:

cd /usr/src/sys/i386/conf

cp GENERIC MYKERNEL (or whatever you want to name it to)

vi MYKERNEL

Add the following config options:

options IPFIREWALL
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=100
options IPDIVERT
options TCP_DROP_SYNFIN

Save and exit.

cd /usr/src

make buildkernel KERNCONF=MYKERNEL

make installkernel KERNCONF=MYKERNEL

Your new kernel is now set up. However, DO NOT REBOOT YOUR SERVER YET. By default, your firewall will be set to DENY all traffic, so if you reboot your server now, you will be locked out! We'll need to make some vital changes to the firewall configuration before it's safe to reboot.

Now let's set up the rest of the firewall.

 

 
The Rocks Project