[FUG-BR] FreeBSD 6-stable travando

Paulo Hypolito paulo.hypolito em gmail.com
Quinta Novembro 23 00:07:28 BRST 2006 

De uma olhada nos seguintes pontos:

Firewall
http://www.schlacter.net/public/FreeBSD-STABLE_and_IPFILTER.html

compilação do kernel
http://www.cybershark.net/tutoriais/kernel_freebsd

Squid
http://www1.uk.squid-cache.org/Doc/FAQ/FAQ-22.html

Problemas com o uso da tecnologia HT (SMP)
não use ... www.freebsd.org

Kernel
Parametros para o kernel


#
#
#

#
# Options by Pablo Costa <pablo em cbsp.com.br>
#

# options               MROUTING                # Multicast routing
# options               IPFIREWALL              # firewall
# options               IPFIREWALL_VERBOSE      #print information about
#                                         # dropped packets
# options               IPFIREWALL_FORWARD      #enable transparent
proxy support
# options               IPFIREWALL_VERBOSE_LIMIT=100    #limit verbosity
# options               IPFIREWALL_DEFAULT_TO_ACCEPT    #allow
everything by default
# options               IPDIVERT                #divert sockets
# options               IPFILTER                #ipfilter support
# options               IPFILTER_LOG            #ipfilter logging
# options               IPFILTER_DEFAULT_BLOCK  #block all packets by default
# options               DUMMYNET
# options               TCP_DROP_SYNFIN


# IPSEC
# options               IPSEC
# options               IPSEC_ESP
# options               IPSEC_DEBUG

#
# Implement by Paulo Hypolito <hypolito em gmail.com>
#

options         MROUTING                        # Multicast routing

options         IPFIREWALL                      # enable ipfirewall
(required for dummynet)
options         IPFIREWALL_VERBOSE              # enable firewall output
options         IPFIREWALL_VERBOSE_LIMIT=100    # limit firewall output
options         IPFIREWALL_FORWARD              # enable transparent
proxy support
options         IPFIREWALL_DEFAULT_TO_ACCEPT    # allow everything by default

options         DUMMYNET                        # enable dummynet operation
options         HZ=1000                         # strongly recommended

options         IPDIVERT                        # divert sockets

options         IPFILTER                        # ipfilter support
options         IPFILTER_LOG                    # ipfilter logging
options         IPFILTER_DEFAULT_BLOCK          # block all packets by default

options         TCP_DROP_SYNFIN

options         IPSEC
options         IPSEC_ESP
options         IPSEC_DEBUG

# Squid performance

#
# http://www1.uk.squid-cache.org/Doc/FAQ/FAQ-22.html
# 22.6 How do I configure message queues?
#


options         SYSVMSG
options         MSGMNB=16384            # Maximum number of bytes per
message queue.
options         MSGMNI=40               # Maximum number of message
queue identifiers (system wide).
options         MSGSEG=2048             # Maximum number of message
segments per queue.
options         MSGSSZ=64               # Size of a message segment.
options         MSGTQL=1024             # Maximum number of messages
(system wide).
# options               MSGMAX                  # Maximum size of a
whole message.

#
# http://www1.uk.squid-cache.org/Doc/FAQ/FAQ-22.html
# 22.7 How do I configure shared memory?
#

options         SYSVSHM
options         SHMSEG=16               # Maximum size of a whole message.
options         SHMMNI=32               # Maximum number of shared
memory segments for the whole system.
options         SHMMAX=2097152          # Largest shared memory
segment size allowed.
options         SHMALL=4096             # Total amount of shared
memory that can be used.


cuidado com suporte SMP



-- 
Um Abraço,

"Paulo Antonio Hypolito Rodrigues" <hypolito em gmail.com>
Visit: http://www.hypolito.com
"To lead a moral life one must do more than is required and less than
is allowed." - Plenides (400 b.C.)

Mais detalhes sobre a lista de discussão freebsd