I'm setting up a Soekris net4801-50 (128 Mb RAM) for use as a firewall. For storage it has a 40Gb IDE drive rather than compact flash. For my first attempt I used a generic install of OpenBSD 3.9. The user complained that Internet access seemed slow, however. I'm planning to try again using a custom kernel based on the config file included with Chris Cappuccio's Flashdist installer. (A copy is provided below for reference). Is this a good idea?
If I go this route I expect I should comment out the MFS option in the Flashdist config since I'm not using compact flash, and uncomment FFS_SOFTUPDATES. Would anyone care to suggest other changes I should make this config file for my scenario? Any other advice would be appreciated. I have no previous experience with Soekris products and very little experience with custom kernels. I realize that this list is not for supporting people using custom kernels but I hope it's okay to ask a few general questions like this. Thanks, RPK. # OpenBSD config for networking on the Soekris Engineering # net4801 embedded systems- # [EMAIL PROTECTED] machine i386 # architecture, used by config; REQUIRED #option NTP # hooks supporting the Network Time Protocol option DDB # in-kernel debugger #option DDB_SAFE_CONSOLE # allow break into ddb during boot #makeoptions DEBUG="-g" # compile full symbol table #makeoptions PROF="-pg" # build profiled kernel #option GPROF # kernel profiling, kgmon(8) option DIAGNOSTIC # internal consistency checks option KTRACE # system call tracing, a la ktrace(1) #option KMEMSTATS # collect malloc(9) statistics option CRYPTO # Cryptographic framework option FFS # UFS option MFS # Memory FS #option FFS_SOFTUPDATES # Soft updates option TCP_SACK # Selective Acknowledgements for TCP #option TCP_FACK # Forward Acknowledgements for TCP option TCP_SIGNATURE # TCP MD5 Signatures, for BGP routing sessions option FDESC # /dev/fd option FIFO # FIFOs; RECOMMENDED option KERNFS # /kern #option NULLFS # loopback file system option PROCFS # /proc #option UMAPFS # NULLFS + uid and gid remapping option INET # IP + ICMP + TCP + UDP option ALTQ # ALTQ base #option ALTQ_NOPCC # We don't have Pentium features on 486.... # NOPCC may be necessary if the Geode's TSC is really as buggy as it sounds #option INET6 # IPv6 (needs INET) #option PULLDOWN_TEST # use m_pulldown for IPv6 packet parsing option IPSEC # IPsec #option PPP_BSDCOMP # PPP BSD compression #option PPP_DEFLATE option BOOT_CONFIG # add support for boot -c #option I486_CPU option I586_CPU #option I686_CPU option USER_PCICONF # user-space PCI configuration #option KGDB # Remote debugger support; exclusive of DDB #option "KGDB_DEVNAME=\"pccom\"",KGDBADDR=0x2f8,KGDBRATE=9600 #option DUMMY_NOPS # speed hack; recommended # Work around -current breakage option PTRACE maxusers 32 # estimated number of users config bsd root on wd0a mainbus0 at root cpu0 at mainbus0 bios0 at mainbus0 apm0 at bios0 flags 0x0000 # flags 0x0101 to force protocol version 1.1 pcibios0 at bios0 flags 0x0000 # use 0x30 for a total verbose isa0 at mainbus0 isa0 at pcib? pci* at mainbus0 ohci* at pci? # Open Host Controller usb* at ohci? # # The MediaGX (Geode) uses a PIT clock at standard frequency so there is # no special setting here like there is for the Elan SC520 # option PCCOMCONSOLE option CONSPEED=19200 option PCIVERBOSE uhub* at usb? # USB Hubs uhub* at uhub? # USB Hubs umodem* at uhub? # USB Modems/Serial ucom* at umodem? #ubsa* at uhub? # Belkin serial adapter #ucom* at ubsa? #uftdi* at uhub? # FTDI FT8U100AX serial adapter #ucom* at uftdi? #uplcom* at uhub? # I/O DATA USB-RSAQ2 serial adapter #ucom* at uplcom? #umct* at uhub? # MCT USB-RS232 serial adapter #ucom* at umct? #uaudio* at uhub? # USB Audio #umidi* at uhub? #ulpt* at uhub? # USB Printers #umass* at uhub? # USB Mass Storage devices #scsibus* at umass? #aue* at uhub? # ADMtek AN986 Pegasus Ethernet #cue* at uhub? # CATC USB-EL1201A based Ethernet #kue* at uhub? # Kawasaki KL5KUSB101B based Ethernet #upl* at uhub? # Prolific PL2301/PL2302 host-to-host `network' #url* at uhub? # Realtek RTL8150L based adapters #urio* at uhub? # Diamond Multimedia Rio 500 #uyap* at uhub? # [EMAIL PROTECTED] firmware loader #udsbr* at uhub? # D-Link DSB-R100 radio #radio* at udsbr ugen* at uhub? # USB Generic driver pchb* at pci? # PCI-Host bridges geodesc* at pci? # NSC Geode System Controller nsclpcsio* at isa? port 0x2e # NS PC87366 LPC Super I/O nsclpcsio* at isa? port 0x4e gpio* at nsclpcsio? gscsio* at isa? port 0x2e # NS Geode SC1100 Super I/O gscsio* at isa? port 0x15c iic* at gscsio? # ACCESS.bus 1 & 2 maxds* at iic? # Maxim DS1631/1624/1721 lmtemp* at iic? # NS LM75/LM77 temperature sensor ppb* at pci? # PCI-PCI bridges pci* at ppb? pci* at pchb? pcib* at pci? # PCI-ISA bridge gscpcib* at pci? # NS Geode SC1100 PCI-ISA bridge gpio* at gscpcib? npx0 at isa? port 0xf0 irq 13 # math coprocessor isadma0 at isa? #pcppi0 at isa? #sysbeep0 at pcppi? pccom0 at isa? port 0x3f8 irq 4 # standard PC serial ports pccom1 at isa? port 0x2f8 irq 3 # IDE controllers pciide* at pci? flags 0x0000 wdc0 at isa? port 0x1f0 irq 14 flags 0x00 wd* at wdc? flags 0x0000 wd* at pciide? flags 0x0000 sis* at pci? # SiS 900/7016 ethernet #lmc* at pci? # Lan Media / SBE card #san* at pci? # Sangoma PCI AFT card #musycc* at pci? # Conexant HDLC controller #art* at musycc? nsphyter* at mii? # NS and compatible PHYs # crypto support hifn* at pci? # Hi/fn 7xxx crypto card # Wireless network cards wi* at pci? # Intersil Prism MiniPCI wireless card ath* at pci? # Atheros MiniPCI wireless card #pseudo-device pctr 1 pseudo-device crypto 1 pseudo-device ksyms 1 pseudo-device systrace 1 pseudo-device pf # packet filter pseudo-device pflog # pf log if pseudo-device pfsync # pf sync if # clonable devices pseudo-device loop # network loopback pseudo-device bpfilter # packet filter pseudo-device trunk # Trunking support pseudo-device carp # CARP protocol support pseudo-device sl # CSLIP pseudo-device ppp # Async PPP pseudo-device tun # network tunneling over tty pseudo-device enc # IPSEC encapsulating interface pseudo-device bridge # network bridging support pseudo-device vlan # IEEE 802.1Q VLAN pseudo-device gre # GRE encapsulation interface pseudo-device gif # IPv[46] over IPv[46] tunnel (RFC1933) #pseudo-device strip 1 # Starmode Radio IP interface pseudo-device pty 32 # pseudo-terminals # for IPv6 #pseudo-device faith 1 # IPv[46] tcp relay translation i/f pseudo-device pppoe 1 # PPP over Ethernet (RFC 2516) pseudo-device sppp 1 # Cisco HDLC / PPP
