FreeBSD upgrade



  • For various reasons, I'm replacing a FreeBSD box that does the DHCPing and firewalling (in a vLaned environment).

    I've got to grips with what I need to do on the local/networks/firewall bits, but I've just looked at the config of the old box (not done by me).  Oh dear!!!  I've just a massive lot of entries at the top - do I need to do/copy things from this??

    It's long - sorry!!

    <sysctl><tunable>debug.pfftpproxy</tunable>
    <value>default</value>
    <tunable>vfs.read_max</tunable>
    <value>default</value>
    <tunable>net.inet.ip.portrange.first</tunable>
    <value>default</value>
    <tunable>net.inet.tcp.blackhole</tunable>
    <value>default</value>
    <tunable>net.inet.udp.blackhole</tunable>
    <value>default</value>
    <tunable>net.inet.ip.random_id</tunable>
    <value>default</value>
    <tunable>net.inet.tcp.drop_synfin</tunable>
    <value>default</value>
    <tunable>net.inet.ip.redirect</tunable>
    <value>default</value>
    <tunable>net.inet6.ip6.redirect</tunable>
    <value>default</value>
    <tunable>net.inet.tcp.syncookies</tunable>
    <value>default</value>
    <tunable>net.inet.tcp.recvspace</tunable>
    <value>default</value>
    <tunable>net.inet.tcp.sendspace</tunable>
    <value>default</value>
    <tunable>net.inet.ip.fastforwarding</tunable>
    <value>default</value>
    <tunable>net.inet.tcp.delayed_ack</tunable>
    <value>default</value>
    <tunable>net.inet.udp.maxdgram</tunable>
    <value>default</value>
    <tunable>net.link.bridge.pfil_onlyip</tunable>
    <value>default</value>
    <tunable>net.link.bridge.pfil_member</tunable>
    <value>default</value>
    <tunable>net.link.bridge.pfil_bridge</tunable>
    <value>default</value>
    <tunable>net.link.tap.user_open</tunable>
    <value>default</value>
    <tunable>kern.randompid</tunable>
    <value>default</value>
    <tunable>net.inet.ip.intr_queue_maxlen</tunable>
    <value>default</value>
    <tunable>hw.syscons.kbd_reboot</tunable>
    <value>default</value>
    <tunable>net.inet.tcp.inflight.enable</tunable>
    <value>default</value>
    <tunable>net.inet.tcp.log_debug</tunable>
    <value>default</value>
    <tunable>net.inet.icmp.icmplim</tunable>
    <value>default</value>
    <tunable>net.inet.tcp.tso</tunable>
    <value>default</value>
    <tunable>kern.ipc.maxsockbuf</tunable>
    <value>default</value></sysctl>
    <system><optimization>normal</optimization>
    <hostname>pfSense</hostname>
    <domain>localdomain</domain>
    <dnsallowoverride>on</dnsallowoverride>
    <group><name>all</name>

    <scope>system</scope>
    <gid>1998</gid>
    <member>0</member></group>
    <group><name>admins</name>

    <scope>system</scope>
    <gid>1999</gid>
    <member>0</member>
    <priv>page-all</priv></group>
    <user><name>admin</name>

    <scope>system</scope>
    <groupname>admins</groupname>
    <password>$1$dSJImFph$GvZ7.1UbuWu.Yb8etC0re.</password>
    <uid>0</uid>
    <priv>user-shell-access</priv></user>
    <nextuid>2000</nextuid>
    <nextgid>2000</nextgid>
    <timezone>Etc/Greenwich</timezone>
    <time-update-interval>300</time-update-interval>
    <timeservers>0.pfsense.pool.ntp.org</timeservers>
    <webgui><protocol>http</protocol>
    <ssl-certref>4e5e85abaadde</ssl-certref></webgui>
    <disablenatreflection>yes</disablenatreflection>
    <disablesegmentationoffloading><disablelargereceiveoffloading></disablelargereceiveoffloading></disablesegmentationoffloading></system>


Locked