FreeBSD upgrade
-
For various reasons, I'm replacing a FreeBSD box that does the DHCPing and firewalling (in a vLaned environment).
I've got to grips with what I need to do on the local/networks/firewall bits, but I've just looked at the config of the old box (not done by me). Oh dear!!! I've just a massive lot of entries at the top - do I need to do/copy things from this??
It's long - sorry!!
<sysctl><tunable>debug.pfftpproxy</tunable>
<value>default</value>
<tunable>vfs.read_max</tunable>
<value>default</value>
<tunable>net.inet.ip.portrange.first</tunable>
<value>default</value>
<tunable>net.inet.tcp.blackhole</tunable>
<value>default</value>
<tunable>net.inet.udp.blackhole</tunable>
<value>default</value>
<tunable>net.inet.ip.random_id</tunable>
<value>default</value>
<tunable>net.inet.tcp.drop_synfin</tunable>
<value>default</value>
<tunable>net.inet.ip.redirect</tunable>
<value>default</value>
<tunable>net.inet6.ip6.redirect</tunable>
<value>default</value>
<tunable>net.inet.tcp.syncookies</tunable>
<value>default</value>
<tunable>net.inet.tcp.recvspace</tunable>
<value>default</value>
<tunable>net.inet.tcp.sendspace</tunable>
<value>default</value>
<tunable>net.inet.ip.fastforwarding</tunable>
<value>default</value>
<tunable>net.inet.tcp.delayed_ack</tunable>
<value>default</value>
<tunable>net.inet.udp.maxdgram</tunable>
<value>default</value>
<tunable>net.link.bridge.pfil_onlyip</tunable>
<value>default</value>
<tunable>net.link.bridge.pfil_member</tunable>
<value>default</value>
<tunable>net.link.bridge.pfil_bridge</tunable>
<value>default</value>
<tunable>net.link.tap.user_open</tunable>
<value>default</value>
<tunable>kern.randompid</tunable>
<value>default</value>
<tunable>net.inet.ip.intr_queue_maxlen</tunable>
<value>default</value>
<tunable>hw.syscons.kbd_reboot</tunable>
<value>default</value>
<tunable>net.inet.tcp.inflight.enable</tunable>
<value>default</value>
<tunable>net.inet.tcp.log_debug</tunable>
<value>default</value>
<tunable>net.inet.icmp.icmplim</tunable>
<value>default</value>
<tunable>net.inet.tcp.tso</tunable>
<value>default</value>
<tunable>kern.ipc.maxsockbuf</tunable>
<value>default</value></sysctl>
<system><optimization>normal</optimization>
<hostname>pfSense</hostname>
<domain>localdomain</domain>
<dnsallowoverride>on</dnsallowoverride>
<group><name>all</name><scope>system</scope>
<gid>1998</gid>
<member>0</member></group>
<group><name>admins</name><scope>system</scope>
<gid>1999</gid>
<member>0</member>
<priv>page-all</priv></group>
<user><name>admin</name><scope>system</scope>
<groupname>admins</groupname>
<password>$1$dSJImFph$GvZ7.1UbuWu.Yb8etC0re.</password>
<uid>0</uid>
<priv>user-shell-access</priv></user>
<nextuid>2000</nextuid>
<nextgid>2000</nextgid>
<timezone>Etc/Greenwich</timezone>
<time-update-interval>300</time-update-interval>
<timeservers>0.pfsense.pool.ntp.org</timeservers>
<webgui><protocol>http</protocol>
<ssl-certref>4e5e85abaadde</ssl-certref></webgui>
<disablenatreflection>yes</disablenatreflection>
<disablesegmentationoffloading><disablelargereceiveoffloading></disablelargereceiveoffloading></disablesegmentationoffloading></system>