OpenBSD

From Nerdica Wiki
Revision as of 15:38, 21 March 2010 by Travis (Talk | contribs) (Logs)

Jump to: navigation, search

Packet Filter

Logs

Real-time display of Packet Filter Logs:

sudo tcpdump -n -e -ttt -i pflog0 src host not 174.0.204.1

Tables

Update/replace a table:

sudo pfctl -t retards -T replace -f /etc/tables/myshitlist


Display a table called 'retards':

pfctl -t retards -T show


Show the current state table:

sudo pfctl -s state

sudo pfctl -ss


Configuration Files

Load a Packet Filter configuration file:

pfctl -f /etc/pf.conf


Parse a configuration file but do not load it:

pfctl -nf /etc/pf.conf


Load only the NAT rules from the file:

pfctl -Nf /etc/pf.conf


Load only the filter rules from the file:

pfctl -Rf /etc/pf.conf


Show states

Show the current NAT rules:

pfctl -sn


Show current filter rules:

pfctl -sr


Show filter stats and counters:

pfctl -si


Show everything it can show:

pfctl -sa

Updating OpenBSD Via Source

Grab source from CVS

First Time

For -current:

cd /usr
cvs -qd anoncvs@anoncvs.ca.openbsd.org:/cvs get -P src

For -stable:

cd /usr
cvs -qd anoncvs@anoncvs.ca.openbsd.org:/cvs get -rOPENBSD_4_5 -P src

Updating

For -current:

cd /usr/src
cvs -q up -Pd

For -stable:

cd /usr/src
cvs -q up -rOPENBSD_4_5 -Pd

Rebuilding the Kernel

# cd /usr/src/sys/arch/i386/conf
# /usr/sbin/config GENERIC
# cd /usr/src/sys/arch/i386/compile/GENERIC
# make clean && make depend && make

Rebooting with the new kernel

# cd /usr/src/sys/arch/i386/compile/GENERIC
# make install          (Safely install new kernel)
# reboot

Rebuilding the userland binaries

# rm -rf /usr/obj/*
# cd /usr/src
# make obj
# cd /usr/src/etc && env DESTDIR=/ make distrib-dirs
# cd /usr/src
# make build


Updating Ports Via CVS

First Time

For -current:

# cd /usr
# cvs -qd anoncvs@anoncvs.ca.openbsd.org:/cvs get -P ports

For -stable:

# cd /usr
# cvs -qd anoncvs@anoncvs.ca.openbsd.org:/cvs get -rOPENBSD_4_5 -P ports

Updating

For -current:

# cd /usr/ports
# cvs -q up -Pd

For -stable:

# cd /usr/ports
# cvs -q up -rOPENBSD_4_5 -Pd