abkonstantinov at earthlink.net
Wed Jul 28 14:10:39 PDT 2004
On Wed, 2004-07-28 at 11:14, bsd hack wrote:
> I am working with the Kernel config file to optimize it and also to improve the overall security of the system!
> I have the following quetions:
> (1) There are a few options that are not available in the default kernel... like the IPFIREWALL options(and the like)... I basically need to know all possible options I can add to the kernel config file!
I think this is related to the thread about "next generation" kernel
config stuff, but for starters you might want to take a look at the
> (2) I guess these options can be used to set the kernel variables accessible through the sysctl command. So can I create my own options so that I can set a few kernel variables as and when I build the custom kernel?
Perhaps what you are looking for is the tuning manual page?
> (3) and also my aim includes optimizing the kernel... so by enabling only the options I need to I should get a get optimization... is there anything else that can be done?
By excluding all the unnecessary code from the kernel you are
performing kernel minimization. What you are really looking for
is the run time system optimizaion (configuration process) for a
particular task that it is going to perform.
> (4) My aim is to improve local and network security. I guess enabling IPFIREWALL helps with the network security part.... are there any special options for local security?
Enabling IPFIREWALL option won't help your security, but configuring
your firewall properly will. Also, there is some useful theoretical
information in the security manual page.
More information about the freebsd-hackers