INDEX Symbols Advanced Configuration and Power Interface (ACPI), 341 * (asterisk), as wildcard, 285 advanced persistent threat (APT), 171 @ symbol, to send messages to [email protected], 9 another host, 288 afterboot(8) man page, 57 \ (backslash), for line continuation, aggressive optimization for PF, 420 78, 113 aliases, 113–117 $ (dollar sign), in pathnames, 96 naming conventions, 117 ! (exclamation point) nesting, 116 to escape to command prompt, 43 -alldirs option, for mount point in as negation symbol, 117–118 partition, 156 in filter rule, 406 ALTQ bandwidth management > symbol, for disklabel(8) command system, 439 prompt, 50 /altroot partition, 73 # (hash mark), for comments, 33 backup to, 148 % (percent sign), for groups in user amd64 platform, 16 aliases, 114 boot floppies, FFS support by, / (root) partition. See root (/) partition 133–134 ~ (tilde), in pathnames, 96 floppy image for, 39 _ (underscore), for unprivileged user Intel Preboot Execution Environment names, 103–104 on, 451 kernel configuration directory, 361 A anchors in PF, 434, 439 adding rules, 434–435 a command, 52 conditional filtering, 436 abandoned IP addresses, 310 nested, 436–437 abbreviations, for disk sizes, 52 viewing and flushing, 436 ABIs (application binary interfaces), 2 [email protected], 8 abort (fdisk), 131 anonymous CVS, 386 account information access, antispoofing rule, 416 controlling, 266 Apache web server, 227 ACPI (Advanced Configuration and APIs (application programming Power Interface), 341 interfaces), 2 acpi0 device, 341 application binary interfaces (ABIs), 2 activ method for BSD authentication, 99 application menu, creating in X Windows active FTP, 437 System, 334 active partition, marking, 131 application programming interfaces address families, in packet filtering, 405 (APIs), 2 Address Resolution Protocol (ARP), 185 applications. See also software IPv4 addresses and, 214 PF and, 400–401 address space layout randomization, 174 preventing coverage by window, 336 adduser(8), 87–89 applications layer (OSI), 186–187 -batch flag, 89 apropos(1), 5–6 configuring default settings, 87–88 APT (advanced persistent threat), 171 options, 91–92 archives, of mailing lists, 10 administrator accounts, creating, 91–92 ARP (Address Resolution Protocol), 185 BerliOS, mirrors for, 247 IPv4 addresses and, 214 BGP (Border Gateway Protocol), 203 arp(8), 214 BGP daemon, 257 asking questions, OpenBSD experts bgpd(8), 205, 257 reaction to, 11 bidirectional NAT, 429–432 asterisk (*), as wildcard, 285 and packet filter rule order, 430–431 asynchronous mounts, in FFS, 136 redirection, 431–432 AT&T, xxxi, xxxii and security, 430 atexit(), 174 Big Giant Lock method, 18 audio, 268 bigptrmove, 337 audio device, 351 binary objects (blobs), 17–18 auth facility, 283 binary object device drivers, 17 auth-defaults class, 100, 101 binat-to keyword, 429 authenticating packet filter BIND (Berkeley Internet Name Domain configuration, 256 server), 211 authentication methods for user bind command, for mapping keys, 336 accounts, 99–100 binding, key sequence to cwm auth-ftp-defaults class, 100 command, 332 authorized users, repository of, 157 bioctl(8), 160 authpf(8), 101 -d flag, 165 anchors for, 434 BIOS (Basic Input/Output System) authpriv facility, 283 in boot process, 70 automation clock, 45 packet filtering tables and, 425–426 configuration, 38 of ports, 236 bios0 device, 341 automounter daemon, 256 blanking screen, 324–325 autonegotiation, in Ethernet network, 215 blobs (binary objects), 17–18 availability, xxx block devices, 126–127 block statement, 404 blocks in FFS, 134 B number of used, 143 back channel in FTP, 437 $BLOCKSIZE environment variable, 143–144 background color of desktop, 335 bogons, 422–423 backslash (\), for line continuation, bonding, 221 78, 113 The Book of PF (Hansteen), 256, 395, 448 backup Boolean sysctls, 346 to /altroot partition, 148 boot command, 70 in daily maintenance, 280–281 boot loader, 69, 70 of default kernel, 349 information on disk devices, 73 of GENERIC kernel, 358 making settings permanent, 74–75 before install, 37 prompt, 70 of userland for diskless station, 456 boot media, 22 bandwidth management in PF, 439–445 creating, 38–40 assigning traffic to queues, 444 boot CDs, 40 child queues, 442 boot floppies, 39–40 for parent queue, 441 boot process, 69–84 queue options, 442–443 from alternate hard disk, 73–74 base operating system, preparing for your in alternate kernel, 72–74 own OpenBSD, 383–384 configuring VLANs, 224 baseXX.tgz file set, 24, 456 delaying, 70 Basic Input/Output System. See BIOS Ethernet network configuration at, (Basic Input/Output System) 219–220 beep of computer, 324 to graphic console, 67 Berkeley Internet Name Domain interrupting, 41, 70 server (BIND), 211 for kernel, 74 466 Index kernel configuration in, 353 CARP (Command Address Redundancy multiuser startup, 79–84 Protocol), 316, 317 options before completing, 70–71 CAT5 cable, 76 serial consoles, 75–79 CBQ (class-based queuing), 440 setting sysctls at, 346–348 borrow option, 443 setting wscons variables, 325 ruleset, 443–444 in single-user mode, 71–72 CD drives, emulating floppies, 40 from softraid(4) devices, 166 cdemuXX.iso image, 40 trunks at, 222 cdio(1), 152 and X Windows System, 330–331 cdrecord (Unix), 40 bootable partition, 131 CDs (compact discs), 153 bootparamd(8) daemon, running, 454 booting from, 38, 40 bootstrap tools, installing, 372 mounting, 152 boot-time securelevel, 178 obtaining official, 20 Border Gateway Protocol (BGP), 203 cdXX.iso image, 40 borders for windows, 336 Changelogs directory, 20 botnets, 170 character devices, 127 Brauer, Henning, xxv–xxvi, 268n, 371n chargen function (inetd), 317 bridge(4) interfaces, 400 check command, 83 broadcast address, 191 chflags(1), 176 broadcast protocol, Ethernet as, 213 child queue, definitions, 442 BSD, xxxi chio(1) medium changer, 257 license, xxxi, xxxii chpass(1), 93, 99, 266 BSD authentication, 99 chroot, 460 /bsd file, 349 chrooting users, 319–322 bsd file set, 23–24 class-based queuing (CBQ), 440 bsd.mp file set, 23–24 borrow option, 443 bsd.rd file set, 23–24 ruleset, 443–444 BUFCACHEPERCENT value in kernel, 351 cleaning filesystems, 138, 374 bugs client for serial console, 76–77 identifying, 3 port, 78–79 in releases, 58 clock in BIOS, 45 BUGS section, in man pages, 7 correcting, 294 build files for ports, 238 clri(8), for dirty filesystem, 138 _build keyword, 265 collision domain, 213 building Command Address Redundancy Protocol custom kernels, 365–366 (CARP), 316, 317 troubleshooting errors in, command alias, 115 365–366 command prompt. See prompt programs, virtual terminal SSH comments, hash mark (#) for, 33 connections for, 325 committers, xxxv your own OpenBSD communities in SNMP, 314 getting source code, 384 compact discs. See CDs (compact discs) preparations for, 383–388 compilers, /usr partition for, 28 reasons for, 382–383 compressed tar files, for code burncd (Unix), 40 snapshots, 384 business card attachments, 13 Computer Science Research Group (CSRG), xxxi compXX.tgz file set, 24 C concatenated disks, 162 C compiler, 24 Concurrent Versions System (CVS), 385 C++ compiler, 24 mirrors, 386 canaries, 174 conditional filtering, anchors for, 436 cap_mkdb(8), 95 confidentiality, xxx Index 467 config(8) preparations for, 358 for kernel changes, 348–353 problems building, 357 backup of default kernel, 349 problems running, 358 changing constants, 352–353 reasons for, 356–357 help and list commands, 350–351 removing devices, 363 for testing custom kernel, 364–365 removing options, 362–363 configuration, testing by rebooting, 57 stripping down, 363 connectionless protocol, 197 testing, 364–365 conservative optimization for PF, 419–420 CVS (Concurrent Versions System), 385 console, 274 mirrors, 386 configuration with wscons, 324–325 CVS directory, 237 const keyword (PF), for table, 422 cwm(1) window manager, 330, 331–337 content farms, bandwidth control configuration file loss, 332 machines for, 440 configuring, 331–332 contributors to OpenBSD, xxxiv modifier keys, 331–332 converting ISO images, 456 creating windows, 332–333 cooked device node, 126 decorating, 335–336 Coordinated Universal Time (UTC), 45 exiting, 333 coordinator for OpenBSD, xxxv locking screen, 333–334 copycenter, xxxii resizing terminal window, 333 copying .cwmrc file, 331 disk images to disk, 40 mapping keys in, 336 files to other servers, 281 cylinders, 31 copyleft, xxxii core programs, 24 coredumpsize variable, 96 D country code, for USB keyboards, 66 d command, 51 cp(1), copying files with, 145 daemon cpio(1), copying files with, 145 checking for running, 83 cputime variable, 96 instructed to reread cron facility, 283 configuration file, 83 cron(8), 109 unprivileged account for each, 103 cross-compiling, 383 daemon facility, 283 crypto method for BSD authentication, 99 DaemonForums, 8 cryptography, OpenBSD support for, 10 daily maintenance, 278–281 csh(1), system-wide defaults for, 257 daily(8), 278 CSRG (Computer Science Research damaged filesystem, recovering, 139 Group), xxxi data connection for FTP, 437 CTRL-ALT-DEL, effect of, 348 data integrity, synchronous current resource limit, specifying, 97 mounts for, 136 -current version of OpenBSD, 368–369 datalink layer (OSI), 185, 187 building, 392–393 datasize variable, 96 source code for, 384 date, setting, 60–61 updating to, 387–388 date(1), 60, 61 cursor, controlling with keyboard, 335 DB9-to-RJ45 converters, 76 custom kernels, 355–366 dd(1), 39–40 building, 365–366 ddb.console sysctl, 348 cautions, 355–358 ddb.panic sysctl, 348 configuration,
File Typepdf
Upload Time-
Content LanguagesEnglish
Upload UserAnonymous/Not logged-in
File Pages28 Page
File Size-