Use at own risk etc! :-) This image is based on: FreeBSD 13-STABLE (stable/13 git branch) - 70a2e9a3d447f4dcabb96a5782d09ef94ffda9fb Ports (main git branch) - b838d9b5daf4897d9952cb41f277a801c858776d Applied PRs to tree: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255243 Kernel config is also available as "GENERIC-NETWORK" Since this is applied "on top" the free filesystem blocks aren't 100% clean therefore image size is larger than official (install size is actually less than official image) Following options are set globally: /etc/make.conf CPUTYPE?=cortex-a53 WITHOUT_DEBUG=YES MK_PROFILE=no OPTIONS_UNSET=DOCS EXAMPLES NLS MANPAGES TEST OPTIONS_SET=LTO /etc/src.conf WITHOUT_DEBUG_FILES=1 WITHOUT_LIB32=1 WITHOUT_KERNEL_SYMBOLS=yes WITHOUT_TESTS=yes WITHOUT_PROFILE=yes WITH_MALLOC_PRODUCTION=yes WITHOUT_LLVM_ASSERTIONS=yes WITH_EXTRA_TCP_STACKS=1 Available packages (and build/run dependencies): bash blocky (DNS "proxy" with blocking list support for ads) curl cyanrip (rip audio cds properly) ddclient (DDNS client) dhcpd (OpenBSD's dhcpd) dnsmasq dvdread (decrypt DVDs and save as image) easy-rsa fping fio (storage benchmarking utility) gerbera (DLNA Media Server) git igmpproxy iperf3 lego (ACME(v2) client) microsocks (SOCKS5 server) miniupnpd mixertui (console audio mixer) musicpd (aka mpd, musicplayer daemon) nano netdata nginx nmap oidentd openvpn pftop (top for pf) py-wsdd rsync samba smartmontools smstools3 stunnel tio (nice(r) serial terminal client than cu) vnstat wireguard ------------------------------------------------------------------------------ Login is unchanged from official images YOU ARE HIGHLY ENCOURAGED TO CHANGE PASSWORDS freebsd / freebsd - root / root https://docs.freebsd.org/en/books/handbook/book.html#idp48139128 General documentation (seriously, it's actually good and usable) https://docs.freebsd.org/en/books/handbook/book.html Run "gpart recover /dev/mmcsd0" (without quotes) once Run tzsetup once to set timezone ------------------------------------------------------------------------------ Installing packages ** These are custom built and to avoid conflicts official repo is disabled *** Extract pkgrepo archive in /tmp pkg install You can use fetch to download pkgrepo directly or sftp/scp Configuration files for ports/packages can be found and should be located under /usr/local/etc https://www.freebsd.org/cgi/man.cgi?hier(7) ------------------------------------------------------------------------------ Firewall/Gateway/Routing is not enabled by default, this image is an attempt at trying to keep it as close as possible to the official image with some useful modifications (mainly /etc/rc.conf , /etc/sysctl.conf), custom kernel and slightly slimming down install size. All interfaces listens to DHCP by default during bootup, attach to local network and use SSH and/or UART/serial to access. Sample config assumes DHCP on igb0 and 192.168.1.1 on igb1 Remember to disable the ifconfig_DEFAULT line to avoid configuration conflicts and enable gateway functionality (all in rc.conf) Sample firewall config (pf): https://forums.freebsd.org/threads/generic-nat-firewall-pf-config-template.60144/#post-345503 Make sure to update variables according to your setup, make sure to change nonroute if your ISP uses private IP range(s) and save it as /etc/pf.conf If you want UPNP functionality you need to enable those lines, Install and setup miniupnpd, enable it in /etc/rc.conf This also goes for active FTP connections, enable it in /etc/pf.conf and in /etc/rc.conf , no additional steps are needed. Don't forget to enable gateway_enable="YES" in /etc/rc.conf For PPPoE setup please refer to FreeBSD's handbook Sample config for dhcpd can be found in the same directory as this file Errata: dhcpd should listen on igb1 not igb0 ==== Documentation ===== Useful cheatsheets http://cb.vu/unixtoolbox.xhtml#loadstats http://cb.vu/unixtoolbox.xhtml#network Documentation regarding pf man pfctl man pf.conf http://home.nuug.no/~peter/pf/en/long-firewall.html https://calomel.org/pf_config.html -------------------------------------------------------------------------------------- Generic support (be patient, people live in different parts of the world and may be busy with RL / other things) EFNet: #freebsdhelp Freenode: #freebsd https://lists.freebsd.org/mailman/listinfo powerd lives in base not ports (cosmetic issue)