Beginners Guide - How To Set Up A FreeBSD Desktop From Scratch

tommiie

Well-Known Member

Reaction score: 83
Messages: 297

Class B Private IP address range
The "Class B" (classes don't exist anymore) private IP address range is 172.16.0.0/12, something completely different from the IPv4 link-local IP address range of 169.254.0.0/16. Their usage also differs completely.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 11,637
Messages: 38,017

Private address ranges are defined in RFC-1918:
Code:
 The Internet Assigned Numbers Authority (IANA) has reserved the
   following three blocks of the IP address space for private internets:

     10.0.0.0        -   10.255.255.255  (10/8 prefix)
     172.16.0.0      -   172.31.255.255  (172.16/12 prefix)
     192.168.0.0     -   192.168.255.255 (192.168/16 prefix)

The 169.254.0.0/16 range is defined in RFC-3927.
 
OP
Trihexagonal

Trihexagonal

Son of Beastie

Reaction score: 2,097
Messages: 2,651

Updated to show how to create and link to images from the fluxbox menu for use as icons.
 

userxbw

Well-Known Member

Reaction score: 32
Messages: 424

Trihexagonal
on your setup post
there is no need to run HAL for X or xfce any more. I do not even add that to mine and I have not seen any issue as a result of not having hald_enable="YES" in rc.conf
post 2
 
OP
Trihexagonal

Trihexagonal

Son of Beastie

Reaction score: 2,097
Messages: 2,651

...there is no need to run HAL for X or xfce any more. I do not even add that to mine and I have not seen any issue as a result of not having hald_enable="YES" in rc.conf

Those are recommended settings and the way I've done things for years.

There are other programs that depend on sysutils/hal running. I don't install it if ports-mgmt/portmaster doesn't pull it in. If it does then it's good to go. If you don't need it that's great.
 

aimeec1995

Active Member

Reaction score: 18
Messages: 232

there are a lot more tunables to tweak for heavy desktop use imo the biggest one being kern.sched.preempt_thresh and some network related ones
 
OP
Trihexagonal

Trihexagonal

Son of Beastie

Reaction score: 2,097
Messages: 2,651

the extended pf config does not run for me, claiming it has a syntax error

I took those rules directly from the same ruleset I'm using now. Watch the boot screen and see if you can catch what lines it's on. The only thing I see ATM that could be a syntax error might appear on line #2. (If you didn't change "Network Interface Designation Goes Here" to what it shows in ifconfig.)

I've posted my full ruleset before. It's set to block so probably not a Microsoft level security breach to do so again for your benefit.

Code:
### Macro name for external interface
ext_if = "em0"
netbios_tcp = "{ 22, 23, 25, 80, 110, 111, 123, 512, 513, 514, 515, 6000, 6010 }"
netbios_udp = "{ 123, 512, 513, 514, 515, 5353, 6000, 6010 }"

### Reassemble fragmented packets
scrub in on $ext_if all fragment reassemble

### Default deny everything
block log all

### Pass loopback
set skip on lo0

### Block spooks
antispoof for lo0
antispoof for $ext_if inet
block in from no-route to any
block in from urpf-failed to any
block in quick on $ext_if from any to 255.255.255.255
block in log quick on $ext_if from { 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 255.255.255.255/32 } to any

### Block all IPv6
block in quick inet6 all
block out quick inet6 all

### Block to and from port 0
block quick proto { tcp, udp } from any port = 0 to any
block quick proto { tcp, udp } from any to any port = 0

### Block specific ports
block in quick log on $ext_if proto tcp from any to any port $netbios_tcp
block in quick log on $ext_if proto udp from any to any port $netbios_udp

### Keep and modulate state of outbound tcp, udp and icmp traffic
pass out on $ext_if proto { tcp, udp, icmp } from any to any modulate state

It's up and doing what it's supposed to do:

Code:
root@unmei:/ # pfctl -s rules
scrub in on em0 all fragment reassemble
block drop log all
block drop in on ! lo0 inet from 127.0.0.0/8 to any
block drop in on ! em0 inet from 192.168.1.0/24 to any
block drop in inet from 192.168.1.3 to any
block drop in on ! lo0 inet6 from ::1 to any
block drop in from no-route to any
block drop in from urpf-failed to any
block drop in quick on em0 inet from any to 255.255.255.255
block drop in log quick on em0 inet from 10.0.0.0/8 to any
block drop in log quick on em0 inet from 172.16.0.0/12 to any
block drop in log quick on em0 inet from 192.168.0.0/16 to any
block drop in log quick on em0 inet from 255.255.255.255 to any
block drop in quick inet6 all
block drop out quick inet6 all
block drop quick proto tcp from any port = 0 to any
block drop quick proto tcp from any to any port = 0
block drop quick proto udp from any port = 0 to any
block drop quick proto udp from any to any port = 0
block drop in log quick on em0 proto tcp from any to any port = ssh
block drop in log quick on em0 proto tcp from any to any port = telnet
block drop in log quick on em0 proto tcp from any to any port = smtp
block drop in log quick on em0 proto tcp from any to any port = http
block drop in log quick on em0 proto tcp from any to any port = pop3
block drop in log quick on em0 proto tcp from any to any port = sunrpc
block drop in log quick on em0 proto tcp from any to any port = ntp
block drop in log quick on em0 proto tcp from any to any port = exec
block drop in log quick on em0 proto tcp from any to any port = login
block drop in log quick on em0 proto tcp from any to any port = shell
block drop in log quick on em0 proto tcp from any to any port = printer
block drop in log quick on em0 proto tcp from any to any port = x11
block drop in log quick on em0 proto tcp from any to any port = x11-ssh
block drop in log quick on em0 proto udp from any to any port = ntp
block drop in log quick on em0 proto udp from any to any port = biff
block drop in log quick on em0 proto udp from any to any port = who
block drop in log quick on em0 proto udp from any to any port = syslog
block drop in log quick on em0 proto udp from any to any port = printer
block drop in log quick on em0 proto udp from any to any port = mdns
block drop in log quick on em0 proto udp from any to any port = x11
block drop in log quick on em0 proto udp from any to any port = x11-ssh
pass out on em0 proto tcp all flags S/SA modulate state
pass out on em0 proto udp all keep state
pass out on em0 proto icmp all keep state
root@unmei:/ #
 
OP
Trihexagonal

Trihexagonal

Son of Beastie

Reaction score: 2,097
Messages: 2,651

there are a lot more tunables to tweak for heavy desktop use imo the biggest one being kern.sched.preempt_thresh and some network related ones

I don't use any additional tunables, aimeec1995, but if you do and think it might be helpful to new users please feel free to post them here.

I won't be adding anything to mine but others may find it useful and I don't mind.
 

teo

Aspiring Daemon

Reaction score: 30
Messages: 643

Later, if you would like to add icons to the fluxbox menu, you can create a small 32x32 image or find the one associated with the appropriate program to "Export As" an image in .xpm format from Gimp to where you want to save it. Then you link to the image from the fluxbox menu behind the command to call the program. It should look something like this:
Code:
[exec]   (urxvt) {urxvt} </usr/home/Trihexagonal/Images/iconred.xpm>

Hello Trihexagonal!

For example, to display the xfe icon on the menu, how should I proceed? And I'd also like to know what that's for.

Code:
 (urxvt) {urxvt}
 
OP
Trihexagonal

Trihexagonal

Son of Beastie

Reaction score: 2,097
Messages: 2,651

Hold on... I'm struggling here, lacking Actual Intelligence, my brain previously stored in a jar labeled "Abhorrent Insanity" and my wetware programming previously questioned in another of my AI threads.

For example, to display the xfe icon on the menu, how should I proceed?

Logic dictates to find the path and do it just like the provided instruction to do the other one:

"Later, if you would like to add icons to the fluxbox menu, you can create a small 32x32 image or find the one associated with the appropriate program to "Export As" an image in .xpm format from Gimp to where you want to save it. Then you link to the image from the fluxbox menu behind the command to call the program."

And I'd also like to know what that's for.

Code:
 (urxvt) {urxvt}

(urxvt) is the name of the program. {urxvt} invokes it.
 

userxbw

Well-Known Member

Reaction score: 32
Messages: 424

my 2C on slim. I found using it that I always got a hit the F1 key to get a desktop to load first before login in. I worked out a simple little how to get it to login what desktop I wanted without having to do that anymore.
using bash, I assume sh too should work its rather basic.

if you have not set up sudo, use su passwd to login as root then change your shell to bash.
Code:
#chsh -s /usr/local/bin/bash <user name>

Using vi or nano, or whichever editor you installed. Edit your slim.conf

sudo nano /usr/local/etc/slim.conf
move down to where you see this.
Code:
# NOTE: if your system does not have bash you need
# to adjust the command according to your preferred shell,
# i.e. for freebsd use:
#login_cmd           exec /bin/sh - ~/.xinitrc %session
login_cmd           exec /usr/local/bin/bash -login ~/.xinitrc %session
comment out the fist line login_cmd, uncomment the second login_cmd line, It does not have the local path to bash in the config file, change it to read what is posted. now save, and exit the file. If you are using vi, then use vi commands.

in your home .xinitrc file.
Code:
#!/usr/bin/env bash

if [[ "$1" = 'default' ]] ;
then
       startxfce4
else
       exec $1
fi
chmod +x .xinitrc

that's it.
 

salparadise

New Member

Reaction score: 7
Messages: 2

Thankyou for this guide, it's just what I needed. I played around with GhostBSD for a little while. Followed this guide a couple of times but got bored part way through a long compile and thought "just exactly why shouldn't I mix Ports and pkg's?" - answer, because the computer stops working properly. But it's good to learn, even painfully sometimes.
So I bit the bullet and stuck strictly to Ports. On the third time of doing this (took a while to get the simplicity of BSD, so there was some returning to Linux, only to get annoyed by it again) I knew enough to deviate in terms of what I built.
Fully working Desktop, more or less, just a few things that need sorting.
 

vigole

Daemon

Reaction score: 1,338
Messages: 1,201

happy-yoga

Member

Reaction score: 2
Messages: 52

Will this tutorial work with FreeBSD 12.2? I am new to FreeBSD but want to learn. I want to set up on a Thinkpad x200 and a Thinkpad T480. Will this also apply to setting up on virtual machines?
 

drhowarddrfine

Son of Beastie

Reaction score: 2,206
Messages: 4,202

happy-yoga Probably but it's three years old and doesn't mention ZFS. If it fails then you can always start over. It won't harm anything. Then you can just follow the Handbook instead.
 

happy-yoga

Member

Reaction score: 2
Messages: 52

happy-yoga Probably but it's three years old and doesn't mention ZFS. If it fails then you can always start over. It won't harm anything. Then you can just follow the Handbook instead.
I am confused about how to install using the qcow2 file on a KVM. Is there a special process for this?
I was able to install on KVM using the regular iso file. Is it better to use the qcow2 file? Why/why not? I didn't see any mention of this in the handbook. I tried installing the qcow2 file but it didn't seem to work.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 11,637
Messages: 38,017

I am confused about how to install using the qcow2 file on a KVM. Is there a special process for this?
Those images are pre-build, pre-installed, configurations. You just load them as disk images and boot from them.
Is it better to use the qcow2 file? Why/why not?
It depends on your situation. Some people like them, some create their own images. It all depends on your situation and what you want to do with them.
 

happy-yoga

Member

Reaction score: 2
Messages: 52

happy-yoga Probably but it's three years old and doesn't mention ZFS. If it fails then you can always start over. It won't harm anything. Then you can just follow the Handbook instead.
There are several things described in this Beginners Guide that I don't see in the Handbook. So I am confused on what I should follow. I assume I can combine this Beginners Guide with the Handbook. It seems logical, but I am a beginner and don't know what I really need to get the desktop working.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 11,637
Messages: 38,017

I am a beginner and don't know what I really need to get the desktop working.
Just go for it. Don't expect to get it right on your first attempt. Everybody is going to make mistakes the first couple of times. You're not going to believe the number of times I have reinstalled my systems over the last 20 or so years. That's all part of the learning experience. Try it, find out what works, what not. Learn from the mistakes you've made and try again.
 

drhowarddrfine

Son of Beastie

Reaction score: 2,206
Messages: 4,202

You're not going to believe the number of times I have reinstalled my systems over the last 20 or so years.
You're not going to believe the number of times I have reinstalled my system over a few hours!

happy-yoga I understand the fear and desire to make the perfect system but keep in mind that it's easy to start from the beginning until you get it right. Make sure you write down what you did and liked so you're not reinstalling cause you forgot to do something. Also remember that some many and most things you install or configure on installation can be changed, modified, installed or removed afterwards.
 

vigole

Daemon

Reaction score: 1,338
Messages: 1,201

Same here. It was true for DOS, it's true for FreeBSD. Also keep and organise different version of configuration files in well-ordered folders (backup).
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 11,637
Messages: 38,017

Don't be afraid to experiment. Not on important (work/production) systems though, don't do that. But for your own system at home or a test system at work, don't be afraid to break it in any way you can. You're never going to damage the computer. The worst that could happen is having to reinstall everything from scratch. And the more often you do this the easier it gets.
 

Argentum

Well-Known Member

Reaction score: 195
Messages: 424

Hello girls!

I have several such systems running.

Screenshot from 2020-11-19 20-35-39.png


Always want to have ZFS and custom kernel.
 
Top