Guide On How To Compile The Kernel On FreeBSD

Guide On How To Compile The Kernel On FreeBSD 2017-08-04T09:38:57+01:00

A Step By Step Guide On How To Compile The Kernel On FreeBSD
This can go so very wrong in so many ways. There is no apparent reason to compile your kernel unless you need some specific options which the generic kernel does not provide. There are other drawbacks as well by compiling a custom kernel. Such as every time you update your system, your custom kernel will be overwritten and you need to recompile your kernel from scratch.

So why are we doing this again? Well I do it because I like to have the FreeBSD firewall functionality compiled into the kernel. This is also the only way to enable the “Queuing” functionality. It is quite possible to run pf without compiling your kernel, and if you don’t need “Queuing” then I would just run pf from rc.conf so that the service would start at boot time.

Right let’s compile a custom kernel
We will compile some core firewall options into the kernel and the kernel will end up being called “OKINAWA” unless you change it.

First we need to change to the directory that holds the generic kernel configuration file. Then we will copy the “stock” generic configuration file to a “work” kernel configuration file and use that one for our modifications.

cd /usr/src/sys/amd64/conf
cp GENERIC OKINAWA
vi OKINAWA

Change the Identity i.e. name from GENERIC to something else. Kernel names are always written in capital letters. 

ident           GENERIC

In this guide we will use OKINAWA. A mentioned this can be anything you like as long as you avoid spaces and use all capital letters. So the line will look like this.

ident           OKINAWA

Add or remove functionality to the kernel. Here we are adding some core firewall functionality. I suggest adding these somewhere in at the top of the configuration file where the other “options” are listed. Right add the following for Queuing support.

options         ALTQ                    # Required For Alternate Queuing
options         ALTQ_CBQ                # Class Bases Queuing (CBQ)
options         ALTQ_RED                # Random Early Detection (RED)
options         ALTQ_RIO                # RED In/Out
options         ALTQ_HFSC               # Hierarchical Packet Scheduler (HFSC)
options         ALTQ_PRIQ               # Priority Queuing (PRIQ)
options         ALTQ_NOPCC              # Required for SMP build

And for the firewall itself we will need to add the following. I suggest putting it somewhere below all the options where the other devices are being listed.

device          pf
device          pflog
device          pfsync

So well time to compile the new kernel, this will take quite some time depending on your system, and or virtual machine configuration.

cd /usr/src
make buildkernel KERNCONF=OKINAWA

If there is any error, then “STOP” right there. Do not continue. Fix the error and run the above command again until no errors are being reported. Once this runs without errors the new kernel has been compiled. All we have to do now is to install it and reboot the system.

cd /usr/src
make installkernel KERNCONF=OKINAWA
reboot now

And we are done here.

X Marks The Spot
Allan is living with his wife and their two children in Copenhagen, Denmark. He is currently working as Linux System Administrator at Autotask.
The best site ever. My dad made me say this or he would change the wifi password.
Victoria, His Daughter
Wow I’m speechless awsome site. Dad I wrote what you asked me to, can I have my allowance now?
Gustav, His Son
Not enough pictures of cute animals, and total lack of pie recipes, what am I doing here.
Lotte, His Wife
It works. What more do you want me to say? I promised you a testimonial and I gave you one.
Michael, His Only Friend
Toggle Sliding Bar Area
Spell checkers don’t – Grammar checkers don’t either.