Re: building a firewall

[querbach%realtime.bc.ca@localhost (David Querbach)]

> I'd like to build my own firewall from this box, the only question
> is how can I produce the image which is transferred to the flash
> memory. I realize the image must contain the kernel and some
> memory filesystem (or could I use part of flash?) for the needed
> utilities like dhcpd and ipf.

Have a look at the directories src/distrib/*/ramdisk*, which build the
ramdisks used for installation.  Most of these use a system of shell and awk
scripts to rebuild the desired utility programs into a single "crunched"
binary. (do "apropos crunch").  Other facilities of the scripts allow
copying in configuration files, and so forth.

You then configure and build a kernel which contains the md(4) driver.  This
driver contains a large empty space into which the ramdisk is stored by
mdsetimage(8).

You'll may also need to look at src/sys/arch/i386/stand, where the NetBSD
standalone loader is built.  This loader takes over from the BIOS and loads
a kernel (yours will include a ramdisk) into the proper place in RAM, then
executes it.

So you'll end up with two images in the flash ROM -- the standalone loader
and the kernel with ramdisk.

> But how can I create such images? I guess the INSTALL_* floppies
> are similar to what I need, but are there any tutorials or
> step-by-step introductions for doing embedded systems with NetBSD?

Not that I know of.
 
Regards,

David Querbach
Real-Time Systems Inc.