[ previous ] [ next ] [ threads ]
 From:  Jim Gifford <baadpuppy at gmail dot com>
 To:  m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  Re: are the m0n0wall kernel patches "safe" in non-m0n0wall use?
 Date:  Sun, 5 Sep 2004 21:49:06 -0400
I decided to err on the side of caution, and did not apply any of the
patches for my main system kernel.

I followed the image hacking and kernel customizing guide for m0n0wall
(a nicely written PDF file), and got a new kernel image, and even
figured out how to make a new iso image with the new kernel.  My
kernel boots and recognizes my netgear ga620 card (I added the line
"device ti" to the config).

However, I had some problems applying all the patches.  The patches in
kernel-patches.tgz were these:

clock.c.patch         ip_input.c.patch    ng_pptpgre.c.patch
if_ethersubr.c.patch  ip_nat.c.patch.old  ng_pptpgre.c.patch2
if_xl.c.patch        ip_output.c.patch   subr_diskslice.c.patch

Of these, if_xl.c.patch wouldn't apply, I didn't try to apply
ip_nat.c.patch.old, ng_pptgre.c.patch wouldn't apply cleanly,
ng_pptpgre.c.patch2 also had a problem applying.  When I finally got
the two ng_pptpgre.c patches to apply (with some effort), the kernel
wouldn't compile (errors compiling ng_pptpgre.c).  My custom kernel
doesn't contain those patches.

Altogether, this wasn't as difficult a task as I had imagined. 
However, since I actually do need pptp support and I'm not sure what
those patches do or how important they are, I'm not planning to
actually use that image I've made.  It would be nice if there were a
simple readme file in with the patches describing basically why they
were added and if they're still needed.

I'm giving up on having a gigabit fiber connection into my firewall
any time soon.  :(


On Sun, 5 Sep 2004 14:02:47 -0400, Jim Gifford <baadpuppy at gmail dot com> wrote:
> I find myself in the unfortunate position of having a network card
> that m0n0wall doesn't support out of the box, so I need to build a new
> kernel that has the ti(4) driver.  The card is a netgear GA620 fiber
> gigabit card.
> My only freebsd dev box happens to also be my primary DNS server and
> web server for my domains, and is also one of the US mirrors for the
> m0n0wall downloads.  Obviously, I don't want to break it.
> Since m0n0wall is based on 4.10, I realize I need to update the box
> from 4.9.  Since I'm going through the process to update (including a
> buildworld) I thought it would be easier if the kernel I end up with
> on that machine was identical to the one I need for my m0n0wall.  So,
> I'm going through trying to make sure I build a m0n0wall friendly
> kernel that won't break my production system.
> Are the patches available from
> http://m0n0.ch/wall/downloads/kernel-patches.tgz safe for a
> non-m0n0wall system?
> Thanks in advance,
> Jim
> PS, if ti(4) support could be included in future releases (I'm working
> on the .iso and generic pc images myself), I would be appreciative, as
> I don't really want to have to hack on m0n0wall for every new release
> just to get my network card working...