Source string Read only

(itstool) path: sect1/programlisting
Context English State
The scripts found in <filename>/etc/rc.d/</filename> are for applications that are part of the <quote>base</quote> system, such as <citerefentry><refentrytitle>cron</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>sshd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, and <citerefentry><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>. The scripts in <filename>/usr/local/etc/rc.d/</filename> are for user-installed applications such as <application>Apache</application> and <application>Squid</application>.
Since FreeBSD is developed as a complete operating system, user-installed applications are not considered to be part of the <quote>base</quote> system. User-installed applications are generally installed using <link xlink:href="@@URL_RELPREFIX@@/doc/en_US.ISO8859-1/books/handbook/ports-using.html">Packages or Ports</link>. In order to keep them separate from the base system, user-installed applications are installed under <filename>/usr/local/</filename>. Therefore, user-installed binaries reside in <filename>/usr/local/bin/</filename>, configuration files are in <filename>/usr/local/etc/</filename>, and so on.
Services are enabled by adding an entry for the service in <filename>/etc/rc.conf</filename> . The system defaults are found in <filename>/etc/defaults/rc.conf</filename> and these default settings are overridden by settings in <filename>/etc/rc.conf</filename>. Refer to <citerefentry><refentrytitle>rc.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry> for more information about the available entries. When installing additional applications, review the application's install message to determine how to enable any associated services.
The following entries in <filename>/etc/rc.conf</filename> enable <citerefentry><refentrytitle>sshd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, enable <application>Apache 2.4</application>, and specify that <application>Apache</application> should be started with <acronym>SSL</acronym>.
# enable SSHD
# enable Apache with SSL
Once a service has been enabled in <filename>/etc/rc.conf</filename>, it can be started without rebooting the system:
<prompt>#</prompt> <userinput>service <replaceable>sshd</replaceable> start</userinput>
<prompt>#</prompt> <userinput>service <replaceable>apache24</replaceable> start</userinput>
If a service has not been enabled, it can be started from the command line using <option>onestart</option>:
<prompt>#</prompt> <userinput>service <replaceable>sshd</replaceable> onestart</userinput>
Network Configuration
Instead of a generic <emphasis>ethX</emphasis> identifier that <trademark class="registered">Linux</trademark> uses to identify a network interface, FreeBSD uses the driver name followed by a number. The following output from <citerefentry><refentrytitle>ifconfig</refentrytitle><manvolnum>8</manvolnum></citerefentry> shows two <trademark class="registered">Intel</trademark> Pro 1000 network interfaces (<filename>em0</filename> and <filename>em1</filename>):
<prompt>%</prompt> <userinput>ifconfig</userinput>
em0: flags=8843&lt;UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST&gt; mtu 1500
inet netmask 0xffffff00 broadcast
ether 00:50:56:a7:70:b2
media: Ethernet autoselect (1000baseTX &lt;full-duplex&gt;)
status: active
em1: flags=8843&lt;UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST&gt; mtu 1500
inet netmask 0xffffff00 broadcast
ether 00:50:56:a7:03:2b
media: Ethernet autoselect (1000baseTX &lt;full-duplex&gt;)
status: active
An <acronym>IP</acronym> address can be assigned to an interface using <citerefentry><refentrytitle>ifconfig</refentrytitle><manvolnum>8</manvolnum></citerefentry>. To remain persistent across reboots, the <acronym>IP</acronym> configuration must be included in <filename>/etc/rc.conf</filename>. The following <filename>/etc/rc.conf</filename> entries specify the hostname, <acronym>IP</acronym> address, and default gateway:
ifconfig_em0="inet netmask"
Use the following entries to instead configure an interface for <acronym>DHCP</acronym>:
FreeBSD does not use <trademark class="registered">Linux</trademark> <application>IPTABLES</application> for its firewall. Instead, FreeBSD offers a choice of three kernel level firewalls:
<link xlink:href="@@URL_RELPREFIX@@/doc/en_US.ISO8859-1/books/handbook/firewalls-pf.html">PF</link>
<link xlink:href="@@URL_RELPREFIX@@/doc/en_US.ISO8859-1/books/handbook/firewalls-ipf.html">IPFILTER</link>
<link xlink:href="@@URL_RELPREFIX@@/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html">IPFW</link>
<application>PF</application> is developed by the OpenBSD project and ported to FreeBSD. <application>PF</application> was created as a replacement for <application>IPFILTER</application> and its syntax is similar to that of <application>IPFILTER</application>. <application>PF</application> can be paired with <citerefentry><refentrytitle>altq</refentrytitle><manvolnum>4</manvolnum></citerefentry> to provide <acronym>QoS</acronym> features.
This sample <application>PF</application> entry allows inbound <application>SSH</application>:
pass in on $ext_if inet proto tcp from any to ($ext_if) port 22
<application>IPFILTER</application> is the firewall application developed by Darren Reed. It is not specific to FreeBSD and has been ported to several operating systems including NetBSD, OpenBSD, SunOS, HP/UX, and Solaris.
The <application>IPFILTER</application> syntax to allow inbound <application>SSH</application> is:
pass in on $ext_if proto tcp from any to any port = 22
<application>IPFW</application> is the firewall developed and maintained by FreeBSD. It can be paired with <citerefentry><refentrytitle>dummynet</refentrytitle><manvolnum>4</manvolnum></citerefentry> to provide traffic shaping capabilities and simulate different types of network connections.
The <application>IPFW</application> syntax to allow inbound <application>SSH</application> would be:
ipfw add allow tcp from any to me 22 in via $ext_if
Updating FreeBSD


No matching activity found.

Browse all component changes

Things to check

Multiple failing checks

The translations in several languages have failing checks



English English
No related strings found in the glossary.

Source information

Source string comment
(itstool) path: sect1/programlisting
no-wrap, read-only
Source string location
String age
a year ago
Source string age
a year ago
Translation file
articles/linux-users.pot, string 60