This is basically a checklist of how to setup a new system to do networking stuff beyond the basic. The intent is not to cover everything in detail, merely to point you to each of the tasks that must be performed.

Obviously you must already have your hardware set up. If you're making a gateway/firewall, there will be two Network Interface Cards (NICs); one connected to the external network that you're protecting yourself from, the other connected to the internal "private" network.

Related manual pages: FreeBSD.org, Handbook ch. 6 (Firewalls).

• Edit /etc/resolv.conf
  The first line will be "domain <yourdomain>"
  If you're running named on this box, you'll want your own external IP address here (2nd line) as a nameserver.
  The last line will be "nameserver <upstream nameserver>", this address will be provided by your upstream provider.
• Even if you're just a standalone system connected to a network, you may want to build a custom kernel. If you're building a gateway/firewall, you must build a custom kernel, visit gateway/firewall.
• There are quite a few relevant fields in /etc/rc.conf
  
  • hostname="your-hostname.your-domain"
    You must set this appropriately
  • network_interfaces="xl0 xl1 lo0"
    There is one entry for each NIC, plus "lo0". The actual name here is defined by the make of NIC you have -- use 'dmesg | more' and look for NIC startup msgs.
  • ifconfig_xl1="inet 192.168.0.19 netmask 255.255.255.0"
    You'll have a line like this for each NIC.
    For your internal network, you should use 192.168.x.y (see RFC 1918). This value is never passed through a router, so it ensures your private network stays private. I recommend using x and y as the last two numbers in your public address so that the two NICs are obviously on the same machine.
  • ifconfig_xl0="inet 10.12.123.19 netmask 255.255.255.0"
    This would be your public address (assuming firewall/gateway). This address is assigned by your ISP.
  • defaultrouter="10.12.136.6"
    This is assigned by your ISP.
• If you're on a complex network with multiple subnets, you'll need to configure static routes.
• If you want to run the Network File System (NFS) so that multiple Unix machines can share drives, you'll need to visit Setting up NFS.
• If you want DOS/Windows/NT machines on the network to be able to mount this computers drives as "shares", you'll want to install Samba.

  /etc/rc.conf
  /etc/resolv.conf
  /etc/rc.firewall
  /etc/namedb/named.conf
  /etc/namedb/<domainname.hosts>
  /usr/local/etc/apache/httpd.conf

Now, why would you want to do this? What happens when you've got your machine all set up, including domain names, with fixed IP addresses, and you move your home/business, thus getting stuck with a new IP address? You don't have the luxury of waiting for DNS replication (perhaps many hours, even days), so you can do this...
You want to set up the machine to do everything itself via the new IP, but from the outside, to also deal with the old. Follow the changing IP address directions above, then add a new alias to the loopback interface (not to the public interface itelf) that is the old IP.
So let's say our old addres was 10.12.123.17, and we have been moved to another DSL provider, and they gave us 172.16.4.5.
ifconfig_xl0="inet 172.16.4.5 netmask 255.255.255.0"
ifconfig_lo0_alias0="inet 10.12.123.17 netmask 255.255.255.0"
We can now change our DNS info at our leisure, then after the dust has settled, dump the alias.

• ifconfig
  ifconfig -a
  ifconfig <ip> <mask>
  
• netstat
  Shows routing info
• kill -HUP <pid-of-named>
  restart DNS deamon
• kill -HUP <pid-of-sendmail>
  restart sendmail
• apachectl stop|start|startssl
  restart apache webserver
• sh /etc/rc.firewall <open>
  If stuff isn't working (especially "permission denied" from 'ping'), try opening your firewall. If this fixes it, you know it's a firewall issue -- bring back up the firewall, then fix it's config. Note! Doing this will immediately drop all connections -- don't do this unless you have console access.