Installing FreeBSD 6 on IBM Thinkpad T42

Chatchawan Wongsiriprasert

<cws@miraclenet.co.th>

$Id: article.sgml,v 1.9 2006/08/16 12:46:52 cws Exp $

FreeBSD is a registered trademark of the FreeBSD Foundation.

Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the “™” or the “®” symbol.

Table of Contents
1. Hardware
2. Pre Install
3. Installing FreeBSD 6
4. Install Applications
5. GUI Setting
6. Wireless Network
7. GSM Mobile Phone

1. Hardware

This document is a guidline for install an FreeBSD for my Thinkpad T42 machine with the following hardware. I create this page as a note of my installation procedure.

T42 (2373P42) Hardware

Intel Pentium M 745 (Dothan 1.8MHz, MMX,SSE,SSE2) with SpeedStep©. Support by powerd(8)
RAM 2GB PC2700 166MHz
Intel(R) PRO/1000 Network Connection.Support by em(4).
Intel(R) PRO/Wireless 2200BG Network Connection. Support by iwi(4).
Analog Devices, Inc. SoundMax AD1981B AC97 Codec. Support by snd_ich(4).
ATI MOBILITY RADEON 9600 with 1400x1050 LCD panel. Partially support by Xorg's radeon(4).
IBM ThinkPad Fast Infrared Port. Support as a sio(4).
IBM Integrated Bluetooth III . Support by ng_ubt(4).
Texas Intrument PCI-4520 CardBus Controller . Support by cardbus(4).
ThinkPad UltraNav Pointing Device . Support as standard mouse by psm(4).
DVDR <MATSHITADVD-RAM UJ-812/K104>Support by sysutils/dvd+rw-tools
UPEK TouchChip Fingerprint Coprocessor. Unsupport by FreeBSD
ThinkPad Integrated 56K Modem. Unsupport by FreeBSD
ThinkPad Specific Features. Support by acpi_ibm(4) and deskutils/tpb

2. Pre Install

These are preinstall steps you may check and done before format and install FreeBSD

#CREATE RECOVERY DISCS This is a must do step. Boot to the preinstall Windows XP,then run IBM Create Recovery discs. Start --> All Programs --> Access IBM --> Create Recovery discs. You need 7 discs for this steps and the process can not be interrupted before all discs are written.

DO NOT continue until you finish this step unless you want to go to your IBM service center and beg them to reinstall your hard disk if somethings go wrong.
Download SystemRescueCd and burn the disc. IBM RecordNow! that come with this notebook work fine with .ISO file.
If you want to make a backup copy of your harddisk ,Download The g4u 1.17 ISO CD image and burn the disc.
Follow How to Fresh Install Windows XP Pro without a Recovery CD instruction to create a WinXP install CD. Anyways, I have some amends for the intruction:
1. In step6, also add C:\DRIVERS to the files foloder.
2. In Step8. Use C:\bcd\bcd -b -d wxppro (-b not burn - only create ISO image, and -d print debug messages)
3. Use RecordNow! to burn the iso image. See the debug output for the location of the image. In my case it is C:\Documents and Settings\cws\Local Settings\Temp\bcd.iso

3. Installing FreeBSD 6

First of all, please read my suggestion on Slice Layout and Partition Layout because it is the only thing you can not change after install FreeBSD. Then, you can proceed to install FreeBSD as indicated in FreeBSD Handbook. You can download ISO images for i386 or amd64 from FreeBSD.org or mirror sites. Only the first disk ,6.1-xxx-xxx-disc1.iso, is required.

3.1. Slice Layout

Before start the installation process. You must make up your mind about the slice layout of the hard disk because it is only the thing you can not change after install the system.

This notebook come with a NTFS Windows XP slice and IBM recovery slice preinstall. You need to resize that big NTFS slice and/or remove the IBM recovery slice. The best free tool for the task is ntfsreize from Linux-NTFS Project in SystemRescueCd. To resize the slice, boot the SystemRescueCD. It is the Linux bootable CD. Then follow the instruction from this FAQ. There are 2 choices to resize slices. It depends on whether you want to retain IBM recovery slice or not .

If you want to keep the IBM slice. Your slice lay out may be look like this:

Table 1. Partition Layout with IBM Recovery Partition

	sysid	start	end	size/type	remark
1	7	1	5294	40 GB (NTFS)	resized from original NTFS partition.
2	18	9731	10336	(Compaq Diagnose Partition)	IBM Recorvery Partition.
3	165	5295	9730	(FreeBSD/NetBSD/386BSD)	FreeBSD

The problem of this method is, the slice 3 comes before slice 2 (IBM slice must be the slice 2 to be usable -- someone toldme this is not true but don't have time to verity). This work fine with FreeBSD but many disk management software (include NT disk manager) try to fix this abnormal by swap slice 2 and 3 everytime you modify the partition table.

It is very annoying and very hard to fix problem. Morever,with Recorvery Discs you create previously, this slice don't help you much except speed up the recovery time from about 2 hours to 1 hours.

If you, like me, choose to delete IBM recovery slice your slice layout may be look like this:

Table 2. Slice Layout without IBM Recovery Slice

	sysid	start	end	size/type	remark
1	7	1	5294	40 GB (NTFS)	resized from original NTFS partition.
2	18	5295	1588	(Extended DOS, LBA)	Extended partion for data/shared
3	165	1589	9730	(FreeBSD/NetBSD/386BSD)	FreeBSD

It also the good idea to backup NTFS slice because IBM Recovery CD restore your system by repartition your hard disk to the original 80GB NTFS/IBM Recovery Partition. and wipe out everything else.

I use g4u to backup my NTFS partition . It work fine in backup but I never have a chance to restore from my g4u backup. So I can not tell you about the restore result. If you have a time to test the restore procedure, please mail me the result.

3.2. Partition Layout

I give 24GB of the hard disk to FreeBSD , my FreeBSD partition layout are:

Table 3. Partition Layout for 24GB

Partition	Filesystem	Size	Description
`a`	`/`	256 MB	FreeBSD handbook suggest 100 MB to this partition but for a large disk set it 256 MB may be better.
`b`	`N/A`	2 GB	This according to FreeBSD handbook that suggest 2-3 x RAM. But I have 2GB of RAM , with normal use I don't need a lot of swap
`d`	`/var`	1 GB	Many programs store data on /var.
`e`	`/tmp`	256 MB	Some programs use /tmp to store temporary data
`f`	`/usr`	10 GB	Set it to 10 GB if you want to complie Xogr or mozilla.
`g`	`/home`	Rest of disk	This partition will store all user data or anything that you don't want to touch when reinstall the system.

3.3. Upgrade FreeBSD source and ports

After install FreeBSD 6 and ports tree from CD. You need to upgrade your system to the lastest patch to protect your system against various types of attack.

You need a pre-build program (or package in FreeBSD) to upgrade your system. The package is net/cvsup-without-gui which can be used to upgrade both source and ports tree.

For example,as the time of this writing version of 6 is 6.0 and assume that the platform is i386. The command to download and install cvsup are:

    # fetch ftp://ftp.freebsd.org/pub/FreeBSD/releases/i386/6.1-RELEASE/packages/net/cvsup-without-gui-16.1h_2.tbz
    cvsup-without-gui-16.1h_2.tbz                 100% of  754 kB   37 kBps 00m00s
    # pkg_add cvsup-without-gui-16.1h_2.tbz

Edit cvs-supfile to upgrade lastest update of FreeBSD 6.0. This is my cvs-supfile:

    #For complete list of cvsupd see CVSup Sites on FreeBSD handbook.
    *default host=cvsup12.freebsd.org
    *default base=/usr
    *default prefix=/usr
    *default release=cvs
    *default delete use-rel-suffix
    *default tag=RELENG_6_1
    
    *default compress
    src-all
    ports-all tag=.

Run cvsup ,It will take a while to fetch both src and ports tree.

    # /usr/local/bin/cvsup -L2 cvs-supfile

See Using CVSup section on FreeBSD handbook for more detail about using cvsup.

Hint: If you don't know which cvsup host to use, try the sysutils/fastest_cvsup.

Another tools that can help you to update the ports tree is portsnap(8) but I found that if your rarely update your ports tree (let say once a month), net/cvsup-without-gui is faster than portsnap. If you want to use portsnap remove the line

ports-all tag=.

from your cvs-supfile.

3.4. Rebuild FreeBSD

Edit your /etc/make.conf (copy the default from /usr/src/share/examples/etc/make.conf). At least change the CPUTYPE to match your machine. See gcc 3.4.4 manual for detail of each CPUTYPE. FreeBSD building system may not be able to use all CPUTYPE in gcc manual. If your CPUTYPE cause a build error, try the other one. This is the example of my make.conf:

#Use ?= not = to allow FreeBSD build process to override this value
CPUTYPE?= p4m         
#Port related options
WITHOUT_DEBUG=yes                     #Don't want to debug any ports with this machine
WITH_MOZILLA="firefox"                #Use firefox
WITH_CDDB=YES                       
A4=YES                                #A4 Paper
WITH_GTK2=YES                         #Use GTK2 
WITH_XCHARSET=all                     #MySQL, allow Thai and other languages

Modify your kernel configuration. You should read Configuring the FreeBSD Kernel and /usr/src/sys/i386/conf/NOTES for each options of the kernel. This is my kernel configuration for i386 on my T42:

machine         i386
cpu             I686_CPU

ident           T42

options     CPU_SUSP_HLT

#Adjust memory limit for 2G RAM for i386
options         KVA_PAGES=384               

options         SCHED_4BSD
options         PREEMPTION              # Enable kernel thread preemption
options         INET                    # InterNETworking
options         FFS                     # Berkeley Fast Filesystem
options         SOFTUPDATES             # Enable FFS soft updates support
options         UFS_ACL                 # Support for access control lists
options         UFS_DIRHASH             # Improve performance on big directories
options         MD_ROOT                 # MD is a potential root device
options         CD9660                  # ISO 9660 Filesystem
options         PROCFS                  # Process filesystem (requires PSEUDOFS)
options         PSEUDOFS                # Pseudo-filesystem framework
options         GEOM_GPT                # GUID Partition Tables.
options         COMPAT_43               # Compatible with BSD 4.3 [KEEP THIS!]
#options        COMPAT_IA32             # Compatible with i386 binaries
options         COMPAT_FREEBSD4         # Compatible with FreeBSD4
options         COMPAT_FREEBSD5         # Compatible with FreeBSD5
options         SCSI_DELAY=5000         # Delay (in ms) before probing SCSI
options         KTRACE                  # ktrace(1) support
options         SYSVSHM                 # SYSV-style shared memory
options         SYSVMSG                 # SYSV-style message queues
options         SYSVSEM                 # SYSV-style semaphores
options         _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
options         KBD_INSTALL_CDEV        # install a CDEV entry in /dev

options         ADAPTIVE_GIANT          # Giant mutex is adaptive.

options     PERFMON
options     DEVICE_POLLING

#Firewall & NAT & DummyNet, may be needed in jail setup
options         IPFIREWALL
options         IPDIVERT
options         IPFIREWALL_DEFAULT_TO_ACCEPT
options         IPFIREWALL_VERBOSE
options         IPFIREWALL_VERBOSE_LIMIT=100
options         DUMMYNET
options         IPFIREWALL_FORWARD
options     LIBALIAS

device          apic                    # I/O APIC
device          pci
device      isa

# ATA and ATAPI devices
device          ata
device          atadisk         # ATA disk drives
device          ataraid         # ATA RAID drives
device          atapicd         # ATAPI CDROM drives
device          atapifd         # ATAPI floppy drives
device          atapist         # ATAPI tape drives
options         ATA_STATIC_ID   # Static device numbering

# atkbdc0 controls both the keyboard and the PS/2 mouse
device      atkbdc          # AT keyboard controller
device      atkbd           # AT keyboard
device      psm     
device      vga             # VGA video card driver
device      splash

# syscons is the default console driver, resembling an SCO console
device      sc
options     SC_PIXEL_MODE

#Network device -- can not be a module
device      loop
device      ether   
device      pty

#Another device is loaded as module in /boot/loader.conf

Rebuild your world and kernel as told in the handbok.

# cd / 
# mergemaster -pai 
# cd /usr/src 
# make -j2 buildworld 
# make -j2 buildkernel KERNCONF=XXX 
# make installkernel KERNCONF=XXX 
# cd / 
# mergemaster -ai 
-- clear temproot 
# cd /var/tmp/temproot 
# chflags noschg var/empty 
# find . -type l -delete 
# find . -empty -delete 
-- check the leftover files, replace or delete as you please  
# cd /var/tmp 
# rm -rf temproot
# shutdown now 
# cd /usr/src
# make installworld

Before reboot, Set your System Configuration because some setting will be in effect only after reboot. Set them first save you another reboot. If everything is fine, it is the time to reboot your server with shutdown -r now

3.5. Set System Configuration

There are many system configuration files you may need to modify.

3.5.1. /etc/rc.conf

sshd_enable="YES"
sendmail_enable="NO"

#Prevent syslogd to create any UDP socket
syslogd_flags="-ss"

firewall_enable="YES"
firewall_type="/etc/ipfw.rules"

hostname="t42.net0.intranet"
ifconfig_em0="DHCP polling"

sshd_enable="YES"
usbd_enable="YES"
apm_enable="YES"

#Use always use adptive  -- it saves the energy which will help the world.
powerd_enable="YES"
powerd_flags="-a adaptive -b adaptive"

#Allow my T42 to use both UltraNav and USB mouse simultaneously. 
#The moused will take care of UltraNav while usbd will take care of USB mouse.
moused_enable="YES"
moused_flags="-3"

#Ports part
compat4x_enable="YES"
compat5x_enable="YES"

apache_enable="YES"
mysql_enable="YES"
mysql_dbdir="/home/mysql"
mysql_flags="--bind-address=127.0.0.1"
postgresql_enable="YES"

3.5.2. /etc/sysctl.conf

security.bsd.see_other_uids=0
kern.coredump=0
net.inet.icmp.drop_redirect=1
net.inet.tcp.blackhole=2
net.inet.udp.blackhole=1
net.inet.ip.rtexpire=2
net.inet.ip.rtminexpire=2
kern.ipc.somaxconn=512

3.5.3. /boot/loader.conf

Most of the device drivers are not include in the kernel except those that can not be a module. The drivers are loaded by FreeBSD loader(8). Another information on this file are system parameter that can be set before the kernel start (it can later be read by sysctl(8) but not be able to write to) such as memory limit and shared memory.

This file also contain information about the splash screen. My favorite splash screen is

You can download it here or from the FreeBSD Splash Screens site which also host another images.

autoboot_delay="3"
#Speed up ide data transfer
hw.ata.atapi_dma=1
loader_logo="beastiebw"


#Splash screen section
vesa_load="YES"
splash_bmp_load="YES"
bitmap_load="YES"
bitmap_name="/boot/obi_chuck.bmp"

#Adjust memory limit for 2G RAM
#1 G for data,128M for stack
kern.maxdsiz=1073741824
kern.maxssiz=134217728
kern.dfldsiz=161061273

#For postgresql , 256M shared
kern.ipc.shmmax=268435456
kern.ipc.shmseg=256
kern.ipc.shmmni=256
kern.ipc.semmni=256
kern.ipc.semmns=512
kern.ipc.semmnu=256
kern.ipc.semmap=256

kern.ipc.maxsockets=81920
kern.ipc.maxsockbuf=1048576

#device drivers
if_em_load="YES"
random_load="YES"
snd_ich_load="YES"
ng_ubt_load="YES"
acpi_ibm_load="YES"

scbus_load="YES"
ch_load="YES"
da_load="YES"
sa_load="YES"
cd_load="YES"
pass_load="YES"
ses_load="YES"
atapicam_load="YES"

cbb_load="YES"
pccard_load="YES"
cardbus_load="YES"

sio_load="YES"

ppbus_load="YES"
lpt_load="YES"
#plip_load="YES"
#ppi_load="YES"
#vpo_load="YES"

ehci_load="YES"
uhci_load="YES"
ohci_load="YES"
usb_load="YES"
ugen_load="YES"
uhid_load="YES"
ukbd_load="YES"
ulpt_load="YES"
umass_load="YES"
ums_load="YES"
#uscanner_load="YES"

#smb_load="YES"
#ichsmb_load="YES"
#smbus_load="YES"

3.5.4. /etc/hosts

You should swap the first 2 lines to make sure that you will get IPv4 (127.0.0.1) address for localhost instead of IPv6 (::1) because some program does not support IPv6.

127.0.0.1               localhost localhost.my.domain
::1                     localhost localhost.my.domain
#Test name for this web page
127.0.0.1               freebie.t42.intranet

3.5.5. /etc/ssh/sshd_config

#Use password authentication first. I know this is discouraged by security experts, but I like it. 
PreferredAuthentications password,publickey,keyboard-interactive,hostbased

# Change to yes to enable built-in password authentication.
# SecureCRT need this option 
PasswordAuthentication yes

# If UseDNS is "yes" and your resolver is not work (i.e DNS server is down), 
# you can not log in.
UseDNS no

#Allow only me to login remotely
AllowUsers cws@*

Subsystem   sftp    /usr/libexec/sftp-server

3.5.6. /etc/fstab

My hard disk has 4 disk slices. The first (ad0s1) and third(ad0s6 - on Extended partion) is NTFS , the second partition is FAT32 (ad0s5 on Extender partition). Some files on these partitions have Thai name (WINDOW-874 character set), so the option -DWINDOWS-874 is require to make Thai files name visible on FreeBSD. All paritions are mount with noatime which should reduce the write access to the hard disk.

# Device                Mountpoint      FStype  Options         Dump    Pass#
/dev/ad0s3b             none            swap    sw              0       0
/dev/ad0s3a             /               ufs     rw,noatime      1       1
/dev/ad0s3g             /home           ufs     rw,noatime      2       2
/dev/ad0s3e             /tmp            ufs     rw,noatime      2       2
/dev/ad0s3f             /usr            ufs     rw,noatime      2       2
/dev/ad0s3d             /var            ufs     rw,noatime      2       2
/dev/acd0               /cdrom          cd9660  ro,noauto       0       0
/dev/ad0s1              /external/dos_c ntfs    ro,-CWINDOWS-874        0       0
/dev/ad0s5              /external/dos_d msdos   rw,noatime,-DWINDOWS-874        0       0
/dev/ad0s6              /external/dos_e ntfs    ro,-CWINDOWS-874        0       0

Don't forget to create mount points before reboot.

3.5.7. /etc/ipfw.rules

There is currently no rule in this file only a default rule to allow all traffic.

#more rules later

add 65535 allow ip from any to any

3.5.8. /etc/devfs.conf

New version of FreeBSD use dynamic /dev which will populate when the system boot. If you want to modify entries in /dev you must put that information in this file unless you want it to disappear in the next reboot.

# Commonly used by many ports
link    acd0    cdrom
link    acd0    dvd
link    dsp0.0  dsp

#Allow operator to write to some devices 
perm    cd0     0660
perm    xpt0    0660
perm    pass0   0660
perm    acd0    0660

3.5.9. /etc/group

Add your main user to group wheel and operator. The former allow you to run /usr/bin/su and the later allow you to run /sbin/shutdown and use CD-ROM.

wheel:*:0:root,cws
daemon:*:1:
kmem:*:2:
sys:*:3:
tty:*:4:
operator:*:5:root,cws
...
cws:*:1001:

3.5.10. /etc/motd

It is also a good idea to change /etc/motd to something that look more legal such as

* * * * * * * * * * * * * W A R N I N G * * * * * * * * * * * * * * *
THIS SYSTEM IS RESTRICTED TO AUTHORIZED USERS FOR AUTHORIZED USE ONLY.
UNAUTHORIZED ACCESS IS STRICTLY PROHIBITED AND MAY BE PUNISHABLE UNDER
THE COMPUTER FRAUD AND ABUSE ACT OF 1986 OR OTHER APPLICABLE LAWS.
IF NOT AUTHORIZED TO ACCESS THIS SYSTEM, DISCONNECT NOW. BY CONTINUING,
YOU CONSENT TO YOUR KEYSTROKES AND DATA CONTENT BEING MONITORED. ALL
PERSONS ARE HEREBY NOTIFIED THAT THE USE OF THIS SYSTEM CONSTITUTES
CONSENT TO MONITORING AND AUDITING. THE ADMINISTRATORS ALSO RESERVE THE
RIGHT TO CANCEL OR LOCK YOUR ACCOUNT AT ANY GIVEN TIME. ALL TERMS
DESCRIBED ABOVE ARE SUBJECT TO CHANGE WITHOUT ANY GIVEN NOTICE. IF YOU
DO NOT AGREE TO THESE TERMS LOGOUT NOW!
* * * * * * * * * * * * * W A R N I N G * * * * * * * * * * * * * * *

which I copied from a web site somewhere. Or if you don't want to show any message other than FreeBSD version and build information remove this file. Anyways, If you want to remove motd entirely don't forget to add

update_motd=NO

to the /etc/rc.conf

3.6. Harden up your system

At this point, you may want to make your system harder to hack (I don't say hackproof -- after read some of hacking story -- I thought that it is impossible for me to prevent those hackers). There are a lot of documents out there in the Internet. I will show you some that I think it is good to read.

4. Install Applications

This is a time to install program from ports tree. It is possible that the previous installation process may already install some ports on your system. Use pkg_delete to remove each installed ports. You can install the ports by package or by ports tree. Install from ports tree are more flexible but time comsuming job. All ports in this T42 install by ports tree unless I stat otherwise. Don't try to mix between packages and ports tree unless you really sure that there is no conflict.

4.1. Shell/Desktop Environment

Table 4. Installed Shell/Desktop Environment

Name	Description	Remark
`shell/bash`	GNU Bash, version 3.0	My favorite shell.
`x11/xorg`	an open source implementation of the X Window System.
`x11/gnome2`	an open source implementation of the X Window System.	Add the following line to `/etc/make.conf` #No debug info WITHOUT_DEBUG=yes #Use firefox WITH_MOZILLA="firefox" WITH_CDDB=YES A4=YES #All ports use GTK2 WITH_GTK2=YES
`x11-themes/gnome-icons-crystal`	Crystal SVG Icons for Gnome	My favorite icons theme
`x11-themes/gnome-themes-extras`	More themes for the GNOME 2 desktop environment.	The Lush controls and Window Border are in this packages.

4.2. System Utilities/Security Tools

Table 5. Installed System Utilities/Security Tools

Name	Description	Remark
`security/bcwipe`	BCWipe securely erases data from magnetic and solid-state memory.
`comms/birda`	Bohlin's IrDA utilities, ported from NetBSD's pkgsrc.	See IrDA section for more details.
`security/ca-roots`	A list of SSL CA root certificates.	Need when you want to write SSL/TLS programs.
`print/cups`	The Common UNIX Printing System.	See cups section for more details.
`net/cvsup` (*)	General network file distribution system optimized for CVS (GUI version)	After install `xorg/x11`, remove `net/cvsup-without-gui` and install this one.
`www/lynx-ssl`	A non-graphical, text-based World-Wide Web client with SSL support.	Sometime we need a quick look at a web page.
`net-mgmt/etherape`	A graphical network traffic visualization tool for gnome.
`net-mgmt/ettercap`	A network sniffer/interceptor/injector/logger for switched LANs.
`comm/gammu`	Tool for managing various functions on mobile phone.
`security/gnupg`	The GNU Privacy Guard.
`net/iwi-firmware`	Intel PRO/Wireless 2200 Driver Firmware.	Select install with CONTROL when build.
`sysutils/lsof`	Lists information about open files similar to fstat.
`sysutils/pkg_cutleaves`	Interactive script for deinstalling 'leaf' packages.
`security/portaudit`	Checks installed ports against a list of security vulnerabilities.	A mist have port.
`net/rsync`	A network file distribution/synchronization utility.	A fastest method to syscronize files between 2 machines.
`security/sudo`	Allow others to run commands as root.
`archive/unzip`	List, test and extract compressed files in a ZIP archive.
`ftp/wget`	Retrieve files from the Net via HTTP and FTP.
`net/wireshark`	A powerful network analyzer/capture tool.

Note: (*) package -- install using prebuild packages.

4.3. Multimedia

Table 6. Installed Multimedia ports

Name	Description	Remark
`multimedia/beep-media-player`	GTK2 multimedia player.	OSD mp3 player. The gnome sound system (ESD) performance and quality is sub-par. Unfortunely, use OSD prevent another application (such as gnome) to use the sound. You need to disable gnome sound system (ESD) to use OSD application.
`audio/bmp-faad`	Beep Media Player (BMP) plugin for FAAD2 (MPEG-2, MPEG-4 AAC) decoder	AAC sound quality is better and a file size is smaller than an MP3 files. The AAC encoder I use is WinAmp, rarewares in_mp4.zip for encode and out_faac.zip for decode.
`audio/dagrab`	Read audio tracks from a CD into wav sound files.	Some CD-audio is rip protect. You can not access tracks from Windows.
`audio/faac`	MPEG-2 and MPEG-4 AAC audio encoder.	If you don't want to use Windows to rip your tracks, this is a Unix tool for you.
`multimedia/xine`	An X11 OSD multimedia player.	gnome install `multimedia/totem-gstreamer` but gstreamer use ESD which has the sound quality problem.

4.4. Desktop Utilities

Table 7. Desktop Utilities

Name	Description	Remark
`textproc/docproj-nojadetex`	The "meta-port" for the FreeBSD Documentation Project.	The tools that use to create this document.
`editors/openoffice.org-2.0`(*)	The Office suite	Install as packages from ooopackages.good-day.net. Use pkg_add -f OOo_xxx_install_en-US.tbz to install. It will show the error that required packages are not installed, re-install those packages after the OOo. If you don't use "-f" it will try to extract an 110M tar ball ,then, when is found a missing packages, it will print the error and delete all those extracted files. You may also need the language pack such as `OOo_xxx_langpack_th.tar.bz2` for Thai language support. Download and extract the file ,then places all the files in `/usr/local/openoffice.org-2.0.3`.
`ftp/gftp`	A free multithreaded GTK-based GUI ftp and sftp client.
`graphics/gimp`	A GNU Image Manipulation Program.
`graphics/gthumb`	An image viewer and browser for the GNOME 2 environment.
`textproc/htdig`	A www indexing and searching system.	Use for searching local document such as programming manual.
`www/opera`	A blazingly fast, full-featured, standards-compliant browser.	Firefox is a resource hog, opera need a lot less resource. But for web developer, firefox with extensions is a must have application. I use opera for normal browse and use firefox to develop my web application.
`mail/thunderbird`	Mozilla Thunderbird is standalone mail and news that stands above.
`net/tightvnc`	Enhanced version of VNC.
`deskutils/tpb`	On-Screen-Display for hotkeys of IBM ThinkPads

4.5. Development Tools

Table 8. Installed Development Tools

Name	Description	Remark
`devel/ZendOptimizer`	An optimizer for PHP code.
`devel/ddd`	Data Display Debugger -- a common graphical front-end for GDB/DBX/XDB.
`java/diablo-jdk15`(*)	Java Development Kit 1.5	Install as packages from FreeBSD Foundation. Use pkg_add -f diablo-jdk-xxx.tbz to install. It will show the error that required packages is not install, re-install those packages after the jdk. If you don't use "-f" it will try to extract an 50M tar ball , then when is found a missing packages, it will print the error and delete all those 50M files.
`database/mysql51-server`	Multithreaded SQL database.
`database/postgresql81-server`	The most advanced open-source database available anywhere.
`lang/php4`	PHP Scripting Language (Apache Module and CLI).	Select CLI/APACHE and OPENSSL options.
`lang/php4-extenstion`	A "meta-port" to install PHP extensions	I use BCMATH/BZ2/CTYPE/CURL/GD/MBSTRING/MCRYPT/MHASH/MSSQL/ MYSQL/OVERLOAD/PCRE/PDF/PGSQL/POSIX/SESSION/SOCKETS/TOKENIZER/ XML/ZLIB options but your options may be vary depend on your work.
`database/phpMyAdmin`	A set of PHP-scripts to manage MySQL over the web.
`database/phppgadmin`	Web Based Postgres Administration.
`emulators/qemu`	QEMU CPU Emulator.	Need for running Microsoft IE to test the web page.
`emulators/kqemu-kmod`	Kernel Acceralator for QEMU CPU Emulator.
`editors/vim`	Vi "workalike", with many additional features.	My editor.

5. GUI Setting

5.1. X.Org Setting

This notebook has ATI Technologies Inc RV350 [Mobility Radeon 9600 M10] graphic chips which work fine on X.Org. So, let X.Org configured itself using

#Xorg -configure

and add any modification later. You can get my /etc/X11/xorg.conf configuration file. If you want to use USB mouse and TouchPad simutaneously,don't forget to run moused for TouchPad. Don't forget to add the line "zAxisMapping" "4 5" to use the wheel on the mouse.

I set the display size for my 14 inch Thinkpad to 285x214 mm. Xorg use this value to determine the correct DPI value of the screen.

You may want to enable DynamicClocks feature of ATI card to reduce the power consumption of the GPU but I found this option cause a problem on older version of Xorg. If you found any problem, remove the option.

Section "Monitor"
        Identifier   "Monitor0"
        VendorName   "IBM"
        ModelName    "T42-2372P42"
        DisplaySize  285  214
        Option       "DPMS"
EndSection

Section "InputDevice"
        Identifier  "Mouse0"
        Driver      "mouse"
        Option      "Protocol" "auto"
        Option      "Device" "/dev/sysmouse"
        #Scroll mouse
        Option "zAxisMapping" "4 5"
EndSection

Section "Device"
        Option     "DynamicClocks"
        Identifier  "Card0"
        Driver      "ati"
        VendorName  "ATI Technologies Inc"
        BoardName   "RV350 [Mobility Radeon 9600 M10]"
        BusID       "PCI:1:0:0"
EndSection

5.2. gnome Setting

My gnome desktop is look like this

or the full size (1400x1050) version.

The control set and window border are "Lush" from x11-themes/gnome-themes-extras and the icon set is "Crystal SVG 1.2.0" from x11-themes/gnome-icons-crystal. The background image is gnome "Clouds Pattern". I did not chage the gnome splash screen but if you want to change it , just replace /usr/X11R6/share/gnome/pixmaps/splash/gnome-splash.png with a new splash image.

The additional applets are "Keyboard Indicator", "System Monitor" , "Battery Charged Monitor" and "CPU Frequency Scaling Monitor".

Another hint for setting the desktop is height of the upper and lower panel. editor/vim has a last line display problem when you maximize gvim window and it has not enought space to the last line completely. Adjust the panel height until the last line of gvim is show completely.

The last thing I do for my gnome desktop is to add custom menu item. Unfortunely there is no good tool to add the menu item (there is gnome-menu-editor but I can not make it work as I want). If you want to add new menu item you must add the desktop file to the folder /usr/X11R6/share/applications and put the icon in the folder /usr/X11R6/share/pixmaps. For example, this is a wireshark.desktop

[Desktop Entry]
Name=WireShark
Comment=A network analyzer
Icon=wireshark.png
Exec=sudo wireshark
Terminal=false
Type=Application
Encoding=UTF-8
Categories=Application;Network;Monitor;

Which use sudo to run wireshark as root. This is a entry of wireshark on sudoers file.

cws     ALL=(root) NOPASSWD: /usr/local/bin/wireshark

5.3. Thai Language Setting

X11 has already support Thai language. All you need is Thai fonts and a program to switch keyboard layout. Both are already exists on the Internet.

5.3.1. Keyboard

New version of gnome is able to handle Thai input nicely. Just add "Keyboard Indicator" applet to your panel and add Thai keyboard layout.

5.3.2. Fonts

Just download and install them as another X11 font and make your XFree86/Xorg point to that directory. You can download Thai Font from this site. This is the fonts section of my /etc/X11/xorg.conf

    Section "Files"
        ...
        FontPath   "/usr/local/thai/fonts/iso8859-11/"
        FontPath   "/usr/local/thai/fonts/x11-fonts/"
        FontPath   "/usr/local/thai/fonts/TTF/"
    EndSection

You may need fonts.dir (for raster fonts) or fonts.scale (for True Type fonts),fonts.alias . Read X11 manual about these files or just copy one from standard X11 font directory and edit it. If you need mine , get them from above link. I got all Thai fonts from Linux TLE. Note: Font encoding for Thai is iso8859-11 but most applications may need the older encodings of tis620-0,tis620-2 or tis620.2533-1. Gnome

For gnome,I need to do edit /usr/X11R6/etc/fonts/local.conf make gnome use the new fonts

           <fontconfig>
            <dir>/usr/local/thai/fonts/TTF</dir>
            </fontconfig>

If you already has <fontconfig> tag , just insert the <dir> tag. Make sure that the dir name match the name in the /usr/X11R6/etc/fonts/local.conf.

There is also gnome thai menu,text, ... ,etc from NECTC Linux TLE, but I found no use of them.

5.3.3. Thai File Name in gnome

There is no workable Thai locale on FreeBSD but there is a workaround for gnome to display Thai file name. You must set G_FILENAME_ENCODING environment variable to WINDOWS-874 before start gnome. The best place to put this setting is your own .profile in the home directory:

...
G_FILENAME_ENCODING=WINDOWS-874;  export G_FILENAME_ENCODING
...

5.3.4. Thai Song Name in beep-media-player

multimedia/beep-media-player is not support Thai song name in the playlist. You need to patch the code to allow beep-media-player to show Thai song name. Apply the following patch to the port (create the folder /usr/ports/multimedia/beep-media-player , put the patch in the folder and the rebuild the port).

--- beep/util.c.org     Sat Aug 12 18:11:04 2006
+++ beep/util.c Sat Aug 12 18:11:25 2006
@@ -1211,6 +1211,9 @@
     if ((out_str = g_locale_to_utf8(str, -1, NULL, NULL, NULL)))
         return out_str;

+    if ((out_str = g_filename_to_utf8(str, -1, NULL, NULL, NULL)))
+        return out_str;
+
     /* all else fails, we mask off character codes >= 128,
        replace with '?' */
     return str_to_utf8_fallback(str);

5.3.5. Thai Word Break

The application that support Thai Word Break is editors/openoffice.org-2.0 + Thai language pack. If you want to write your own application, download libinthai. I don't write it and never use it , so don't ask me about it.

5.4. FireFox Extension

The real potential of firefox is its extensions. Without the extensions firefox may not better than another browser such as opera or IE. This is the list of extensions installed on my firefox for my Web development work.

My firefox theme is Noia 2.0 eXtreme.

6. Wireless Network

Since 6.0, FreeBSD support non-hidden SSID WPA wireless network with Intel(R) PRO/Wireless 2200BG/2915ABG out of the box. To enable wireless network connection:

Edit /etc/wpa_supplicant.conf to add your wireless network SSID and key.

network={
        ssid="WIRELESS1"
        psk="your_password_here"
}

Load related kernel modules .

#kldload if_iwi wlan_wep wlan_tkip wlan_ccmp wlan_xauth wlan_acl

Load Intel(R) PRO/Wireless 2200BG/2915ABG firmware.

#iwicontrol  -i iwi0 -d  /boot/firmware -m bss

The firmware and iwicontrol come from net/iwi-firmware. See this section for more detail.

You can check that everything is working with ifconfig

#ifconfig
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=4b<RXCSUM,TXCSUM,VLAN_MTU,POLLING>
        inet xx.xx.xx.xx netmask 0xffffff00 broadcast xx.xx.xx.255
        ether xx:xx:xx:xx:xx:xx
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        inet 127.0.0.1 netmask 0xff000000
iwi0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
        ether xx:xx:xx:xx:xx:xx
        media: IEEE 802.11 Wireless Ethernet autoselect
        status: no carrier
        ssid "" channel 1
        authmode OPEN privacy OFF txpowmax 100 protmode CTS

The next step is to associate your iwi0 to your access point with wpa_supplicant

#wpa_supplicant -B -i iwi0 -c /etc/wpa_supplicant.conf

Now you will see the wireless LAN LED grow. Use ifconfig to confirm the result

#ifconfig iwi0
iwi0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        ether xx:xx:xx:xx:xx:xx
        media: IEEE 802.11 Wireless Ethernet autoselect
        status: associated
        ssid WIRELESS1 channel 7 bssid xx:xx:xx:xx:xx:xx
        authmode WPA privacy ON deftxkey UNDEF TKIP 2:128-bit txpowmax 100
        protmode CTS roaming MANUAL bintval 100

The last step , you need to set IP parameters of the iwi0 interface. Assume that your wireless network use DHCP.

#killall dhclient
#ifconfig em0 down
#dhclient iwi0

Use ifconfig to confirm the result

#ifconfig iwi0
iwi0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet xx.xx.xx.xx netmask 0xffffff00 broadcast xx.xx.xx.255
        ether xx:xx:xx:xx:xx:xx
        media: IEEE 802.11 Wireless Ethernet autoselect
        status: associated
        ssid WIRELESS1 channel 7 bssid xx:xx:xx:xx:xx:xx
        authmode WPA privacy ON deftxkey UNDEF TKIP 2:128-bit txpowmax 100
        protmode CTS roaming MANUAL bintval 100

When you want to disconect the wireless network use the command.
```
#ifconfig iwi0 down
```

7. GSM Mobile Phone

As the road warrior , another device that you must have other than the notebook is a mobile phone. This section will describe about connecting between my T42 and Nokia 6230.

7.1. IrDA/GPRS connection

To use IrDA to create a GPRS connection from my 6320 phone

Enable IrDA in BIOS,it will be recognized as sio0 or sio1 (if you enable serial port in the BIOS). The device filename will be /dev/cuadXXX.
Install comms/birda.

Edit /etc/ppp/ppp.conf to add GPRS dial information

      ircomm-dialup:
          set device /dev/ttypv

          # This is IMPORTANT option
          enable force-scripts

          # You might want to change these
          set authname
          set authkey
          # Ask your provider for the number
          set phone "*99***1#"

          # You might want to adjust dial string as well
          set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \
                            \"\" AT OK-AT-OK ATE1Q0 OK \\dATD\\T TIMEOUT 40 CONNECT"
          set login
          set timeout 600
          enable dns
          resolv rewrite

          set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.255
          add default HISADDR

Create a connection:
```
#ircomm -d /dev/cuad0 -y /dev/ptypv &
```

Down current network (em0) and dial to the GPRS provider:

#killall dhclient
#ifconfig em0 down
#route flush
#ppp -background ircomm-dialup

7.2. Bluetooth/GPRS connection

To use Bluetooth to create a GPRS connection from my 6320 phone. There is a Bluetooth section in FreeBSD Handbook that show all the information need to make your Bluetooth work on FreeBSD. Anyways, the summary is here:

Put ng_ubt_load="YES" to /boot/loader.conf to load a bluetooth device driver. The device is not power up until you press Fn+F5.
Copy /usr/share/examples/netgraph/bluetooth/rc.bluetooth into /etc/rc.bluetooth.
Enable bluetooth on your phone,don't forget to make it visible to another device.
Press Fn-F5 to turn on Bluetooth device.

Run the following commands to list all bluetooth device near by.

#/etc/rc.bluetooth start ubt0 
BD_ADDR: 00:20:e0:7b:96:a1
Features: 0xff 0xff 0xf 00 00 00 00 00
<3-Slot> <5-Slot> <Encryption> <Slot offset>
<Timing accuracy> <Switch> <Hold mode> <Sniff mode>
<Park mode> <RSSI> <Channel quality> <SCO link>
<HV2 packets> <HV3 packets> <u-law log> <A-law log> <CVSD>
<Paging scheme> <Power control> <Transparent SCO data>
Max. ACL packet size: 192 bytes
Number of ACL packets: 8
Max. SCO packet size: 64 bytes
Number of SCO packets: 8
#hccontrol -n ubt0hci inquiry 
Inquiry result, num_responses=1
Inquiry result #0
        BD_ADDR: xx:xx:xx:xx:xx:xx
        Page Scan Rep. Mode: 0x1
        Page Scan Period Mode: 00
        Page Scan Mode: 00
        Class: 52:02:04
        Clock offset: 0x576e
Inquiry complete. Status: No error [00]

From the result of previous step, select id of device you want to connect to.

Edit /etc/bluetooth/hcsecd.conf to add the reference to your phone. For example:

device {
        bdaddr  xx:xx:xx:xx:xx:xx;
        name    "Cws Nokia 6230";
        key     nokey;
        pin     "123456789"; # PIN code (string up to 16 character)
}

Edit /etc/ppp/ppp.conf Add information about rfcomm:

rfcomm-client:
            enable lqr
            accept lqr
            set dial
            set timeout 0
            disable iface-alias

            # Do not use PPP authentication. Assume that
            # Bluetooth connection has already been authenticated 
            deny pap
            disable pap
            deny chap
            disable chap

rfcomm-dialup:
            # This is IMPORTANT option
            enable force-scripts

            # You might want to change these
            set authname
            set authkey
            # Ask your provider for the number
            set phone "*99***1#"

            # You might want to adjust dial string as well
            set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \
                      \"\" AT OK-AT-OK ATE1Q0 OK \\dATD\\T TIMEOUT 40 CONNECT"
            set login
            set timeout 600
            enable dns
            resolv rewrite

Create a connection:

#killall dhclient
#ifconfig em0 down
#hcsecd  
#hccontrol -n ubt0hci Create_Connection xx:xx:xx:xx:xx:xx
#rfcomm_pppd -a xxGammu:Main Page:xx:xx:xx:xx:xx -c -C 1 -d -l rfcomm-dialup

7.3. gammu

Gammu is a project which encompasses applications, scripts and drivers for managing various functions on cellular phones and similiar devices. Go to Gammu:Main Page for more detail.

There are many ways to connect gammu to the mobile phone but the only method I can make it work is to connect via Bluetooth.

[gammu]
       #Bluetooth mobile phone ID
       port = xx:xx:xx:xx:xx
       connection = bluerfphonet

#hccontrol -n ubt0hci Create_Connection xx:xx:xx:xx:xx:xx
%gammu -identify
Manufacturer  : Nokia
Model         : 6230 (RH-12)
Firmware      : 04.43 U (24-08-04)
Hardware      : 0660
IMEI          : xxxxxxxxxxxxxxxx
Original IMEI : xxxxxx/xx/xxxxxx/x
Manufactured  : 09/2005
Product code  : 0514053
UEM           : 400