Quick news: Firewalls, VirtualBSD, pfSense

Below three links to posts on pfSense and VirtualBSD

Techsource has an overview of 5 firewalls, one of which is the FreeBSD based pfSense.

If you’re having a small computer network at home or a huge office with hundreds of desktops, cyber security is something you can never compromise on. One thing that is a quintessential part of security is something we call a firewall.

A firewall is like the security guard at your door who keeps a watch on everyone who goes in and out. By allowing only legitimate connections to pass through and blocking connections based on a certain set of rules, the firewall secures the network from most kinds of threats that lurk around on the Internet. … continues

VirtualBSD review – Sneak a peak at FreeBSD

FreeBSD is a UNIX-like operating system, designed to be super stable and super secure. As such, it is probably not the simplest one to tame and run on a daily basis. Unfortunately, reliability and robustness do not always fully align with the mass-usage model of friendliness.

BSD developers realize this. So they released VirtualBSD, a VMware virtual appliance built using Xfce desktop with a very pretty theme and lots of programs and utilities preinstalled. VirtualBSD is intended for people who have never tried BSD or never dared try, did not have the right hardware for the task, or former users struck by nostalgia. Whatever the motives, testing VirtualBSD has never seen easier.

The article concludes with:

While the virtual machine test is far from being a real-life example of how simple or difficult or well-integrated a desktop is, VirtualBSD is a pleasant, refreshing diversion from the mainstream of free operating systems. It is an excellent technology demonstrator. The appliance testdrive proves that BSD is not a monster. Far from it; it’s a witty, charming, highly useful platform that anyone could use.

Even if you never intend on using BSD on your machine as the primary desktop, VirtualBSD could shatter some of your fears and misconceptions about the dreadful UNIX. It may not eclipse the Linux just yet, and probably never will, and it does not have to. What it can do is become another alternative should you need it, should you seek it. Overall, VirtualBSD delivers a handsome punch of good quality in all aspects of the desktop usage, aesthetics, availability of programs, codecs, everything. Quite a surprise and a breath of fresh air.

Looking back at my flirtations with the BSD family, things are getting better, significantly. The critical turning point is not there yet, but in time, this operating system might stir the flames of competition in the software world. For the time being, you have the perfect appliance to play with and sharpen your UNIX skills.

Read the whole article: VirtualBSD review – Sneak a peak at FreeBSD

FreeBSD PF updated to 4.5 for FreeBSD 9

Bjoern Zeeb committed PF 4.5 into FreeBSD HEAD for the 9 release (which will be the basis of pfSense 2.1), ported by Ermal Luci with help from Bjoern and Max Laier. Much of this work was funded by pfSense / BSDPerimeter, aside from volunteer efforts from Bjoern and Max providing some guidance along the way and Bjoern especially for review and assistance. (full post: FreeBSD PF updated to 4.5 for FreeBSD 9)

pfSense 2.0-RC3 now available

Chris Buechler has announced Release Candidate 3 (RC3) of the upcoming pfSense 2.0. Changes and revision history can be tracked on github.

If you’re keen to find out what’s been added and changed in 2.0 in general, have a look at the pfSense 2.0 new features and changes page. The final release can be expected in about four weeks time.

Links: pfSense | pfSense RC3 announcement (pfSense blog)

FreeNAS 8 – Audio interview and Magazine Article

There’s an audio interview (bsdtalk 206- FreeNAS 8 with Josh Paetzel) on BSD Talk with Josh Paetzel, IT Director at iXsystems. Will Backman and Josh discuss FreeNAS 8 in a 17 minute interview. (MP3OGG)

The June 2011 issue of BSD Magazine (NanoBSD and ALIX) has an article “Introducing FreeNAS 8.0“. The issue can be downloaded for free from here.

 

FreeNAS 8: interview and review

Techworld Australia caught up with Josh Paetzel, director of IT at iXsystems and project manager for FreeNAS 8, to talk about the current state of the OS, what lies ahead for it, and the relationship to FreeNAS 0.7.

Check out the article for the full conversation. One interesting piece of information is the fact that a multimedia plugin (PBI) is in the making that will bring back former home functionalities that are currently missing in FreeNAS 8.

Open source identity: FreeNAS 8′s Josh Paetzel

 

LinuxUser has a short review of FreeNAS 8: FreeNAS 8 Review

Pros: FreeNAS is an advanced NAS operating system with an easy-to-use web interface, especially if you love to use ZFS as your filesystem.
Cons:
Due to the complete rewrite, FreeNAS 8 has lost some interesting functionality for home users, and upgrades from a previous FreeNAS release are not possible.

LinuxUser gives FreeNAS a 4/5 verdict and concludes:

iXsystems has turned FreeNAS 8 into a modern, modular and future-proof NAS operating system. The new web interface is really easy-to-use without hiding the advanced features. Unfortunately some features didn’t make it through the re-write, but they are promised to reappear in FreeNAS 8.1. All in all, this makes FreeNAS currently the most advanced NAS operating system for home networks.

FreeNAS 8.0 Review (linuxuser.co.uk)

Miscelaneous news updates (arab-bsd, pf, cyphertite, PC-BSD)

Below a number of links to interesting FreeBSD (related) projects and resources.

ArabBSD

ArabBSD is a new FreeBSD related project, working to create an Arabian FreeBSD operating system:

ArabBSD is a project which aims to provide infrastructure for the most reliable and secure operating system FreeBSD. We aim to have our own Arab Operating System developers soon starting from the analysis of FreeBSD infrastructure,  block diagram formulation and call for research groups within each field.  Anyone who is interesting in operating systems and their news can join us. They will keep up with OS. OS is about everything in life containing all the types of programming. You can develop in the kernel and you can use this Operating System as a virtual environment for your project.

10 years of pf presentation

Henning Brauer has made his presentation from BSDCan 2011 available. Weighing in at 82 pages, he gives a detailed overview of what happened to the packet filter firewall (pf) in the last 10 years.

Interview with Kris Moore (PC-BSD)

PC Perspective‘s John Davis interviewed Kris Moore recently. They talk about PC-BSD’s hardware support, performance, games and the future. The full interview can be read here: Interview with Kris Moore, Founder and Lead Developer at PC-BSD.

There’s also an interview on Distrowatch by Jesse Smith on OS design elements. Jesse interviews Jenny Rosenberg and James Nixon (iXsystems). Read the full interview here:  In the eye of the beholder.

cyphertite

cyphertite is a high-security scalable solution for online backups that can be installed on FreeBSD. The project is looking for testers and feedback. cyphertite features include:

  • client-based system
  • IPv6 support
  • compresses and encrypts all data before transmission
  • deduplicates using fixed-size pieces of data called “chunks”
  • all network traffic is encrypted using openssl certificates and keys
  • realm deduplication i.e. only backs up a file once if it is on N computers that share the same user account
  • incremental backups for shorter backup window and smaller metadata files
  • local cache database of chunks already sent to server avoids unnecessary encryption and network traffic
  • pay according to storage space used, not per client machine
  • demonstrable privacy of client data with open source client

cyphertite.comInstall cyphertiteConfigure cyphertite

The Unix Method of Development Management

This is a mp3 recording of William Baxter’s NYCBUG presentation on The Unix Method of Development Management

Spanish video on PC-BSD

Sergio Ligregnio’s presentation on PC-BSD (in Spanish).


pfSense FAQs

pfSense is an open source distribution of FreeBSD-based firewall which provides a platform for flexible and powerful routing and firewalling. The versatility of pfSense presents us with a wide array of configuration options.

Matt Williamson takes a look at some frequently asked questions on pfSense such as:

  • Q: What are the minimum hardware requirements for pfSense?
  • Q: How does pfSense identify and assign interfaces?
  • Q: How to enable the Secure Shell (SSH) service in pfSense?
  • Q: How does pfSense assign DNS servers to the DHCP clients?
  • Q: What happens if the Register DHCP Leases in DNS Forwarder is enabled?
  • Q: What is an alias? What are the different types of aliases in pfSense?
  • Q: How does the OpenVPN service work?
  • Q: What are Gateway Groups?
  • Q: How are bridged interfaces useful and how can one bridge together two interfaces in pfSense?
  • Q: What is OLSR and how is it enabled in pfSense?
  • Q: How to configure pfSense to automatically back up its configuration file?

For the answers, check out the pfSense FAQ page on the PacktPub website or the purchase the Matt’s pfSense 2 Cookbook for many more answers and guides.

FreeNAS 8.0-RELEASE now available (detailed)

Following one beta and five release candidates (RC’s), FreeNAS 8.0-RELEASE has been made availabe earlier this week by iXsystems, the corporate sponser behind the FreeNAS Project. The last stable release was FreeNAS 0.7.2 (Sabanda), released mid-October 2010.

FreeNAS is a popular FreeBSD-based network storage server (NAS) that includes a full web based GUI, with support for FTP, NFS, CIFS (Samba), AFP, rsync, iSCSI protocols and software RAID (0,1,5).

FreeNAS 8 includes major architectural optimisations and is more modular than previous versions. To make the system easier to use, the GUI has been redesigned and rebuilt using Python and the Django web framework.

Highlights include better Apple Filing Protocol (AFP) and Common Internet File System (CIFS) configurations, as well as reworked and improved iSCSI support. Other changes include the addition of a volume importer, support for 6gbps 3Ware RAID controllers and GUI access via the HTTPS protocol.

The ZFS and UFS2 filesystems are both supported, but ZFS is the primary filesystem (ZFS on FreeBSD videos) which comes with many features, including quotas, snapshots, compression and replication that are not available in UFS2.

FreeNAS 8 requires a device of at least 1Gb in size and should be installed to a USB stick or Compact Flash device. Unlike previous versions, the drive that FreeNAS is installed on cannot be used as a component for a volume, nor can it be partitioned for sharing.

Upgrades from FreeNAS 0.7.x are unsupported as “the system has no way to import configuration settings from 0.7 versions of FreeNAS”. However, the volume importer “should” be able to handle volumes created with FreeNAS 0.7.

The FreeNAS stable versioning numbers have changed from 0.7.x to 8.0 to reflect the version number of the underlying FreeBSD base version. This version of FreeNAS (8) version is based on FreeBSD 8.2, but it is called 8.0 as there are near-future plans to add functionality that will get the versions caught up. Once FreeNAS 8.2 is out, a suffix will be added, such as 8.2.1 and 8.2.2.

Continue reading

FreeNAS 8.0 Released

iXsystems has announced the availability of FreeNAS 8-RELEASE. Along with the new .0 release, the FreeNAS website received a make-over.

Some of FreeNAS 8′s main features are:

1. FreeNAS 8.0-RELEASE supports NFS, CIFS, AFP, FTP and TFTP as filesharing mechanisms.  It also supports exporting devices via iSCSI as an iSCSI target.

2. Active Directory or LDAP for user authentication.

3. The ZFS and UFS2 filesystems are supported.  ZFS is the primary filesystem and enables usage of many features, including quotas, snapshots, compression and replication that are not available in UFS2.

Download FreeNAS 8.0

More information and background information to follow later today.