FreeBSD link roundup – 28/04/09


FreeBSD Logo1) Martin Wilke is looking for people to test QT 4.5.1. He also reports he managed to get Firefox 3.1 Beta4 working on FreeBSD. Please test.

2) Ivan Voras has done some virtualised benchmarking of

  • Ubuntu 8.10,
  • FreeBSD 7.1 and
  • Windows Server 2008 R2 beta

on the three currently most prominent virtualisation platforms:

  • VMWare ESX 3.5 U3,
  • Citrix XenServer 5.0 U2,
  • Microsoft Hyper-V 2008 R2

The results are mostly better then I thought they will be. Especially suprising was FreeBSD’s more than decent performance which actually lead the others in one benchmark…”

… The results show that a wholly-virtualized FreeBSD machine under ESXi was consistently almost as fast as the para-virtualized Xen Linux.


pfSense logoAbout a month ago, the pfSense developers gave a sneak preview of the new pfSense dashboard theme. Following feedback and comments, Holger Bauer has now designed a new theme:

Well, after there was not too much love for my last theme I tried to do something more masscompatible this time trying to take all the critics in consideration that I earned so far:

  • less colorful, stick with the original pfSense-colors (grey/red)
  • don’t waste too much space for the header/footer
  • kind of corporate look
  • static menu, that doesn’t scroll away (I guess that at least was
  • something everybody liked about the hackathon theme)
  • more lightweight on graphics
  • So here is what I came up with so far. This is still in the making so (like always) your feedback is appreciated and might influence the final result.

New design here


BSD CertificationBSD Certification

Dru Lavigne has an update on the BSDA Exam

The BSD Associate Exam is now over a year old! Here are some interesting
atats so far:

  • 12 Events in all of 2008; 14 events in just the first half of 2009 
  • Over 1000 people have registered for a BSDCG ID (needed to register for an exam)
  • The exam has been held in US, Brazil, Canada, Germany, Japan, France, Denmark, Ukraine, Netherlands, Argentina, and the UK
  • So far, 66 people have passed the BSDA exam and received their certificates
  • Read further

Cisco meets its match (pfSense)

Cisco products are generally good and reliable, but often expensive. RickC had some issues with a Cisco firewall and takes the free pfSense for a spin, and he loves it… Is that surprising?

 Enter PFSense - the BSD-based firewall distro closely related to the m0n0wall project.  Having used several host-based firewalls like Smoothwall and m0n0wall over the years, I figured I’d give PFSense a shot.  I threw together a PIII 550 with 256MB RAM and a pair of Intel NICs – and installed pfsense, which is actually a LiveCD that you can then install to disk or usb drive.  The most basic setup is done from a menu-driven CLI, but once the Interfaces are assigned and the LAN side has an IP, you can access the web UI.  Better yet – it’s a web UI that works!  From their I was able to config PPPoE and all the NAT settings I needed in minutes.  From there is was just a matter of moving a few cables and I was switched over with an absolute minimum of downtime.

The feature set of pfsense is rich, easily on par with commercial appliances.  IPSEC, 1:1 NAT, inbound and outbound load balancing, fail-over, good logging options, lots of built-in graphing and monitoring and an excellent UI.  It’s built on BSD 7.0 and costs you absolutely nothing.  The distro is under constant development and it’s current status as per Secunia is zero unpatched vulnerabilities.  The PFsense community is strong and development of utils and add-ons offers many options to the operator.  The nice thing about having such a reasonable solution – you can easily afford to build a backup to either run in failover mode or use to swap out should your pfsense hardware fail.

I will likely continue to use PFSense going forward as my main firewall.  I guess I will still play with the 851 I can use it to learn more IOS and become a 1337 Cisco zealot like those I so admire.

Full story on (23/03/2008)

Released: pfSense 1.2.2

pfSense logoChris Buechler has announced the availability of pfSense 1.2.2, a security and bug-fix release of the FreeBSD-based firewall system:

pfSense 1.2.2 released! Only five changes from 1.2.1, but we did want to get these issues fixed and an updated version out there:

  • setup wizard fix – removing BigPond from the WAN page on the setup wizard caused problems; 
  • SVG graphs fixed in Google Chrome; 
  • IPsec reload fix specific to large (100+ sites) deployments; 
  • bridge creation code changes – there have always been issues when attempting to bridge more than two interfaces; 
  • FreeBSD updates for two security advisories on January 7, 2009. 

Most users on 1.2.1 won’t have any need to upgrade to 1.2.2, but if any of the above applies to you, then upgrade to this version. 1.2.2 should be used for all new installs.

Links: Release Announcement | DownloadspfSense-1.2.2 LiveCD-Installer | Website

Released: pfSense 1.2.1

pfSense project logo

pfSense project logo

The pfSense project have announced the availability of version 1.2.1:

This is a strictly a maintenance release, meaning it contains only bug fixes in the pfSense code, no new features. Though we also upgraded the base OS from FreeBSD 6.2 to 7.0, which necessitated numerous changes in how things are configured. The change to FreeBSD 7.0 brings improved performance and more hardware support.

AnnouncementChangelog | Downloads

If you’re interested in pfSense or if you’re using it in a production environment, you may be interested in the Network Perimeter Redundancy with pfSense presentation that Chris Buechler will be doing at the DCBSDCon 2009.

What do you get when you cross an enterprise-class packet filtering subsystem with a graphical front-end for easy configuration and maintenance?  A throbbing headache for commercial vendors like SonicWALL, that’s what.

More details on the presentation can be found here.

To find the details of other 2009 FreeBSD related events and conferences, check my FreeBSD Events calendar.