Blogs for “the other BSDs”: NetBSD, OpenBSD and DragonFlyBSD

This blog, FreeBSD – the unknown Giant, as the title suggests, covers only FreeBSD related stories and updates. However, over the last few months, I have received emails from my some readers asking why I don’t write about the “other BSDs”, such as OpenBSD, NetBSD and DragonflyBSD.

Well, the answer is quite simple: “There’s no need to!” No, not because they’re not worth writing about, they certainly are, but because there are already some quality blogs dedicated to each of these BSD operating systems.  Hence my reason for not, or only occasionally, writing about then. Since these blogs are regularly updated with news, howtos and information on made progress, I’ve decided not to just copy, paste and republish what’s on those blogs.

To find out more about OpenBSD, visit the OpenBSD Journal. The DragonflyBSD digest is updated regularly with news relating to DragonflyBSD, and lately a lot on the progress of the newly created and much promising Hammer File System (HammerFS), whilst Hubert’s NetBSD blog brings the latest and greatest with regards to NetBSD.

Of course there are more many blogs and websites tracking the “big four”, but these are the best as far as I’m aware.

Configure a professional firewall using pfSense

pfSense project logoThe Free Software Magazine has a good howto on installing and setting up pfSense.

This guide was written for Linksys, Netgear, and D-link users with no firewall or router experience. No experience is needed with FreeBSD or GNU/Linux to install and run pfSense. When you are finished, management of pfSense will be from a web interface just like any of the SOHO firewall/router appliances.

pfSense is a web-based firewall project that is similar, in terms of functionality, to the software in firewall appliances sold by Linksys, Netgear and D-Link. pfSense covers all the basic requirements offered by those appliances but offers so much more—in fact, it is really in a class by itself since it would be very difficult to find a commercial alternative that would provide what pfSense has to offer (or, anything cheaper than $2,000–$5,000).

Two good reasons to use pfSense

1. pfSense is a very powerful and stable project with advanced features. Users of pfSense have reported that it performs well even with hundreds of computers operating behind the firewall. pfSense has all the features of the SOHO units and much more. You can have multiple network subnets separate from each other using firewall rules. For example, you could have separate subnets for each business function; or separate Accounting, Marketing, Sales, and R&D from each other, while giving each one access to the Internet; or set up a HotSpot for your business, allowing users to access the Internet but not the company LAN (which usually contains a POS (Point Of Sale) system and/or proprietary information and non public computer systems).

2. If you are an experienced FreeBSD, GNU/Linux or Unix user you may wish to add applications from the FreeBSD repository. While running additional applications on a firewall can increase your exposure to potential risk of being hacked, it can still be extremely useful to add a few applications to pfSense. Once you get pfSense installed you can find a list of authorized ports under the System Packages tab. These can be installed with one click. The FreeBSD.org packages are added by the user via the shell the way it has been done for years. These FreeBSD.org packages are not officially supported by pfSense.

Not directly related to pfSense, but if you’re interested in professional qualifications maintaining and supporting firewall and routing platforms, have a look at the InfoSec Institute. InfoSec can help you receive your CISSP Certification and become an IT professional.

Read the howto or download the howto as PDF

Links: Free Software Magazine | pfSense howto | pfSense Project

FreeBSD events and conferences calendar

There are several conferences and expo’s where FreeBSD is promoted (and this seems to be increasing by the year). To keep track of when and where these are, I have set up a public calendar listing all FreeBSD related events, such as conferences, meetings, hackatons etc. This calendar is on Google Calendar (GCal) and is accessible to everybody.

  • Name: FreeBSD events and conferences calendar
  • Description: FreeBSD related conferences, trade shows, meetings and events that are of interest for users of FreeBSD and FreeBSD-based operating systems

If you already use Google Calandar, you can easily add the FreeBSD events calendar to yours (to find it, do a search for “FreeBSD”). Alternatively, those not using GCal, can view the calendar here.

Are you aware of any events where FreeBSD or any FreeBSD based operating systems are promoted that aren’t listed yet? Please let me know.

There are already two similar calendars but they aren’t maintained any longer. Hence my decision to start AND maintain another one.

Links: Google Calendar | FreeBSD GCal

Book: Network Administration with FreeBSD

Network Administration with FreeBSDA new book has been added to the “FreeBSD library”: “Network Administration with FreeBSD” by Babak Farrokhi.

This 280 page book is about the building, securing, and maintaining of networks with the FreeBSD operating system, and deals with the following topics

  1. Set up and manage networking on FreeBSD
  2. Virtualization with FreeBSD Jails, IPFW and PF
  3. Configure interfaces, protocols, and routing

Network Administrators looking for skills beyond installation and configuration of FreeBSD may find this book useful.

The following description has been taken from the Amazon page:

This book is a guide to FreeBSD for network administrators; therefore it does not cover basic installation and configuration of FreeBSD, but is about using FreeBSD to build, secure, and maintain networks. After introducing the basic tools for monitoring the performance and security of the system the book moves on to cover using jails-FreeBSD virtual environments-to secure your network.

Then it shows how to overcome the different bottlenecks that you may meet depending on the services you are running by tweaking different parameters to maintain a high performance from your FreeBSD server.

Next it covers using the ifconfig utility to configure interfaces with different layer protocols and about connectivity testing and debugging tools.

After covering using User PPP or Kernel PPP for Point-to-Point Protocol network configuration it explains basic IP forwarding in FreeBSD and the use of the built-in routing daemons, routed and route6d, which support RIPv1, RIPv2, RIPng, and RDISC.

Next it covers the OpenOSPFD and OpenBGPD daemons that you can install to run OSPF and BGP on your host.Then it covers setup and configuration of IPFW and PF, and finally looks at some important internet services and how to set them up on your FreeBSD server

A short review by Murray Stokely can be found here.

For more information and the best deals, visit:

Amazon.com | Amazon.co.uk | Amazon.ca | Amazon.de | Amazon.fr

Two FreeBSD howtos (kernel module & gmirror)

Writing a kernel module for FreeBSD

FreeBSD 7.0 has already been released. If you are a real hacker, the best way to jump in and learn it is hacking together an introductory kernel module. In this article I’ll implement a very basic module that prints a message when it is loaded, and another when it is unloaded. I’ll also cover the mechanics of compiling our module using standard tools and rebuilding the stock FreeBSD kernel. Let’s do it!

source: Free Software Magazine (19/06/2008)

Adding gmirror to an existing installation

This article describes how a RAID-1 cluster was created on FreeBSD 7.0-STABLE box using gmirror.

Source: FreeBSD Diary (24/09/2008)

pfSense book naming contest

pfSense project logoChris Buechler, one of the pfSense Core Team members, has been working for several months on a pfSense Handbook which will be completed in the next 5-6 weeks and for sale from Amazon, Barnes & Noble, etc. around late August to early September.

The book will contain about 300-400 pages and a work in progress table of contents can be found here.

The title hasn’t been decided on for definite. Chris is open for suggestions from the community, so if you have a good title in mind, you can leave your suggestion in the comments section.

Last week I mentioned I was having some redirection problems, but they’re all sorted now, thanks to Chris’ help and suggestions. Many thanks Chris.