FreeBSD Events and Conferences material (videos, pdf, guides etc)

Since not not everybody is able to attend (all) FreeBSD related conferences, it’s good that these presentations are uploaded so everybody can watch them later, and the rest of the online community can familiarise themselves with FreeBSD and related operating systems.

Recently the FreeBSD Multimedia page has had an update and Dru Lavigne has added much useful material and links to bsdevents.org.

If you want to catch up on some recent conferences this weekend, have a look at the two links above.

 

pfSense tutorial: Configure pfSense as an SMB-caliber firewall

“Imagine this scenario: Another business group in your midsize company needs some new network connectivity, but they also require a number of network security features, including an integrated access point, user authentication, VPN capabilities, and a firewall to separate a certain group from the rest of the network. Oh, and they also want access to Snort and Nmap. Luckily, pfSense offers all of these features along with a number of customization options.”

Keith Barker explains in this video tutorial how to configure an SMB-caliber firewall

FreeNAS 8.3.0-BETA3 available

The FreeNAS team has announced the availability of FreeNAS 8.3.0-BETA3. This is the last planned public beta of 8.3.0 as it moves towards the final.

“This BETA includes a refactoring of the Active Directory and LDAP integration. It has a rework of serial port support, adding the ability to set the serial port speed. The NFS sharing was refactored in BETA2 with an eye towards maintaining compatability with sharing schemes set up in previous FreeNAS releases. The refactored sharing is more powerful and flexible than previous releases, while enforcing the OS based rules. Support for the LSI “skinny” RAID conrollers was added.”

Announcement | Download FreeNAS 8.3.0-BETA3 | FreeNAS website

PC-BSD: From C*p to Critical

Michael Dexter has written up a review of PC-BSD 9.1.

He thinks PC-BSD is a great system with many window managers to choose from, has a good package manager and great jails management.

However, FreeBSD’s weak point is PC-BSD‘s: hardware support.

“It took time but PC-BSD is really shaping up nicely and teaches quite a few lessons about holistic OS design. I haven’t even explored its “Life Preserver” backup/FreeNAS option but the developers are clearly are focusing on adding the missing tools of the highest value. They are also focused on creating a complete client/server ecosystem and PC-BSD 9.1 users can look forward to expanded command line alternatives to the GUI tools. PC-BSD also has quite a few invisible features such as the unified base OS .txz it uses for jail creation that I may end up using for building BHyVe images. PC-BSD 9.0 and newer is truly worth a try and I applaud the progress its developers have made.”

FreeBSD SMP scalable PF coming to FreeBSD HEAD

Gleb Smirnoff writes on the FreeBSD PF Mailing List about a some improvements he has made to make Packet Filter (PF) SMP-scalable and faster:

“As you already may now, last half a year I’ve been working on making pf SMP-scalable and faster in general. More info can be found here:

Since that announce in June, I’ve been running experimental code for more than 2 months in production on several routers. Also, some brave people volunteered to be beta-testers and also run the experimental branch in last couple of months. Code proved to be stable enough.

The new code performs better in production: less CPU load, less jitter, more responsive system under high load. It performs better under synthetic benchmarks like random generated UDP flood. It performs much better when DoS comes in.”

pfSense – Squid + Squidguard / Traffic Shapping Tutorial

Ever wanted to set up a pfSense firewall/router with content filtering? Howtoforge has one of the easiest tutorials to help you set this up. If you have a spare box, there’s no reason now to wait any longer: pfSense – Squid + Squidguard / Traffic Shapping Tutorial

In this tutorial I will show you how to set up pfSense 2.0.1 up as an Internet Gateway with Squid Proxy / Squidguard Filtering. I will also show that you have to configure some extra features of pfSense like traffic shapping with squid.

PC-BSD 9.1 Review (Jupiter Broadcasting – video)

Jupiter Broadcasting has an episode reviewing PC-BSD

The PC-BSD 9.1 review starts at 39:50.

Notes and Summary

  • Your choice of Desktop Environments, Installer automatically adjusts the defaults depending on how much ram you have installed
  • Your options: KDE, Gnome, LXDE or XFCE
  • Another option is TrueOS, a console based server, FreeBSD with the CLI version of Warden, the PBI system, ZFS Boot Environments and other utilities
  • The install also offers vanilla FreeBSD Server
  • PC-BSD allows you to do a full ‘root on ZFS’ install (only recommended if you have 4 or more GB of ram), including creating many different datasets with different settings such as compression for optimal use of space
  • You have the option of the Basic Wizard, the Advanced Wizard, or the FreeBSD CLI partitioning system
  • The advanced Wizard also allows you to setup more complex ZFS mirror or RAIDZ
  • You can choose to optionally encrypt your hard disk using GELI
  • Warden is a Graphical and Command Line based manager for FreeBSD’s Jails feature
  • In FreeBSD a jail is a secondary installation of the OS files, which is then started in a chroot, and the processes, network and user/group IDs are separate
  • Allows you to manage three types of jails:
  • Traditional Jail – run internet applications in a container, if compromised, the attacker only gains access to the jail, not the host OS
  • Ports Jail – less secure version if jails, allows you to install applications from the FreeBSD ports tree without interfering with the PBI package manager in the host OS
  • Linux Jail – install Debian or Gentoo in a jail, and run your linux applications in a full linux environment
  • Warden also allows you to stop a jail, pack it up, and move it to a different physical machine
  • Warden also allows you to install meta-packages into the jails with a single click, allowing you to deploy apache+php+mysql in no time
  • Warden can back your jails storage with ZFS, allowing you to take advantage of ZFS features such as snapshots, clones (writable snapshots), revert to a previous snapshot, etc