pfSense, 7 years young. Congratulations

pfSense is Seven

The pfSense  (which stands for…) project exists 7 years this week, well, that is the age of the pfSense domain. I’m sure the project existed long before that in Chris Buechler, the project founder’s head.

Congratulations to Chris and his team for the great job they’re doing and all the work they’ve done so far. According to some update stats there are currently ca. 100,000 known live pfSense installs.

pfSense and PBI’s

Some say that PC-BSD‘s PBI package format is not needed in addition to other *BSD ways of installing software, and that it’s “un-UNIX”. I think it’s a very user-friendly, point-and-click way for installing software, and advanced users don’t need to use it.

It’s great to see that not only FreeNAS, the NAS O/S, but also pfSense will be supporting PBI packages in the future:

Moving packages to PBIs – the package system in 2.1 will switch to using the PBI package system, originally from PC-BSD, though also used by some on stock FreeBSD installs. The benefit of using PBIs is each package has all its dependencies included in the package, which eliminates the dependency messes that can happen currently, such as one package requiring a certain version of a dependent package but another requiring a different version, uninstallation of one package stomping on another package by uninstalling a dependency it requires, uninstallation of a package breaking the base system by deleting things it uses (though we already work around that one automatically), easing clean uninstall of packages, amongst other benefits. This will be a great improvement in the package system for 2.1. (source)

If you’re looking for a feature rich (BSD) firewall, why not consider pfSense?

Some thoughts on UNIX and testing Opera on FreeBSD

Ruarí Ødegaard, who works for Opera, has put a post up with some of his thoughts on FreeBSD and Opera on FreeBSD: Some thoughts on UNIX and testing Opera on FreeBSD.

So I was actually quite excited last week when the new FreeBSD 9 RC 1 was released. Unlike with new releases of some of the Linux distros, I don’t usually have late night fears that Opera will get broken by some new major change or other. p

FreeBSD has a deserved reputation for being reliable and robust and not rushing change for its own sake. Nonetheless with any OS upgrade there is always the chance that we will have to make changes to accommodate, so with the release of RC1 I figured now was as good a time as any to give it a spin.

Installing FreeBSD with the new BSDInstall went without problems and so was running Opera.

Opera is a fast and full-featured Internet browser that includes pop-up blocking, tabbed browsing, integrated searches, and advanced functions like E-mail program, RSS Newsfeeds and IRC chat. You can install Opera on FreeBSD from /usr/pors/www/opera.

Ruari’s post: Some thoughts on UNIX and testing Opera on FreeBSD

Thanks to Mark B for emailing the link.

Thanks

(updated) Network Security monitoring using FreeBSD (Richard Bejtlich)

Richard Bejtlich as a security expert with a lot of experience on FreeBSD. This video is about network security monitoring using FreeBSD:

“I’ve been using FreeBSD as my preferred platform for Network Security Monitoring (NSM) since 2000. In this presentation I’ll discuss my latest thinking on using FreeBSD to identify normal, suspicious, and malicious traffic in enterprise networks. FreeBSD is a powerful platform for network traffic inspection and log analysis, and I’ll share a few ways I use it in production environments.”


 

Embedded Monowall Installation (video)

This tutorial will guide you through copying the m0n0wall image to a compact flash card and the initial configuration of the m0n0wall on the ALIX embedded board. I will be using a VPN accelerator card since I will have about 10 IPsec tunnels actively running at one time. I would only recommend using the VPN accelerator card if you plan on maintaining several VPN tunnels at one time, otherwise it is overkill.


Debian GNU/kFreeBSD on production

Debian GNU/kFreeBSD is a port that consists of GNU userland using the GNU C library on top of FreeBSD’s kernel, coupled with the regular Debian package set. This project is still very much work-in-progress. Rebort has Millan has a summary post of recent changes and updates: Recent improvements with Debian GNU/kFreeBSD

Robert has been using Debian GNU/kFreeBSD for a few week and writes:

Yesterday I begun using Debian GNU/kFreeBSD “squeeze” in thorin, my main workstation.

During the last few weeks I had to work through some of the limitations that were holding me back, such automated driver load and FUSE. I was lucky enough that other people filled the missing pieces I wanted, such as NFS client support and a GRUB bugfix that broke booting from Mirrored pools.

I have to say that I’m very satisfied. Barring a pair of small nuissances, the result is quite impressive: more…

PC-BSD 9.0RC1 available & new website

The first release candidate for the upcoming PC-BSD 9.0 is now available! This release includes the latest FreeBSD 9.0-RC1 base, along with numerous bug fixes and enhancements.

Notable changes in this release are:

  • Added support for installing to BootCamp partitions on Apple OSX systems
  • Added checks for invalid characters in the username
  • Added button to installer allowing toggle between US keyboard layout and currently selected
  • Added improved portjail init scripts
  • Life-Preserver now defaults to backing up to a remote directory set as the client hostname
  • Add some sanity checks to pbi-manager when creating new repositories
  • Fixed bugs setting the proxy server in pbi-manager / AppCafe (Uses the default config in networking GUI)
  • Improved the default firewall ruleset
  • Enable IPv6 support on all nic’s by default
  • Added options to pbi-manager which enables tmpfs memory building
  • Improved pc-thinclient setup to use pre-built FreeBSD world instead of building from source
  • Fix bug in pbi-manager when doing binary updates to ensure it is only attempted on the correct build
  • Fix issues installing with mirrors / raidz on ZFS

Source: PC-BSD 9.0RC1 Available (PC-BSD blog)

Have you seen PC-BSD’s new website? It has now the same look and feel as FreeNAS and iXsystems (Both PC-BSD and FreeNAS are projects supported by iXsystems).

 

Speed Daemons (BSD Magazine 2011-11)

A new issue (November 2011) of the free BSD Magazine is now available: Speed Daemons (pdf).

From the table of contents:

PC-BSD 9 Turns a New Page

Since 2005, PC-BSD has striven to make BSD accessible to the desktop user. Offering a slew of improvements and added features, this release brings a more accessible BSD operating system than ever. Read the review and find out more about it.

- Mark VonFange

A Beginner’s Guide To PF

OpenBSD, FreeBSD, and PC-BSD use a built-in firewall called “Packet Filter (PF)”. This article is intended for a PF beginner to get a beginner’s understanding of how to use PF in OpenBSD.

- Toby Richards

Creating Your Own PBI Repository

In this article author describes the steps required for setting up and maintaining your own repository on a FreeBSD system.

- Kris Moore

Speed Deamons

From this article you will learn how by using advanced networking mechanisms in FreeBSD build a high performance, highly available web application server.

- Lars R. Noldan

A GIS Strategy For Web-Enabled Business

In his final article of our GIS series, the author will show you how to successfully manage and commission a complex GIS project.

- Rob Somerville

Equip Your CA With a HSM For

The CA is used for identification and authentication of servers, clients and users. Together with author take a closer look at the security of Certificate Authority in his own network.

- Erwin Kooi

Terminals Served Up BSD Style

You may have your own reason for wanting a BSD terminal server. There are two solutions to this goal: FreeNX or XRDP. This article will show you how to use both solutions.

- Toby Richards

OpenBSD Kernel Memory Pools: Monitoring Usage With Systat

This article explains how to understand memory usage statistics for kernel memory pools as they are displayed by the systat(1) command on OpenBSD.

- Paul McMath

FreeBSD 8.2 Against Ubuntu Server

An Objective Comparison of two Power House Open Source Server Platforms, BSD Unix and Linux.

- Bill Harris

EuroBSDcon 2011 From An Organizers Perspective

Have an inside look at the EuroBSDcon and get to know about events and speeches that took place in the beginning of October 2011 in Netherlands.

- Jeroen van Nieuwenhuizen

Read and download: BSD Magazine: Speed Daemons (2011-11)

FreeBSD Quarterly Status Report (July – September 2011)

This report covers FreeBSD-related projects between April and June 2011. It is the third of the four reports planned for 2011: FreeBSD Quarterly Status Report (July – September 2011).

This quarter was mainly devoted to polishing the bits for the next major version of FreeBSD, 9.0, which is to be released by then end of this year.

From the table of contents:

Projects

FreeBSD Team Reports

Network Infrastructure

Kernel

Documentation

Architectures

Ports

Miscellaneous

Google Summer of Code

Read: FreeBSD Quarterly Status Report (July – September 2011.