- Cross-site scripting (XSS) vulnerability in FreeNAS before 0.69.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
- Cross-site request forgery (CSRF) vulnerability in the WebGUI in FreeNAS before 0.7RC1 allows remote attackers to hijack the authentication of users for unspecified requests via unknown vectors.
Olivier Cochard-Labbé, an IP routing expert and founder of FreeNAS (a FreeBSD based Network-Attached-Storage system), has released the first alpha (0.1) image of his new project: BSD Router Project - http://bsdrp.net
bsdrp is an open source customised distribution of FreeBSD dedicated to offering IP routing services for small ISP’s.
The release 0.1 of BSDRP is a fully working prototype, to be used on real or virtual machines that boot from ATA device only (not usb).
This first release includes:
- Base FreeBSD 8.0-CURRENT system (NanoBSD) for i386
- Customized script (config, upgrade, help, command completion, etc…)
- Quagga ready to use (OSPFv2, OSPFv3, RIP, RIPng and BGP)
- The main goal of BSDRP is not firewalling but routing. If you need a firewall don’t use BSDRP: Use m0n0wall or pfSense.
- BSDRP is not for a home use, but for compagny use (small ISP’s for example).
- BSDRP doesn’t have a Web GUI: It’s to be configured from a CLI only (like Cisco or Juniper)
- pfSense can be used for routing, but Olivier wanted to set up a Cisco or Juniper like project just for routing.
Thanks, Olivier, for contacting me to announce this project. If you have any (new) FreeBSD related products or services that you want to announce, submit it here.
- Upgrade to FreeBSD 7.2.
- Include ZFS support.
- Upgrade iSCSI initiator to 2.1.1.
- Replace iSCSI target by istgt. Thanks to Daisuke Aoyama for the WebGUI adaption. Please note, if you have used devices with the previous iSCSI target software you have to recreate your target.
- Add WOL patch for nVidia(nfe(4)) and 3Com(xl(4)).
- Upgrade mt-daapd/firefly to svn-1696.
- Refactor ‘Diagnostics|Log’ WebGUI.
- Add kernel patches to get ARTiGO A2000 hardware working.
- Respect the modified log file location (via rc.conf for syslog, fuppes, mt-daapd, …) in the WebGUI
- Upgrade transmission to 1.61. Add ‘Watch directory’ and ‘Extra options’ fields to ‘Services|BitTorrent’ WebGUI.
- Add entry ‘FTP – Ban module’ to the list of log files in ‘Diagnostics|Log’ if the module is enabled
- Add ‘iperf’, a tool to measure maximum TCP and UDP bandwidth
- Add ‘bsnmp-ucd’ module that implements parts of UCD-SNMP-MIB.
- Add SNMP client tools: bsnmpget, bsnmpset and bsnmpwalk
- Add ‘Auxiliary parameters’ to ‘Services|SNMP’ that will be added to the end of the snmpd.config file.
- Upgrade e2fsprogs to 1.41.5.
- Upgrade rsync to 3.0.6.
- Upgrade tftp-hpa to 0.49.
Visit the FreeNAS website for the latest info
This Tutorial will give you a run down on how to create a VMware using FreeNAS. The tutorial comes with screenshots and covers installation of FreeNAS, setting up an iSCSI target and connecting to it from Windows.
The following are some links I’ve saved up with regards to FreeNAS, the FreeBSD/m0n0wall based, open source Network Attached Storage operating system.
1. More Uses For Old PCs and Laptops
The Telegraph.co.uk has an article on how to re-use that old PC in your attic. One of the recommended uses is as file-server:
Turning your old PC into a NAS device is a bit more of a challenge. The hardware requirements won’t be a problem and most PCs less than 4 or 5 years old should be up to the job, though you’ll probably need to add some extra hard drive capacity. However, unlike a multimedia server, which can also, at a pinch, still be used as a PC, a NAS device is dedicated to the one task. It is also better suited to more serious applications, as it requires a more structured approach to file management and security. It can’t easily be done using Windows-based software either but there are several freeware and open source applications that do the job very well indeed. These include FreeNAS, NASLite and NanoNAS and OpenFiler, but they’re not for absolute beginners so be prepared for a fairly steep learning curve. [whole post here]
2. Connect a FreeNAS to a TiVo
Bob Bakh discusses how to set up a TiVO (settop box) to use a FreeNAS server for storage.
I configured a box to run FreeNAS on my network to manage storing Media, and backing up vital information in my home.
It was a great tool, however I wanted more, mainly the ability to simply play media stored on the FreeNAS box on my home TV without the use of a general purpose computer. One way was to use my AppleTV, hack it and use an AFP mount, or an NFS mount directly to the AppleTV, this worked well, but was a pain, and a hacked AppleTV is not a happy AppleTV. So I gave up on that plan.
I looked at my TiVo and realized I had the makings of a decent setup there, so I started to Google around for some solutions… [read the remainder]
3. Three Minutes to 3 Terabytes: VIA ARTiGO and FreeNAS Store Terabytes in a Shoebox
It truly is a beautiful thing when something just works. This is especially true with computers. High capacity storage has become almost a commodity with the price of an external 1 TB USB hovering around $100. All you have to do is plug in the power and connect the USB cable, and you’ve got instant storage expansion. Works great for a single computer, and you could even unplug it from one and plug it into another. While that does work, it tends to get old after a while, and if you’re using that method for backups, you will more than likely end up forgetting or just quitting altogether at some point.
Network Attached Storage (NAS) is one answer to sharing large storage devices over a network. You could buy a NAS device from your favorite local or Internet supplier, but chances are you’ll wind up with something less than what a “real” NAS has to offer. That’s where VIA’s ARTiGO A2000 comes in. The A2000 fits a full-featured computer with space for two 3.5″ SATA drives in a package about the size of a shoebox. Add to the hardware the FreeNAS open source software and you’ve got a really capable storage solution. [Read further how to setup VIA's ARTiGO A2000 with FreeNAS]
4. Time Machine OSX Leopard to FreeNAS
I recently replaced a Windows 2003 box with an OSX Leopard server; the users are now 90% mac users and long file names are always a problem for mac users on a windows file share so it makes sense. I installed the OSX server and setup the file shares required. Being an OSX Leopard server Time Machine is the obvious choice to backup the server. So it seems out of the box you can only use Time Machine with another OSX server or so it seems. I have always been keen on FreeNAS having used its cousin m0n0wall for some as a firewall.
A bit of quick digging round lead me to an article on ReadyNAS by DavidB. The instructions are for ReadyNAS but they work just as well for FreeNAS and I’m sure any other server you may want to use.
A quick summary of the process I followed based on the above article: [Read Further]
5. FreeNAS, IN DEPTH
Last but not least, Jupiter Broadcasting has an indepth review of FreeNAS:
- Upgrade Samba to 3.0.34.
- Upgrade ProFTPD to 1.3.2.
- Upgrade mDNSResponder to 1.08.6.
- Upgrade lighttpd to 1.4.22.
- Upgrade cdialog to 1.1.20080819.
- Upgrade e2fsprogs to 1.41.4.
- Upgrade nut to 2.4.1.
- Upgrade transmission to 1.51.
- Upgrade fusefs-ntfs/ntfs-3g to 2009.2.1.
- Upgrade 3Ware serial ATA RAID controller driver to 9.5.1.
- Upgrade bash to 4.0.10.
- Add ‘SSL/TLS only’ on ‘Services|FTP’ page to allow TLS/SSL connections only.
- Add ‘Reverse DNS lookup’ on ‘Services|FTP’ page. This and the ‘Ident protocol’ option are disabled per default because they may slow down or break the user login to the FTP server in some situations.
- Add ‘Authentication’ checkbox on ‘Services|BitTorrent’ page to enable/disable authentication for TransmissionBT WebGUI.
- Add checkbox to enable WOL on ‘Network|Interfaces|LAN’ and ’Interfaces|Optionalx’ pages. Please note that WOL only works for nfe, nve, sis, vr, xl.
- Add traceroute6 command.
- Add *.iso support to Fuppes UPnP.
- Move ‘m2ts’ video file extension to ‘default’ section.
- Add ‘Remote monitoring’ to ‘Services|UPS’ to allow adding remote monitors that monitor the local installed UPS in slave mode.
- Use WebGUI administrator password for the NUT user ‘root’.
- Add ability to mount UDF ISO images.
- Disable download feature in Quixplorer because there are misc. (PHP and system) limitations that makes this feature senseless.
- Prevent generation of core dump files (BR 2662404). Can be enabled via ’System|Advanced|sysctl.conf’.
- Add ability to enable/disable sysctl variables in ’System|Advanced|sysctl.conf’.
- Add XMLRPC services that are available via http://xxx.xxx.xxx.xxx/xmlrpc.php, e.g. system.getInfo.
- Add ability to configure ProFTPD module mod_ban via WebGUI.
- Add device I/O statistics to ‘Status|Disks’ page.
- Replace msntp with FreeBSD’s ntpdate.
- Allow setting TransmissionBT WebGUI user name.
- Allow to set the following TransmissionBT settings via WebGUI: peer port, port forwarding, pex, encryption mode and max. upload/download bandwidth.
For bug fixes and restrictions/known problems, check the announcement.
FrugalNYC has been using FreeNAS a lot over the last few weeks and put together some useful posts:
Are you using FreeNAS yet? Please let us know in the comments below how (backup server, file storage server) and where (at home / work)