More about this book can be found in a previous post.
This blog, FreeBSD – the unknown Giant, as the title suggests, covers only FreeBSD related stories and updates. However, over the last few months, I have received emails from my some readers asking why I don’t write about the “other BSDs”, such as OpenBSD, NetBSD and DragonflyBSD.
Well, the answer is quite simple: “There’s no need to!” No, not because they’re not worth writing about, they certainly are, but because there are already some quality blogs dedicated to each of these BSD operating systems. Hence my reason for not, or only occasionally, writing about then. Since these blogs are regularly updated with news, howtos and information on made progress, I’ve decided not to just copy, paste and republish what’s on those blogs.
To find out more about OpenBSD, visit the OpenBSD Journal. The DragonflyBSD digest is updated regularly with news relating to DragonflyBSD, and lately a lot on the progress of the newly created and much promising Hammer File System (HammerFS), whilst Hubert’s NetBSD blog brings the latest and greatest with regards to NetBSD.
Of course there are more many blogs and websites tracking the “big four”, but these are the best as far as I’m aware.
The Free Software Magazine has a good howto on installing and setting up pfSense.
This guide was written for Linksys, Netgear, and D-link users with no firewall or router experience. No experience is needed with FreeBSD or GNU/Linux to install and run pfSense. When you are finished, management of pfSense will be from a web interface just like any of the SOHO firewall/router appliances.
pfSense is a web-based firewall project that is similar, in terms of functionality, to the software in firewall appliances sold by Linksys, Netgear and D-Link. pfSense covers all the basic requirements offered by those appliances but offers so much more—in fact, it is really in a class by itself since it would be very difficult to find a commercial alternative that would provide what pfSense has to offer (or, anything cheaper than $2,000–$5,000).
Two good reasons to use pfSense
1. pfSense is a very powerful and stable project with advanced features. Users of pfSense have reported that it performs well even with hundreds of computers operating behind the firewall. pfSense has all the features of the SOHO units and much more. You can have multiple network subnets separate from each other using firewall rules. For example, you could have separate subnets for each business function; or separate Accounting, Marketing, Sales, and R&D from each other, while giving each one access to the Internet; or set up a HotSpot for your business, allowing users to access the Internet but not the company LAN (which usually contains a POS (Point Of Sale) system and/or proprietary information and non public computer systems).
2. If you are an experienced FreeBSD, GNU/Linux or Unix user you may wish to add applications from the FreeBSD repository. While running additional applications on a firewall can increase your exposure to potential risk of being hacked, it can still be extremely useful to add a few applications to pfSense. Once you get pfSense installed you can find a list of authorized ports under the System Packages tab. These can be installed with one click. The FreeBSD.org packages are added by the user via the shell the way it has been done for years. These FreeBSD.org packages are not officially supported by pfSense.
Not directly related to pfSense, but if you’re interested in professional qualifications maintaining and supporting firewall and routing platforms, have a look at the InfoSec Institute. InfoSec can help you receive your CISSP Certification and become an IT professional.
There are several conferences and expo’s where FreeBSD is promoted (and this seems to be increasing by the year). To keep track of when and where these are, I have set up a public calendar listing all FreeBSD related events, such as conferences, meetings, hackatons etc. This calendar is on Google Calendar (GCal) and is accessible to everybody.
- Name: FreeBSD events and conferences calendar
- Description: FreeBSD related conferences, trade shows, meetings and events that are of interest for users of FreeBSD and FreeBSD-based operating systems
If you already use Google Calandar, you can easily add the FreeBSD events calendar to yours (to find it, do a search for “FreeBSD”). Alternatively, those not using GCal, can view the calendar here.
Are you aware of any events where FreeBSD or any FreeBSD based operating systems are promoted that aren’t listed yet? Please let me know.
There are already two similar calendars but they aren’t maintained any longer. Hence my decision to start AND maintain another one.
This 280 page book is about the building, securing, and maintaining of networks with the FreeBSD operating system, and deals with the following topics
- Set up and manage networking on FreeBSD
- Virtualization with FreeBSD Jails, IPFW and PF
- Configure interfaces, protocols, and routing
Network Administrators looking for skills beyond installation and configuration of FreeBSD may find this book useful.
The following description has been taken from the Amazon page:
This book is a guide to FreeBSD for network administrators; therefore it does not cover basic installation and configuration of FreeBSD, but is about using FreeBSD to build, secure, and maintain networks. After introducing the basic tools for monitoring the performance and security of the system the book moves on to cover using jails-FreeBSD virtual environments-to secure your network.
Then it shows how to overcome the different bottlenecks that you may meet depending on the services you are running by tweaking different parameters to maintain a high performance from your FreeBSD server.
Next it covers using the ifconfig utility to configure interfaces with different layer protocols and about connectivity testing and debugging tools.
After covering using User PPP or Kernel PPP for Point-to-Point Protocol network configuration it explains basic IP forwarding in FreeBSD and the use of the built-in routing daemons, routed and route6d, which support RIPv1, RIPv2, RIPng, and RDISC.
Next it covers the OpenOSPFD and OpenBGPD daemons that you can install to run OSPF and BGP on your host.Then it covers setup and configuration of IPFW and PF, and finally looks at some important internet services and how to set them up on your FreeBSD server
A short review by Murray Stokely can be found here.
For more information and the best deals, visit:
Writing a kernel module for FreeBSD
FreeBSD 7.0 has already been released. If you are a real hacker, the best way to jump in and learn it is hacking together an introductory kernel module. In this article I’ll implement a very basic module that prints a message when it is loaded, and another when it is unloaded. I’ll also cover the mechanics of compiling our module using standard tools and rebuilding the stock FreeBSD kernel. Let’s do it!
source: Free Software Magazine (19/06/2008)
Adding gmirror to an existing installation
This article describes how a RAID-1 cluster was created on FreeBSD 7.0-STABLE box using gmirror.
Source: FreeBSD Diary (24/09/2008)
Chris Buechler, one of the pfSense Core Team members, has been working for several months on a pfSense Handbook which will be completed in the next 5-6 weeks and for sale from Amazon, Barnes & Noble, etc. around late August to early September.
The book will contain about 300-400 pages and a work in progress table of contents can be found here.
The title hasn’t been decided on for definite. Chris is open for suggestions from the community, so if you have a good title in mind, you can leave your suggestion in the comments section.
Last week I mentioned I was having some redirection problems, but they’re all sorted now, thanks to Chris’ help and suggestions. Many thanks Chris.
- Upgrade to FreeBSD 6.3;
- add ‘lagg’ link aggregation and link failover interface support (kernel);
- switch back to SCHED_4BSD scheduler; add generic web server service;
- complete review and typo fixes in source code;
- upgrade rsync to 3.0.2, smartmontools to 5.38, lighttpd to 1.4.19, e2fsprogs to 1.40.10, PHP to 5.2.6;
- use SAJAX to update miscellaneous WebGUI pages every 5 seconds to display current states;
- refactor complete S.M.A.R.T. WebGUI and ActiveDirectory WebGUI;
- add ability to web server WebGUI to configure URLs requiring authentication;
- replace Adaptec SCSI RAID administration tool aaccli with arcconf;
- upgrade Adaptec AACRAID 32- and 64-bit driver to version 5.2.0 Build 15727;
- replace UPnP media player MediaTomb with Fuppes
Firefox 3 is released and got off to a fantastic start: more than 8 million downloads within 24 hours, peaking at 17.000 downloads a minute.
Everybody browsing the internet uses (unconsciously) FreeBSD technology, such as TCP/IP, and a few only know that Firefox 3 comes integrated with some exciting FreeBSD technologies.
Murray Stokely has summarised:
The most widely publicized is probably the addition of Jason Evan’s memory allocator, jemalloc (link 1, link 2) written for FreeBSD 7.0 which has been included into Firefox to reduce memory fragmentation.
Another FreeBSD technology widely adopted by other products utilizing binary updates is Colin Percival’s bspatch client-side binary patching code. Kris Kennaway also notes that the ISC is hosting its FireFox mirrors on FreeBSD 7.0 machines to handle the unprecedented download demand as the Mozilla Foundation attempts to break a world record for downloads in a day.
FreeBSD press release and congratulations of Mozilla:
One of the FreeBSD technologies used by Firefox 3 is the new memory allocator, “jemalloc”, hich was written by FreeBSD developer Jason Evans for the FreeBSD 7 operating system. jemalloc is a fast, efficient memory allocator with excellent performance on multiprocessor machines. Though already a part of the FreeBSD 7 operating system, the Mozilla project has chosen to also incorporate it directly inside the Firefox 3 browser to improve memory performance and reduce memory use on other operating systems with legacy memory allocators. According to the blog of Firefox developer Stuart Parmenter, “Our automated tests on Windows Vista showed a 22% drop in memory usage when we turned jemalloc on.” Commenting on the Linux version of the browser, he wrote, “We saw a good performance increase and a drop in memory.”