Show Notes/Links: https://www.bsdnow.tv/332

The post The BSD Hyperbole | BSD Now 332 first appeared on Jupiter Broadcasting.

This time on the show, we’ll be talking with Ed Schouten about CloudABI. It’s a new application binary interface with a strong focus on isolation and restricted capabilities. As always, all this week’s BSD news and answers to your emails, on BSD Now – the place to B.. SD.

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

FreeBSD quarterly status report

• The FreeBSD team has posted a report of the activities that went on between January and March of this year
• As usual, it’s broken down into separate reports from the various teams in the project (ports, kernel, virtualization, etc)
• The ports team continuing battling the flood of PRs, closing quite a lot of them and boasting nearly 7,000 commits this quarter
• The core team and cluster admins dealt with the accidental deletion of the Bugzilla database, and are making plans for an improved backup strategy within the project going forward
• FreeBSD’s future release support model was also finalized and published in February, which should be a big improvement for both users and the release team
• Some topics are still being discussed internally, mainly MFCing ZFS ARC responsiveness patches to the 10 branch and deciding whether to maintain or abandon C89 support in the kernel code
• Lots of activity is happening in bhyve, some of which we’ve covered recently, and a number of improvements were made this quarter
• Clang, LLVM and LLDB have been updated to the 3.6.0 branch in -CURRENT
• Work to get FreeBSD booting natively on the POWER8 CPU architecture is also still in progress, but it does boot in KVM for the time being
• The project to replace forth in the bootloader with lua is in its final stages, and can be used on x86 already
• ASLR work is still being done by the HardenedBSD guys, and their next aim is position-independent executable
• The report also touches on multipath TCP support, the new automounter, opaque ifnet, pkgng updates, secureboot (which should be in 10.2-RELEASE), GNOME and KDE on FreeBSD, PCIe hotplugging, nested kernel support and more
• Also of note: work is going on to make ARM a Tier 1 platform in the upcoming 11.0-RELEASE (and support for more ARM boards is still being added, including ARM64)

OpenBSD 5.7 released

• OpenBSD has formally released another new version, complete with the giant changelog we’ve come to expect
• In the hardware department, 5.7 features many driver improvements and fixes, as well as support for some new things: USB 3.0 controllers, newer Intel and Atheros wireless cards and some additional 10gbit NICs
• If you’re using one of the Soekris boards, there’s even a new driver to manipulate the GPIO and LEDs on them – this has some fun possibilities
• Some new security improvements include: SipHash being sprinkled in some areas to protect hashing functions, big W^X improvements in the kernel space, static PIE on all architectures, deterministic “random” functions being replaced with strong randomness, and support for remote logging over TLS
• The entire source tree has also been audited to use reallocarray, which unintentionally saved OpenBSD’s libc from being vulnerable to earlier attacks affecting other BSDs’ implementations
• Being that it’s OpenBSD, a number of things have also been removed from the base system: procfs, sendmail, SSLv3 support and loadable kernel modules are all gone now (not to mention the continuing massacre of dead code in LibreSSL)
• Some people seem to be surprised about the removal of loadable modules, but almost nothing utilized them in OpenBSD, so it was really just removing old code that no one used anymore (very different from FreeBSD or Linux in this regard, where kernel modules are used pretty heavily)
• BIND and nginx have been taken out, so you’ll need to either use the versions in ports or switch to Unbound and the in-base HTTP daemon
• Speaking of httpd, it’s gotten a number of new features, and has had time to grow and mature since its initial debut – if you’ve been considering trying it out, now would be a great time to do so
• This release also includes the latest OpenSSH (with stronger fingerprint types and host key rotation), OpenNTPD (with the HTTPS constraints feature), OpenSMTPD, LibreSSL and mandoc
• Check the errata page for any post-release fixes, and the upgrade guide for specific instructions on updating from 5.6
• Groundwork has also been laid for some major SMP scalability improvements – look forward to those in future releases
• There’s a song and artwork to go along with the release as always, and CDs should be arriving within a few days – we’ll show some pictures next week
• Consider picking one up to support the project (and it’s the only way to get puffy stickers)
• For those of you paying close attention, the banner image for this release just might remind you of a certain special episode of BSD Now…

Tor-BSD diversity project

• We’ve talked about Tor on the show a few times, and specifically about getting more of the network on BSD (Linux has an overwhelming majority right now)
• A new initiative has started to do just that, called the Tor-BSD diversity project
• “Monocultures in nature are dangerous, as vulnerabilities are held in common across a broad spectrum. Diversity means single vulnerabilities are less likely to harm the entire ecosystem. […] A single kernel vulnerability in GNU/Linux that impacting Tor relays could be devastating. We want to see a stronger Tor network, and we believe one critical ingredient for that is operating system diversity.”
• In addition to encouraging people to put up more relays, they’re also continuing work on porting the Tor Browser Bundle to BSD, so more desktop users can have easy access to online privacy
• There’s an additional progress report for that part specifically, and it looks like most of the work is done now
• Engaging the broader BSD community about Tor and fixing up the official documentation are also both on their todo list
• If you’ve been considering running a node to help out, there’s always our handy tutorial on getting set up

PC-BSD 10.1.2-RC1 released

• If you want a sneak peek at the upcoming PC-BSD 10.1.2, the first release candidate is now available to grab
• This quarterly update includes a number of new features, improvements and even some additional utilities
• PersonaCrypt is one of them – it’s a new tool for easily migrating encrypted home directories between systems
• A new “stealth mode” option allows for a one-time login, using a blank home directory that gets wiped after use
• Similarly, a new “Tor mode” allows for easy tunneling of all your traffic through the Tor network (hopefully through some BSD nodes, as we just mentioned..)
• IPFW is now the default firewall, offering improved VIMAGE capabilities
• The life preserver backup tool now allows for bare-metal restores via the install CD
• ISC’s NTP daemon has been replaced with OpenNTPD, and OpenSSL has been replaced with LibreSSL
• It also includes the latest Lumina desktop, and there’s another post dedicated to that
• Binary packages have also been updated to fresh versions from the ports tree
• More details, including upgrade instructions, can be found in the linked blog post

Interview – Ed Schouten – ed@freebsd.org / @edschouten

CloudABI

News Roundup

Open Household Router Contraption

• This article introduces OpenHRC, the “Open Household Router Contraption”
• In short, it’s a set of bootstrapping scripts to turn a vanilla OpenBSD install into a feature-rich gateway device
• It also makes use of Ansible playbooks for configuration, allowing for a more “mass deployment” type of setup
• Everything is configured via a simple text file, and you end up with a local NTP server, DHCP server, firewall (obviously) and local caching DNS resolver – it even does DNSSEC validation
• All the code is open source and on Github, so you can read through what’s actually being changed and put in place
• There’s also a video guide to the entire process, if you’re more of a visual person

OPNsense 15.1.10 released

• Speaking of BSD routers, if you’re looking for a more “prebuilt and ready to go” option, OPNsense has just released a new version
• 15.1.10 drops some of the legacy patches they inherited from pfSense, aiming to stay closer to the mainline FreeBSD source code
• Going along with this theme, they’ve redone how they do ports, and are now kept totally in sync with the regular ports tree
• Their binary packages are now signed using the fingerprint-style method, various GUI menus have been rewritten and a number of other bugs were fixed
• NanoBSD-based images are also available now, so you can try it out on hardware with constrained resources as well
• Version 15.1.10.1 was released shortly thereafter, including a hotfix for VLANs

IBM Workpad Z50 and NetBSD

• Before the infamous netbook fad came and went, IBM had a handheld PDA device that looked pretty much the same
• Back in 1999, they released the Workpad Z50 with Windows CE, sporting a 131MHz MIPS CPU, 16MB of RAM and a 640×480 display
• You can probably tell where this is going… the article is about installing NetBSD it
• “What prevents me from taking my pristine Workpad z50 to the local electronics recycling facility is NetBSD. With a little effort it is possible to install recent versions of NetBSD on the Workpad z50 and even have XWindows running”
• The author got pkgsrc up and running on it too, and cleverly used distcc to offload the compiling jobs to something a bit more modern
• He’s also got a couple videos of the bootup process and running Xorg (neither of which we’d call “speedy” by any stretch of the imagination)

FreeBSD from the trenches

• The FreeBSD foundation has a new blog post up in their “from the trenches” series, detailing FreeBSD in some real-world use cases
• In this installment, Glen Barber talks about how he sets up all his laptops with ZFS and GELI
• While the installer allows for an automatic ZFS layout, Glen notes that it’s not a one-size-fits-all thing, and goes through doing everything manually
• Each command is explained, and he walks you through the process of doing an encrypted installation on your root zpool

Broadwell in DragonFly

• DragonFlyBSD has officially won the race to get an Intel Broadwell graphics driver
• Their i915 driver has been brought up to speed with Linux 3.14’s, adding not only Broadwell support, but many other bugfixes for other cards too
• It’s planned for commit to the main tree very soon, but you can test it out with a git branch for the time being

Feedback/Questions

• Bostjan writes in
• Hunter writes in
• Hrishi writes in
• Clint writes in
• Sergei writes in

Mailing List Gold

• How did you guess

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv – we’d love to hear from you guys if you’re working on anything cool
• The OpenBSD router tutorial has been reorganized and updated for 5.7, it has a new section on bandwidth statistics and has finally gotten so big that it now has a table of contents
• This year’s vBSDCon has been formally announced, and will take place between September 11th-13th in Reston, Virginia (eastern USA)
• There’s no official call for papers, but they do welcome people to submit talk ideas for consideration
• If you’re in Michigan, there’s a new BSD users group just starting up – LivBUG
• If there’s a local BUG in your area, let us know and we’ll be glad to mention it

The post Below the Clouds | BSD Now 88 first appeared on Jupiter Broadcasting.

This week on the show, we’ll be talking to Jos Schellevis about OPNsense, a new firewall project that was forked from pfSense. We’ll learn some of the backstory and see what they’ve got planned for the future. We’ve also got all this week’s news and answers to all your emails, on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

Be your own VPN provider with OpenBSD

• We’ve covered how to build a BSD-based gateway that tunnels all your traffic through a VPN in the past – but what if you don’t trust any VPN company?
• It’s easy for anyone to say “of course we don’t run a modified version of OpenVPN that logs all your traffic… what are you talking about?”
• The VPN provider might also be slow to apply security patches, putting you and the rest of the users at risk
• With this guide, you’ll be able to cut out the middleman and create your own VPN, using OpenBSD
• It covers topics such as protecting your server, securing DNS lookups, configuring the firewall properly, general security practices and of course actually setting up the VPN

FreeBSD vs Gentoo comparison

• People coming over from Linux will sometimes compare FreeBSD to Gentoo, mostly because of the ports-like portage system for installing software
• This article takes that notion and goes much more in-depth, with lots more comparisons between the two systems
• The author mentions that the installers are very different, ports and portage have many subtle differences and a few other things
• If you’re a curious Gentoo user considering FreeBSD, this might be a good article to check out to learn a bit more

Kernel W^X in OpenBSD

• W^X, “Write XOR Execute,” is a security feature of OpenBSD with a rather strange-looking name
• It’s meant to be an exploit mitigation technique, disallowing pages in the address space of a process to be both writable and executable at the same time
• This helps prevent some types of buffer overflows: code injected into it won’t execute, but will crash the program (quite obviously the lesser of the two evils)
• Through some recent work, OpenBSD’s kernel now has no part of the address space without this feature – whereas it was only enabled in the userland previously
• Doing this incorrectly in the kernel could lead to far worse consequences, and is a lot harder to debug, so this is a pretty huge accomplishment that’s been in the works for a while
• More technical details can be found in some recent CVS commits

Building an IPFW-based router

• We’ve covered building routers with PF many times before, but what about IPFW?
• A certain host of a certain podcast decided it was finally time to replace his disappointing consumer router with something FreeBSD-based
• In this blog post, Kris details his experience building and configuring a new router for his home, using IPFW as the firewall
• He covers in-kernel NAT and NATD, installing a DHCP server from packages and even touches on NAT reflection a bit
• If you’re an IPFW fan and are thinking about putting together a new router, give this post a read

Interview – Jos Schellevis – project@opnsense.org / @opnsense

The birth of OPNsense

News Roundup

On profiling HTTP

• Adrian Chadd, who we’ve had on the show before, has been doing some more ultra-high performance testing
• Faced with the problem of how to generate a massive amount of HTTP traffic, he looked into the current state of benchmarking tools
• According to him, it’s “not very pretty”
• He decided to work on a new tool to benchmark huge amounts of web traffic, and the rest of this post describes the whole process
• You can check out his new code on Github right now

Using divert(4) to reduce attacks

• We talked about using divert(4) with PF last week, and this post is a good follow-up to that introduction (though unrelated to that series)
• It talks about how you can use divert, combined with some blacklists, to reduce attacks on whatever public services you’re running
• PF has good built-in rate limiting for abusive IPs that hit rapidly, but when they attack slowly over a longer period of time, that won’t work
• The Composite Blocking List is a public DNS blocklist, operated alongside Spamhaus, that contains many IPs known to be malicious
• Consider setting this up to reduce the attack spam in your logs if you run public services

ChaCha20 patchset for GELI

• A user has posted a patch to the freebsd-hackers list that adds ChaCha support to GELI, the disk encryption system
• There are also some benchmarks that look pretty good in terms of performance
• Currently, GELI defaults to AES in XTS mode with a few tweakable options (but also supports Blowfish, Camellia and Triple DES)
• There’s some discussion going on about whether a stream cipher is suitable or not for disk encryption though, so this might not be a match made in heaven just yet

PCBSD update system enhancements

• The PCBSD update utility has gotten an update itself, now supporting automatic upgrades
• You can choose what parts of your system you want to let it automatically handle (packages, security updates)
• There’s also a new graphical frontend available for it
• The update system uses ZFS + Boot Environments for safe updating and bypasses some dubious pkgng functionality

Feedback/Questions

• Mat writes in
• Chris writes in
• Andy writes in
• Beau writes in
• Kutay writes in

Mailing List Gold

• Wait, a real one?
• What’s that glowing…

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)

The post Common *Sense Approach | BSD Now 72 first appeared on Jupiter Broadcasting.

On this week\’s episode, we\’ll be giving you an introductory guide on OpenBSD\’s ports and package system.

There\’s also a pretty fly interview with Karl Lehenbauer, about how they use FreeBSD at FlightAware.

Lots of interesting news and answers to all your emails, on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

BSDCan 2014 talks and reports, part 2

• More presentations and trip reports are still being uploaded
• Ingo Schwarze, New Trends in mandoc
• Vsevolod Stakhov, The Architecture of the New Solver in pkg
  
• Julio Merino, The FreeBSD Test Suite
• Zbigniew Bodek, Transparent Superpages for FreeBSD on ARM
• There\’s also a trip report from Michael Dexter and another (very long and detailed) trip report from our friend Warren Block that even gives us some linkage, thanks!

Beyond security, getting to know OpenBSD\’s real purpose

• Michael W Lucas (who, we learn through this video, has been using BSD since 1986) gave a \”webcast\” last week, and the audio and slides are finally up
• It clocks in at just over 30 minutes, managing to touch on a lot of OpenBSD topics
• Some of those topics include: what is OpenBSD and why you should care, the philosophy of the project, how it serves as a \”pressure cooker for ideas,\” briefly touches on GPL vs BSDL, their \”do it right or don\’t do it at all\” attitude, their stance on NDAs and blobs, recent LibreSSL development, some of the security functions that OpenBSD enabled before anyone else (and the ripple effect that had) and, of course, their disturbing preference for comic sans
• Here\’s a direct link to the slides
• Great presentation if you\’d like to learn a bit about OpenBSD, but also contains a bit of information that long-time users might not know too

FreeBSD vs Linux, a comprehensive comparison

• Another blog post covering something people seem to be obsessed with – FreeBSD vs Linux
• This one was worth mentioning because it\’s very thorough in regards to how things are done behind the scenes, not just the usual technical differences
• It highlights the concept of a \”core team\” and their role vs \”contributors\” and \”committers\” (similar to a presentation Kirk McKusick did not long ago)
• While a lot of things will be the same on both platforms, you might still be asking \”which one is right for me?\” – this article weighs in with some points for both sides and different use cases
• Pretty well-written and unbiased article that also mentions areas where Linux might be better, so don\’t hate us for linking it

Expand FreeNAS with plugins

• One of the things people love the most about FreeNAS (other than ZFS) is their cool plugin framework
• With these plugins, you can greatly expand the feature set of your NAS via third party programs
• This page talks about a few of the more popular ones and how they can be used to improve your NAS or media box experience
• Some examples include setting up an OwnCloud server, Bacula for backups, Maraschino for managing a home theater PC, Plex Media Server for an easy to use video experience and a few more
• It then goes into more detail about each of them, how to actually install plugins and then how to set them up

Interview – Karl Lehenbauer – karl@flightaware.com / @flightaware

FreeBSD at FlightAware, BSD history, various topics

Tutorial

Ports and packages in OpenBSD

News Roundup

Code review culture meets FreeBSD

• In most of the BSDs, changes need to be reviewed by more than one person before being committed to the tree
• This article describes Phabricator, an open source code review system that we briefly mentioned last week
• Instructions for using it are on the wiki
• While not approved by the core team yet for anything official, it\’s in a testing phase and developers are encouraged to try it out and get their patches reviewed
• Just look at that fancy interface!!

Michael Lucas\’ next tech books

• Sneaky MWL somehow finds his way into both our headlines and the news roundup
• He gives us an update on the next BSD books that he\’s planning to release
• The plan is to release three (or so) books based on different aspects of FreeBSD\’s storage system(s) – GEOM, UFS, ZFS, etc.
• This has the advantage of only requiring you to buy the one(s) you\’re specifically interested in
• \”When will they be released? When I\’m done writing them. How much will they cost? Dunno.\”
• It\’s not Absolute FreeBSD 3rd edition…

CARP failover and high availability on FreeBSD

• If you\’re running a cluster or a group of servers, you should have some sort of failover in place
• But the question comes up, \”how do you load balance the load balancers!?\”
• This video goes through the process of giving more than one machine the same IP, how to set up CARP, securing it and demonstrates a node dying
• Also mentions DNS-based load balancing as another option

PCBSD weekly digest

• This time in PCBSD land, we\’re getting ready for the 10.0.2 release (ISOs here)
• AppCafe got a good number of fixes, and now shows 10 random highlighted applications
• EasyPBI added a \”bulk\” mode to create PBIs of an entire FreeBSD port category
• Lumina, the new desktop environment, is still being worked on and got some bug fixes too

Feedback/Questions

• Paul writes in
• Matt writes in
• Kjell writes in
• Paul writes in
• Tom writes in

• All the tutorials are posted in their entirety at bsdnow.tv
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• If you want to come on for an interview or have a tutorial you\’d like to see, let us know
• Just a reminder, if you\’re using vnd (vnconfig) on OpenBSD for encryption, it\’s being retired for 5.7 – start planning to migrate your data to softraid
• There were also some security advisories for FreeBSD recently, make sure you\’re all patched up
• Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

The post AirPorts & Packages | BSD Now 40 first appeared on Jupiter Broadcasting.

We\’re back again! On this week\’s packed show, we\’ve got one of the biggest tutorials we\’ve done in a while. It\’s an in-depth look at PF, OpenBSD\’s firewall, with some practical examples and different use cases.

We\’ll also be talking to Peter Hansteen about the new edition of \”The Book of PF.\” Of course, we\’ve got news and answers to your emails too, on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

ALTQ removed from PF

• The classic packet queueing system, ALTQ, was recently removed from OpenBSD -current
• There will be a transitional phase between 5.5 and 5.6 where you can still use it by replacing the \”queue\” keyword with \”oldqueue\” in your pf.conf
• As of 5.6, due about six months from now, you\’ll have to change your ruleset to the new syntax if you\’re using it for bandwidth shaping
• After more than ten years, bandwidth queueing has matured quite a bit and we can finally put ALTQ to rest, in favor of the new queueing subsystem
• This doesn\’t affect FreeBSD, PCBSD, NetBSD or DragonflyBSD since all of their PFs are older and maintained separately

FreeBSD Quarterly Status Report

• The quarterly status report from FreeBSD is out, detailing some of the project\’s ongoing tasks
• Some highlights include the first \”stable\” branch of ports, ARM improvements (including SMP), bhyve improvements, more work on the test suite, desktop improvements including the new vt console driver and UEFI booting support finally being added
• We\’ve got some specific updates from the cluster admin team, core team, documentation team, portmgr team, email team and release engineering team
• LOTS of details and LOTS of topics to cover, give it a read

OpenBSD\’s OpenSSL rewrite continues with m2k14

• A mini OpenBSD hackathon begins in Morocco, Africa
• You can follow the changes in the -current CVS log, but a lot of work is mainly going towards the OpenSSL cleaning
• We\’ve got two trip reports so far, hopefully we\’ll have some more to show you in a future episode
• You can see some of the more interesting quotes from the tear-down or see everything
• Apparently they are going to call the fork \”LibreSSL\” ….
• What were the OpenSSL developers thinking? The RSA private key was used to seed the entropy!
• We also got some mainstream news coverage and another post from Ted about the history of the fork
• OpenBSD developer Reyk Floeter implemented privilege separation to store RSA keys in a separate process as an additional mitigation against key leakage from attacks such as heartbleed in relayd and OpenSMTPD
• You can compile libressl for other OSes
• Consider donating to the OpenBSD foundation – this fork will benefit all the other BSDs too

NetBSD 6.1.4 and 6.0.5 released

• New updates for the 6.1 and 6.0 branches of NetBSD, focusing on bugfixes
• The main update is – of course – the heartbleed vulnerability
• Also includes fixes for other security issues and even a kernel panic… on Atari
• Patch your Ataris right now, this is serious business

Interview – Peter Hansteen – peter@bsdly.net / @pitrh

The Book of PF: 3rd edition

Tutorial

BSD Firewalls: PF

News Roundup

New Xorg now the default in FreeBSD

• For quite a while now, FreeBSD has had two versions of X11 in ports
• The older, stable version was the default, but you could install a newer one by having \”WITH_NEW_XORG\” in /etc/make.conf
• They\’ve finally made the switch for 10-STABLE and 9-STABLE
• Check this wiki page for more info

GSoC-accepted BSD projects

• The Google Summer of Code team has got the list of accepted project proposals uploaded so we can see what\’s planned
• OpenBSD\’s list includes DHCP configuration parsing improvements, systemd replacements, porting capsicum, GPT and UEFI support, and modernizing the DHCP daemon
• The FreeBSD list was also posted
• Theirs includes porting FreeBSD to the Android emulator, CTF in the kernel debugger, improved unicode support, converting firewall rules to a C module, pkgng improvements, MicroBlaze support, PXE fixes, bhyve caching, bootsplash and lots more
• Good luck to all the students participating, hopefully they become full time BSD users

Complexity of FreeBSD VFS using ZFS as an example

• HybridCluster posted the second part of their VFS and ZFS series
• This new post has lots of technical details once again, definitely worth reading if you\’re a ZFS guy
• Of course, also watch episode 24 for our interview with HybridCluster – they do really interesting stuff

PCBSD weekly digest

• Preload has been ported over, it\’s a daemon that prefetches applications
• PCBSD is developing their own desktop environment, Lumina (there\’s also an FAQ)
• It\’s still in active development, but you can try it out by installing from ports
• We\’ll be showing a live demo of it in a few weeks (when development settles down a bit)

• All the tutorials are posted in their entirety at bsdnow.tv
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• If you\’ve got something cool to talk about and want to come on for an interview, shoot us an email
• Also if you have any tutorial requests, we\’d be glad to show whatever the viewers want to see
• It looks like OpenBSD 5.5 CD sets are already starting to show up in people\’s mail boxes – we\’ll have the full details of the release next week
• Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

The post Puffy Firewall | BSD Now 35 first appeared on Jupiter Broadcasting.

We sit down for an interview with Chris Buechler, from the pfSense project, to learn just how easy it can be to deploy a BSD firewall. We\’ll also be showing you a walkthrough of the pfSense interface so you can get an idea of just how convenient and powerful it is. Answers to your questions and the latest headlines, here on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

EuroBSDCon and AsiaBSDCon

• This year, EuroBSDCon will be in September in Sofia, Bulgaria
• They\’ve got a call for papers up now, so everyone can submit the talks they want to present
• There will also be a tutorial section of the conference
• AsiaBSDCon will be next month, in March!
• All the info about the registration, tutorials, hotels, timetable and location have been posted
• Check the link for all the details on the talks – if you plan on going to Tokyo next month, hang out with Allan and Kris and lots of BSD developers!

FreeBSD 10 on Ubiquiti EdgeRouter Lite

• The Ubiquiti EdgeRouter Lite is a router that costs less than $100 and has a MIPS CPU
• This article goes through the process of installing and configuring FreeBSD on it to use as a home router
• Lots of good pictures of the hardware and specific details needed to get you set up
• It also includes the scripts to create your own images if you don\’t want to use the ones rolled by someone else
• For such a cheap price, might be a really fun weekend project to replace your shitty consumer router
• Of course if you\’re more of an OpenBSD guy, you can always see our tutorial for that too

Signed pkgsrc package guide

• We got a request on IRC for more pkgsrc stuff on the show, and a listener provided a nice write-up
• It shows you how to set up signed packages with pkgsrc, which works on quite a few OSes (not just NetBSD)
• He goes through the process of signing packages with a public key and how to verify the packages when you install them
• The author also happens to be an EdgeBSD developer

Big batch of OpenBSD hackathon reports

• Five trip reports from the OpenBSD hackathon in New Zealand! In the first one, jmatthew details his work on fiber channel controller drivers, some octeon USB work and ARM fixes for AHCI
• In the second, ketennis gets into his work with running interrupt handlers without holding the kernel lock, some SPARC64 improvements and a few other things
• In the third, jsg updated libdrm and mesa and did various work on xenocara
• In the fourth, dlg came with the intention to improve SMP support, but got distracted and did SCSI stuff instead – but he talks a little bit about the struggle OpenBSD has with SMP and some of the work he\’s done
• In the fifth, claudio talks about some stuff he did for routing tables and misc. other things

This episode was brought to you by

Interview – Chris Buechler – cmb@pfsense.com / @cbuechler

pfSense

Tutorial

pfSense walkthrough

News Roundup

FreeBSD challenge continues

• Our buddy from the Linux foundation continues his switching to BSD journey
• In day 13, he covers some tips for new users, mentions trying things out in a VM first
• In day 14, he starts setting up XFCE and X11, feels like he\’s starting over as a new Linux user learning the ropes again – concludes that ports are the way to go
• In day 15, he finishes up his XFCE configuration and details different versions of ports with different names, as well as learns how to apply his first patch
• In day 16, he dives into the world of FreeBSD jails!

BSD books in 2014

• BSD books are some of the highest quality technical writings available, and MWL has written a good number of them
• In this post, he details some of his plans for 2014
• In includes at least one OpenBSD book, at least one FreeBSD book and…
• Very strong possibility of Absolute FreeBSD 3rd edition (watch our interview with him)
• Check the link for all the details

How to build FreeBSD/EC2 images

• Our friend Colin Percival details how to build EC2 images in a new blog post
• Most people just use the images he makes on their instances, but some people will want to make their own from scratch
• You build a regular disk image and then turn it into an AMI
• It requires a couple ports be installed on your system, but the whole process is pretty straightforward

PCBSD weekly digest

• This time around we discuss how you can become a developer
• Kris also details the length of supported releases
• Expect lots of new features in 10.1

Feedback/Questions

• Sean writes in: https://slexy.org/view/s216xJoCVG
• Jake writes in: https://slexy.org/view/s2gLrR3VVf
• Niclas writes in: https://slexy.org/view/s21gfG3Iho
• Steffan writes in: https://slexy.org/view/s2JNyw5BCn
• Antonio writes in: https://slexy.org/view/s2kg3zoRfm
• Chris writes in: https://slexy.org/view/s2ZwSIfRjm

• Our email backlog is pretty much caught up. Now\’s a great time to send us something – questions, stories, ideas, requests for something you want to see, anything
• All the tutorials are posted in their entirety at bsdnow.tv
• The OpenBSD router tutorial got a couple improvements and fixes
• Just because our tutorial contest is over doesn\’t mean you can\’t submit any, we would love if more listeners wrote up a tutorial on interesting things they\’re doing with BSD
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)
• The BSD Now shirt design has been finalized, we have the files and are working out the printing details… expect them to be available in early-to-mid March!

The post A Sixth pfSense | BSD 25 first appeared on Jupiter Broadcasting.