We kick off the first episode with the latest BSD news, show you how to avoid intrusion detection systems and talk to Peter Hessler about BGP spam blacklists!
Headlines
Radeon KMS commited
Committed by Jean-Sebastien PedronBrings kernel mode setting to -CURRENT, will be in 10.0-RELEASE (ETA 12/2013)10-STABLE is expected to be branched in October, to begin the process of stabilizing developmentInitial testing shows it works wellMay be merged to 9.X, but due to changes to the VM subsystem this will require a lot of work, and is currently not a priority for the Radeon KMS developerStill suffers from the syscons / KMS switcher issues, same as Intel videoMore info: https://wiki.freebsd.org/AMD_GPU***
VeriSign Embraces FreeBSD
"BSD is quite literally at the very core foundation of what makes the Internet work"Using BSD and Linux together provides reliability and diversityVerisign gives back to the community, runs vBSDCon"You get comfortable with something because it works well for your particular purposes and can find a good community that you can interact with. That all rang true for us with FreeBSD."***
fetch/libfetch get a makeover
Adds support for SSL certificate verificationRequires root ca bundle (security/root_ca_nss)Still missing TLS SNI support (Server Name Indication, allows name based virtual hosts over SSL)***
FreeBSD Foundation Semi-Annual Newsletter
The FreeBSD Foundation took the 20th anniversary of FreeBSD as an opportunity to look at where the project is, and where it might want to goThe foundation sets out some basic goals that the project should strive towards:Unify User Experience“ensure that knowledge gained mastering one task translates to the next”“if we do pay attention to consistency, not only will FreeBSD be easier to use, it will be easier to learn”Design for Human and Programmatic Use200 machines used to be considered a large deployment, with high density servers, blades, virtualization and the cloud, that is not so anymore“the tools we provide for status reporting, configuration, and control of FreeBSD just do not scale or fail to provide the desired user experience”“The FreeBSD of tomorrow needs to give programmability and human interaction equal weighting as requirements”Embrace New Ways to Document FreeBSDMore ‘Getting Started’ sections in documentationLink to external How-Tos and other documentation“upgrade the cross-referencing and search tools built into FreeBSD, so FreeBSD, not an Internet search engine, is the best place to learn about FreeBSD”Spring Fundraising Campaign, April 17 - May 31, raised a total of $219,806 from 12 organizations and 365 individual donors. In the same period last year we raised a total of $23,422 from 2 organizations and 53 individualsFunds donated to the FreeBSD Foundation have been used on these projects recently:Capsicum security-component frameworkTransparent superpages support of the FreeBSD/ARM architectureExpanded and faster IPv6Native in-kernel iSCSI stackFive New TCP Congestion Control AlgorithmsDirect mapped I/O to avoid extra memory copiesUnified Extensible Firmware Interface (UEFI) boot environmentPorting FreeBSD to the Genesi Efika MX SmartBook laptop (ARM-based)NAND Flash filesystem and storage stackFunds were also used to sponsor a number of BSD focused conferences: BSDCan, EuroBSDCon, AsiaBSDCon, BSDDay, NYCBSDCon, vBSDCon, plus Vendor summits and Developer summitsIt is important that the foundation receive donations from individuals, to maintain their tax exempt status in the USA. Even a donation of $5 helps make it clear that the FreeBSD Foundation is backed by a large community, not only a few vendorsDonate Today ***
The place to B...SD
Ohio Linuxfest, Sept. 13-15, 2013
Very BSD friendlyKirk McKusick giving the keynoteBSD Certification on the 15th, all other stuff on the 14thMultiple BSD talks***
LinuxCon, Sept. 16-18, 2013
Dru Lavigne and Kris Moore will be manning a FreeBSD boothNumber of talks of interest to BSD users, including ZFS coopEuroBSDCon, Sept. 26-29, 2013
Tutorials on the 26 & 27th (plus private FreeBSD DevSummit)43 talks spread over 3 tracks on the 28 & 29thKeynote by Theo de RaadtHosted in the picturesque St. Julians Area, Malta (Hilton Conference Centre)***
Interview - Peter Hessler -
[email protected] / @phessler
Using BGP to distribute spam blacklists and whitelists
Tutorial
Using stunnel to hide your traffic from Deep Packet Inspection
News Roundup
NetBSD 6.1.1 released
First security/bug fix update of the NetBSD 6.1 release branchFixes 4 security vulnerabilitiesAdds 4 new sysctls to avoid IPv6 DoS attacksMisc. other updates***
Sudo Mastery
MWL is a well-known author of many BSD booksAlso does SSH, networking, DNSSEC, etc.Next book is about sudo, which comes from OpenBSD (did you know that?)Available for preorder now at a discounted price***
Documentation Infrastructure Enhancements
Gábor Kövesdán has completed a funded project to improve the infrastructure behind the documentation projectWill upgrade documentation from DocBook 4.2 to DocBook 4.5 and at the same time migrate to proper XML tools.DSSSL is an old and dead standard, which will not evolve any more.DocBook 5.0 tree added***
FreeBSD FIBs get new features
FIBs (as discussed earlier in the interview) are Forward Information Bases (technical term for a routing table)The FreeBSD kernel can be compiled to allow you to maintain multiple FIBs, creating separate routing tables for different processes or jailsIn r254943 ps(1) is extended to support a new column ‘fib’, to display which routing table a process is using***
FreeNAS 9.1.0 and 9.1.1 released
Many improvements in nearly all areas, big upgradeBased on FreeBSD 9-STABLE, lots of new ZFS featuresCherry picked some features from 10-CURRENTNew volume manager and easy to use plugin management system9.1.1 released shortly thereafter to fix a few UI and plugin bugs***
BSD licensed "patch" becomes default
bsdpatch has become mature, does what GNU patch can do, but has a much better licenseApproved by portmgr@ for use in portsAdded WITH_GNU_PATCH build option for people who still need it***
View all episodes
