Skip to main content.

Episode 061: IPSECond Wind


Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent

This episode was brought to you by

iXsystems - Enterprise servers and storage for open sourceTarsnap - online backups for the truly paranoid


BSD panel at Phoenix LUG

  • The Phoenix, Arizona Linux users group had a special panel so they could learn a bit more about BSD
  • It had one FreeBSD user and one OpenBSD user, and they answered questions from the organizer and the people in the audience
  • They covered a variety of topics, including filesystems, firewalls, different development models, licenses and philosophy
  • It was a good "real world" example of things potential switchers are curious to know about
  • They closed by concluding that more diversity is always better, and even if you've got a lot of Linux boxes, putting a few BSD ones in the mix is a good idea

Book of PF signed copy auction

  • Peter Hansteen (who we've had on the show) is auctioning off the first signed copy of the new Book of PF
  • All the profits from the sale will go to the OpenBSD Foundation
  • The updated edition of the book includes all the latest pf syntax changes, but also provides examples for FreeBSD and NetBSD's versions (which still use ALTQ, among other differences)
  • If you're interested in firewalls, security or even just advanced networking, this book is a great one to have on your shelf - and the money will also go to a good cause
  • Michael Lucas has challenged Peter to raise more for the foundation than his last book selling - let's see who wins
  • Pause the episode, go bid on it and then come back!

FreeBSD Foundation goes to EuroBSDCon

  • Some people from the FreeBSD Foundation went to EuroBSDCon this year, and come back with a nice trip report
  • They also sponsored four other developers to go
  • The foundation was there "to find out what people are working on, what kind of help they could use from the Foundation, feedback on what we can be doing to support the FreeBSD Project and community, and what features/functions people want supported in FreeBSD"
  • They also have a second report from Kamil Czekirda
  • A total of $2000 was raised at the conference

OpenBSD 5.6 released

  • Note: we're doing this story a couple days early - it's actually being released on November 1st (this Saturday), but we have next week off and didn't want to let this one slip through the cracks - it may be out by the time you're watching this
  • Continuing their always-on-time six month release cycle, the OpenBSD team has released version 5.6
  • It includes support for new hardware, lots of driver updates, network stack improvements (SMP, in particular) and new security features
  • 5.6 is the first formal release with LibreSSL, their fork of OpenSSL, and lots of ports have been fixed to work with it
  • You can now hibernate your laptop when using a fully-encrypted filesystem (see our tutorial for that)
  • ALTQ, Kerberos, Lynx, Bluetooth, TCP Wrappers and Apache were all removed
  • This will serve as a "transitional" release for a lot of services: moving from Sendmail to OpenSMTPD, from nginx to httpd and from BIND to Unbound
  • Sendmail, nginx and BIND will be gone in the next release, so either migrate to the new stuff between now and then or switch to the ports versions
  • As always, 5.6 comes with its own song and artwork - the theme this time was obviously LibreSSL
  • Be sure to check the full changelog (it's huge) and pick up a CD or tshirt to support their efforts
  • If you don't already have the public key releases are signed with, getting a physical CD is a good "out of bounds" way to obtain it safely
  • Here are some cool images of the set
  • After you do your installation or upgrade, don't forget to head over to the errata page and apply any patches listed there

Interview - John-Mark Gurney - / @encthenet

Updating FreeBSD's IPSEC stack

News Roundup

Clang in DragonFly BSD

  • As we all know, FreeBSD got rid of GCC in 10.0, and now uses Clang almost exclusively on i386/amd64
  • Some DragonFly developers are considering migrating over as well, and one of them is doing some work to make the OS more Clang-friendly
  • We'd love to see more BSDs switch to Clang/LLVM eventually, it's a lot more modern than the old GCC most are using

reallocarray(): integer overflow detection for free

  • One of the less obvious features in OpenBSD 5.6 is a new libc function: "reallocarray()"
  • It's a replacement function for realloc(3) that provides integer overflow detection at basically no extra cost
  • Theo and a few other developers have already started a mass audit of the entire source tree, replacing many instances with this new feature
  • OpenBSD's explicit_bzero was recently imported into FreeBSD, maybe someone could also port over this too

Switching from Linux blog

  • A listener of the show has started a new blog series, detailing his experiences in switching over to BSD from Linux
  • After over ten years of using Linux, he decided to give BSD a try after listening to our show (which is awesome)
  • So far, he's put up a few posts about his initial thoughts, some documentation he's going through and his experiments so far
  • It'll be an ongoing series, so we may check back in with him again later on

Owncloud in a FreeNAS jail

  • One of the most common emails we get is about running Owncloud in FreeNAS
  • Now, finally, someone made a video on how to do just that, and it's even jailed
  • A member of the FreeNAS community has uploaded a video on how to set it up, with lighttpd as the webserver backend
  • If you're looking for an easy way to back up and sync your files, this might be worth a watch


Mailing List Gold

  • All the tutorials are posted in their entirety at
  • The OpenBSD router, dpb, PXE autoinstall and patched ISO building tutorials have all been updated for 5.6
  • Send questions, comments, show ideas/topics, or stories you want mentioned on the show to - tell us how we're doing or what you'd like to see in future episodes
  • You can usually watch live Wednesdays at 2:00PM Eastern (18:00 UTC), but...
  • We'll be in California at MeetBSD next week, so there will be a prerecorded episode
  • Speaking of conferences, the event has gotten a few more BSD speakers - check it out if you're in London on November 25th

Latest News

New announcement


We understand that Michael Dexter, Brad Davis, and George Rosamond think there should be more real news....

Two Year Anniversary


We're quickly approaching our two-year anniversary, which will be on episode 105. To celebrate, we've created a unique t-shirt design, available for purchase until the end of August. Shirts will be shipped out around September 1st. Most of the proceeds will support the show, and specifically allow us to buy...

New discussion segment


We're thinking about adding a new segment to the show where we discuss a topic that the listeners suggest. It's meant to be informative like a tutorial, but more of a "free discussion" format. If you have any subjects you want us to explore, or even just a good name...

How did you get into BSD?


We've got a fun idea for the holidays this year: just like we ask during the interviews, we want to hear how all the viewers and listeners first got into BSD. Email us your story, either written or a video version, and we'll read and play some of them for...

Episode 276: ho, ho, ho - 12.0


Direct Download:MP3 AudioVideo Headlines FreeBSD 12.0 is available After a long release cycle, the wait is over: FreeBSD 12.0 is now officially available. We’ve picked a few interesting things to cover in the show, make sure to read the full Release Notes > Userland: > Group permissions on /dev/acpi have been changed to allow users in...

Episode 275: OpenBSD in stereo


Direct Download:MP3 AudioVideo Headlines DragonflyBSD 5.4 released DragonFly version 5.4 brings a new system compiler in GCC 8, improved NUMA support, a large of number network and virtual machine driver updates, and updates to video support. This release is 64-bit only, as with previous releases. The details of all commits...

Episode 274: Language: Assembly


Direct Download:MP3 AudioVideo Headlines Assembly language on OpenBSD amd64+arm64 This is a short introduction to assembly language programming on OpenBSD/amd64+arm64. Because of security features in the kernel, I have had to rethink a series of tutorials covering Aarch64 assembly language on OpenBSD, and therefore this will serve as a placeholder-cum-reminder....

Episode 273: A thoughtful episode


Direct Download:MP3 AudioVideo Headlines Some thoughts on NetBSD 8.0 NetBSD is a highly portable operating system which can be run on dozens of different hardware architectures. The operating system's clean and minimal design allow it to be run in all sorts of environments, ranging from embedded devices, to servers, to workstations....