Skip to main content.

Episode 061: IPSECond Wind

2014-10-29

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent

This episode was brought to you by

iXsystems - Enterprise servers and storage for open sourceTarsnap - online backups for the truly paranoid


Headlines

BSD panel at Phoenix LUG

  • The Phoenix, Arizona Linux users group had a special panel so they could learn a bit more about BSD
  • It had one FreeBSD user and one OpenBSD user, and they answered questions from the organizer and the people in the audience
  • They covered a variety of topics, including filesystems, firewalls, different development models, licenses and philosophy
  • It was a good "real world" example of things potential switchers are curious to know about
  • They closed by concluding that more diversity is always better, and even if you've got a lot of Linux boxes, putting a few BSD ones in the mix is a good idea

Book of PF signed copy auction

  • Peter Hansteen (who we've had on the show) is auctioning off the first signed copy of the new Book of PF
  • All the profits from the sale will go to the OpenBSD Foundation
  • The updated edition of the book includes all the latest pf syntax changes, but also provides examples for FreeBSD and NetBSD's versions (which still use ALTQ, among other differences)
  • If you're interested in firewalls, security or even just advanced networking, this book is a great one to have on your shelf - and the money will also go to a good cause
  • Michael Lucas has challenged Peter to raise more for the foundation than his last book selling - let's see who wins
  • Pause the episode, go bid on it and then come back!

FreeBSD Foundation goes to EuroBSDCon

  • Some people from the FreeBSD Foundation went to EuroBSDCon this year, and come back with a nice trip report
  • They also sponsored four other developers to go
  • The foundation was there "to find out what people are working on, what kind of help they could use from the Foundation, feedback on what we can be doing to support the FreeBSD Project and community, and what features/functions people want supported in FreeBSD"
  • They also have a second report from Kamil Czekirda
  • A total of $2000 was raised at the conference

OpenBSD 5.6 released

  • Note: we're doing this story a couple days early - it's actually being released on November 1st (this Saturday), but we have next week off and didn't want to let this one slip through the cracks - it may be out by the time you're watching this
  • Continuing their always-on-time six month release cycle, the OpenBSD team has released version 5.6
  • It includes support for new hardware, lots of driver updates, network stack improvements (SMP, in particular) and new security features
  • 5.6 is the first formal release with LibreSSL, their fork of OpenSSL, and lots of ports have been fixed to work with it
  • You can now hibernate your laptop when using a fully-encrypted filesystem (see our tutorial for that)
  • ALTQ, Kerberos, Lynx, Bluetooth, TCP Wrappers and Apache were all removed
  • This will serve as a "transitional" release for a lot of services: moving from Sendmail to OpenSMTPD, from nginx to httpd and from BIND to Unbound
  • Sendmail, nginx and BIND will be gone in the next release, so either migrate to the new stuff between now and then or switch to the ports versions
  • As always, 5.6 comes with its own song and artwork - the theme this time was obviously LibreSSL
  • Be sure to check the full changelog (it's huge) and pick up a CD or tshirt to support their efforts
  • If you don't already have the public key releases are signed with, getting a physical CD is a good "out of bounds" way to obtain it safely
  • Here are some cool images of the set
  • After you do your installation or upgrade, don't forget to head over to the errata page and apply any patches listed there

Interview - John-Mark Gurney - jmg@freebsd.org / @encthenet

Updating FreeBSD's IPSEC stack


News Roundup

Clang in DragonFly BSD

  • As we all know, FreeBSD got rid of GCC in 10.0, and now uses Clang almost exclusively on i386/amd64
  • Some DragonFly developers are considering migrating over as well, and one of them is doing some work to make the OS more Clang-friendly
  • We'd love to see more BSDs switch to Clang/LLVM eventually, it's a lot more modern than the old GCC most are using

reallocarray(): integer overflow detection for free

  • One of the less obvious features in OpenBSD 5.6 is a new libc function: "reallocarray()"
  • It's a replacement function for realloc(3) that provides integer overflow detection at basically no extra cost
  • Theo and a few other developers have already started a mass audit of the entire source tree, replacing many instances with this new feature
  • OpenBSD's explicit_bzero was recently imported into FreeBSD, maybe someone could also port over this too

Switching from Linux blog

  • A listener of the show has started a new blog series, detailing his experiences in switching over to BSD from Linux
  • After over ten years of using Linux, he decided to give BSD a try after listening to our show (which is awesome)
  • So far, he's put up a few posts about his initial thoughts, some documentation he's going through and his experiments so far
  • It'll be an ongoing series, so we may check back in with him again later on

Owncloud in a FreeNAS jail

  • One of the most common emails we get is about running Owncloud in FreeNAS
  • Now, finally, someone made a video on how to do just that, and it's even jailed
  • A member of the FreeNAS community has uploaded a video on how to set it up, with lighttpd as the webserver backend
  • If you're looking for an easy way to back up and sync your files, this might be worth a watch

Feedback/Questions


Mailing List Gold


  • All the tutorials are posted in their entirety at bsdnow.tv
  • The OpenBSD router, dpb, PXE autoinstall and patched ISO building tutorials have all been updated for 5.6
  • Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv - tell us how we're doing or what you'd like to see in future episodes
  • You can usually watch live Wednesdays at 2:00PM Eastern (18:00 UTC), but...
  • We'll be in California at MeetBSD next week, so there will be a prerecorded episode
  • Speaking of conferences, the operatingsystems.io event has gotten a few more BSD speakers - check it out if you're in London on November 25th

Latest News

Two Year Anniversary

2015-08-08

We're quickly approaching our two-year anniversary, which will be on episode 105. To celebrate, we've created a unique t-shirt design, available for purchase until the end of August. Shirts will be shipped out around September 1st. Most of the proceeds will support the show, and specifically allow us to buy...

New discussion segment

2015-01-17

We're thinking about adding a new segment to the show where we discuss a topic that the listeners suggest. It's meant to be informative like a tutorial, but more of a "free discussion" format. If you have any subjects you want us to explore, or even just a good name...

How did you get into BSD?

2014-11-26

We've got a fun idea for the holidays this year: just like we ask during the interviews, we want to hear how all the viewers and listeners first got into BSD. Email us your story, either written or a video version, and we'll read and play some of them for...

EuroBSDCon 2014

2014-09-18

As you might expect, both Allan and Kris will be at EuroBSDCon this year. They'll be busy hunting down various BSD developers and forcing them to do interviews, but don't hesitate to say hi if you're a listener!...


Episode 143: One small step for DRM, one giant leap for BSD

2016-05-25

Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Headlines How the number of states affects pf’s performance of FreeBSD Our friend Olivier of FreeNAS and BSDRP fame has an interesting blog post this week detailing his unique issue with finding a firewall...

Episode 142: Diving for BSD Perls

2016-05-18

Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Headlines The May issus of BSDMag is now out GhostBSD Reusing OpenBSD's arc4random in multi-threaded user space programs Securing VPN's with GRE / Strongswan Installing XFCE 4.12 on NetBSD 7 Interview with Fernando Rodriguez, the co-founder of KeepCoding A...

Episode 141: BSD Likes Ike!

2016-05-11

Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Headlines Regarding Embargoes Our buddy TedU has a great thought piece today on the idea of “embargoes” for security advisories. This all stemmed from a recent incident with LibreSSL patches from embargoed OpenSSL vulns,...

Episode 140: Tracing it back to BSD

2016-05-04

Tracing it back to BSD Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Headlines FreeBSD Quarterly Report This quarterly status report starts with a rather interesting introduction by Warren Block ASLR Porting CEPH to FreeBSD RCTL I/O Rate Limiting The Graphics Stack on FreeBSD (Haswell is in,...