Slashdot Mirror
FreeBSD XP^H^H 4.5 available now
The_Rift was one of many who wrote in with this news: "The official mail has gone out to the FreeBSD-announce mailing list announcing the availability of Freebsd 4.5. Check your local mirrors for the ISOs.". The release notes have all the details, but take it from me -- this one is worth it just for the TCP/IP performance improvements by Matt Dillon and others. Kudos to Murray, Bruce, and the rest of the release engineering team.
and waste a lot of bandwidth in the process. cvsup is your friend.
It turns out it is a good thing that 5.0-CURRENT was frozen, and they concentrated on 4.X STABLE. It means I dont have to worry about changing to a new 5.X branch.
It was kinda annoying that the FreeBSD guys obsoleted 3.X so quickly, they had only really just fixed the glaring issues with the ATA driver corruption problem and other important issues (that affected my use of FreeBSD 3.4 for fileserving) and then they went and obsoleted it.
If 4.X stays as the most current tree in STABLE for another year, hell, another 2 years, I for one will be happy. I dont see the 1-year cycle for major number increments as much really other than ticking over the most siginificant version-numbers. Stuff that gets MFC'd from CURRENT is usually good enough for STABLE, Look at Linus, he dosent feel a need to tick over the major version numbers for Linux. I'd stay with FreeBSD 4.x if it goes all the way to (say) 4.7 or 4.8.
Anyone who considers arithmetical methods of producing random numbers is, of course, in a state of sin.-John von Neumann
Maybe I should really check out the FreeBSD FAQ & site & stuff, but hey, there's a lot of experts around here who can help me out, so I'll throw it in anyways:
;-)
Is it worthwhile for me to try FreeBSD now? I've already installed Win 95/98/2000, RedHat, Slackware,Suse,Debian & BeOS before and I still have an unfinished Linux from scratch install lurking around, but until now only Debian, Slack & Win 2000 stayed on long enough to make real use of them. ATM I'm running Debian w/KDE2.2 and I'm really happy with it, but hey, I still have a free 2Gig partition.
Can I run all apps/libs (or equivalents of the same quality) I use regularly now on FreeBSD? That would be KDE2.2, XMMS, OpenGL on GeForce2, MSN client, \LaTeX{}, Java1.2 a.o. Would It really bring me some extra performance/stability?
The whole FreeBSD approach does appeal to me, so I'm definitely interested in trying, but only if it has a real chance becoming my primary LILO partion
Someone tell me how to install this over a network, please.
The FreeBSD folks have already done this, in very plain language.
For myself, I'm doing a cvsup now as I write this. Make world gonna start to cooking tomorrow night. I'm probably about 2 weeks behind the release as I try to update fairly regularly with the latest stuff.
The really good part about this is that all that stuff that's been held back for release is now gonna start flowing back into the ports tree and src directories. Yummy!
The line must be drawn here. This far. No further.
Someone tell me how to install this over a network, please.
you need two floppies
kern.flp and mfsroot.flp
boot with them and choose a few menu items and it's off
all detailed at the freeBSD homepages of course
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
For the record, logical partitions are a fictional creation of Microsoft and are extremely scary, unnecessary things which you should probably avoid when using a sane operating system. You can have up to four primary partitions -- extended partitions and "logical drives" exist to expand that. The (sane) idea was that, if you used your first three partitions and expansion to more was imminent or necessary, you'd throw an extended partition in the fourth and put as many logical drives in it as you needed. You know, hda1-4 ... then your logical drives are hda5 and up.
It's a nice idea but since MS-DOS you've only been allowed to make one primary partition, and after that you're forced to put in an extended partition and logical drives. Most operating systems need to be installed on a primary, so your best bet would be using the operating system in question to set up the partition table. Last I checked even XP won't let you add more than one primary partition, but I could be wrong.
I've had the same problem with Intel Solaris. Bleh.
at last!!!1
now no fucking about with linux emulated Java
maybe now I can get java in Konqueror to work
and I know it's not new but maybe you linux heads might've missed it.
FreeBSD now has a third party script that will auto-update any ports you've installed.
cvs update to the lates ports list and run portupgrade -ra and ALL of your port instaleld software will be updated to the latest version and dependencies resolved and reset (and a tool pkgdb will do some pre upgrade checks)
It's great. I'm going on about it because I'm so impressed with it.
FreeBSD rocks
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
try open bsd. I am running it on my nat firewall (cable) and it runs in very modest settings. (I am running on a p100 w/32 megs ram and base install was 60 megs). You can install it from floppy disk over ISDN in an afternoon. (Look at the web site www.openbsd.org for install howto).
I have been running an ISDN gateway with FreeBSD 4.2 on an AMD 5x86-133 which is roughly comparable to your Pentium 90 for some time. It works perfectly well. Compiling the operating system takes a bit long, but that's not much of a surprise.
ISDN support under FreeBSD is very convenient. It uses the isdn4bsd system, which is integrated into recent versions of FreeBSD. In my opinion, it's superior to Linux, partly because configuration is easier and partly because ituses user-mode ppp by default instead of kernel-based systems which are usually more difficult to configure and maintain. You have to see if your ISDN card is supported. Most passive cards are. Check the ISDN section of the FreeBSD handbook.
There is absolutely no reason to panic.
An OpenBSD example can help you how FreeBSD scales for your biz.
A Pentium 120 with 48 MB RAM and a total 62 MB installation. 3 legged bastion host, making NAT for 130 WEB and ICQ maniac clients, protecting the DMZ with a heavy loaded Web server inside (2 requests per second). Making stateful inspection for the DMZ.
The only part expensive is the ethernet cards used in this box. Intel Pro100S, 51$ +VAT each (here in Turkiye).
ISDN support for {Free|Net|Open}BSD is really sophisticated. It's hard to experience problems.
Regards...
Should I, as a pretty experienced (Kernel compiling, configuration /etc) Linux User, give it a try?
I heard a lots of good things about FreeBSD, but how big are the differences to Linux (installation)?
X
Boycot? Blackout? Subscriptions?
I don't care!
To be honest, if you are just using workstation apps, and not really using it for anything like a nat box, or the 'server in the closet tha never gets turned off' , it's probably not worth your time. The nice thing about playing with it, you get a feel of something different, which is a good thing. Linux ,, redhat, is not the end-all be-all of server configurations.
;-)
I had a freebsd box sitting my in closet for about 18 months, until I got bored with it and install openbsd. BUT, I don't really do any xwindows stuff on it.. basically web serving, outgoing email gatway, nat, proxy, and the place where I build my Python programs and scripts.
I guess to summarize my experience, *BSD is not a workstation supliment, but more a compliment. It will sit there and do it's job without much headache. Thats good enough for me
Not all of the sites have the full set of files (yet), I had to hunt around a bit to find the '4.5-install.iso'.
Don't trust my math on transfer speeds?
(Yes, that transfer went via a proxy firewall)I do not deploy Linux. Ever.
Part of 'secure by default' is that the base install omits a lot of fluff- this makes for quicker installs, and a smaller footprint.
One nice option for a firewall, there are plenty of cheap 64MB 'IDE FLASH ATA' devices showing up on Ebay, etc. These look like a laptop drive, work with any IDE controller, have no moving parts.Compared to FreeBSD, there are drawbacks, the most glaring being the lack of SMP support.
Also, OpenBSD's installation process can be intimidating the first few times through. Where Free makes it easy, Open makes you think about disk partitioning and other low-level issues.
I do not deploy Linux. Ever.
Yes, in fact, I remember quite clearly when Linux 2.0 got syncookies. I'd wager 2.0.27 or 2.0.28. The syncookies implementation was totally awful. I was a pretty newbie sysadmin at the time, and whenever someone checked POP3 mail on our mailserver.. it'd warn us about sending syn cookies, and that all the students were attacking the mailserver whenever they loaded Microsoft Internet Mail.
:)
I didn't quite know what syncookies were. I just knew I didn't want them anymore after that. If it was an option in FreeBSD at that time, I would have laughed at the option, and subsequently turned it off. After other issues in 2.0.28 (was Linus drunk?), I tried FreeBSD by suggestion of my brother. Been pretty happy since.
I'm sure the issues I had have been long fixed in the Linux tree, and should be in the new FreeBSD implementation, I hope.
I'd check the CVS commits on the Linux kernel to give more precise info of the syncookies, but I can't seem to find them linked from http://www.linux.org/
I had just finished the first ISO.
I was about the finish the second ISO (96%)
and I had 3-5% on each of the third and fourth ISO's
and then they release 4.5... damnit...
*deletes 1+ gb of data, and begins again*
And this is all at a top of 15KB/s. And I can assure you it never got that high.
Computational Madness in a round package.
Also, OpenBSD's installation process can be intimidating the first few times through. Where Free makes it easy, Open makes you think about disk partitioning and other low-level issues.
Without sounding like an elitist, (which I am clearly or qualified to be), though the instalation was a bit awkward, it was direct and forward. After getting it installed, it was VERY easy to setup the configuration. All you really have to do is follow the instructions on the website. I had a machine setup in 2 hours (downloads and all w/floppy based install), after never touching the distro before thats not bad. Within 3 hours (and another helpful howto) I had the box hardened. Before the end of a long working day I had a VERY impressive set of rules setup to block various types of traffic, I understdood the difference between a stateless and statefull firewall and most importantly I understand why all the rules in my PF config where there.
I just find it nice knowing that there OBSD crew is working overtime to help me sleep better at night. At this stage in my career, if I am using and deploying open source solutions.. my judgment and credibility is on the line. I can't blame it on Scott or Bill if something goes wrong.
Cheers
Linus doesn't actually *DO* anything worth bumping up the numbers.
2.x aout
3.x elf
4.x cam
5.x new smp
Linux - 2.4 - the kernel of pain
What will 2.5 be? The kernel of torment?
Then 2.7 The kernel of icy death?
3.0 The Kernel of eternal buring flesh?
@.8 could just be the kernel of itchy rash.
This interview with Robert Watson describes many of the new 4.5-RELEASE features, and talks about how they relate to the much more advanced work in 5.0. He also talks about how the Linux development targets relate to those in FreeBSD, and says he reads linux-kernel regularly. It
sounds like 5.0 should be incredible.
FreeBSD has had a syncache for quite some time now; it has never been clear which of the two is technically superior.
Now FreeBSD implements both commonly accepted solutions; I haven't looked at the code enough to say for certain, but I'd assume that syn cookies would be used in order to avoid connection loss only during *very* high packet rates (10^5+ SYN packets/second) since the syn cache works fine up to those levels.
Tarsnap: Online backups for the truly paranoid
I had thought it was announced that the new Sun Authorized JDK was supposed to be in this release, but I find no information on the readme or the site?
I'm not sure how you went from syncookies to OpenBSD, but you did mention stateful inspection, so flame on!
Stateful Inspection(tm), stateful inspection, and TCP flag checks are not all the same thing. The INSPECT engine included in FireWall-1 is a dynamically-programmable state machine, capable of semi-complicated connection state tracking over a variety of connection-oriented (e.g. TCP) and connectionless (e.g. UDP) protocols. INSPECT is, in some form or another, patented. IPFILTER 's keep state clause (and IPFW's dynamic rules using the keep-state clause and the check state rule) also tracks connection state, but only for ICMP, UDP, and TCP, and it can only be changed by re-compiling the appropriate C code.
Here's the rant part: SIMPLY CHECKING TCP FLAGS IS NOT STATEFUL INSPECTION!! It's sometimes called stateless inspection and it means that a decision to pass or block a packet is decided on the characteristics of that packet alone. Allowing J. Random TCP packet to go through the firewall with a cursory check of the headers means I can do FIN or ACK scans through your firewall, and if you've got it set up to only log connection attempts, the scans won't even be logged. Suck!
As for stop denial of service attacks (aside: I hope to God I'm not the only person who has to figure out whether a person means the operating system or the network attack every time he sees those three letters), the only way to do that is to implement proper ingress AND egress filters on the gateway firewall or router. Needless to say, this is complicated, so most people don't bother.
Only you can prevent forest fires and improperly configured firewalls.
I'm proud of my Northern Tibetian Heritage
........the real Jordan Hubbard is user #3999, http://slashdot.org/~jkh/.
For those of you who missed the (as yet un-modded) AC above, this comment isn't the real Jordan Hubbard, and is thoroughly deserving of any Troll moderations it recieves.
It's a pretty damn good troll, though. Well crafted and subtle.
|>
Here be Dragons
> Contrary to popular belief, the ports system is
> a steaming pile of horse crap. It offers little
> or no flexibility in regards to how packages
> are built,
Most ports include all the options you need as make defines. If you need more, you can copy the makefile and edit it to your hearts content, and maybe type "send-pr" and submit a patch. Or you can just compile from bog standard source and have the rest of the ports tree use it because they look for libs, binaries and executables, not packages.
> and has a nasty habit of installing
> unecassary dependencies.
Such as? It's certainly nowhere near as bad as Debian, where the entire packages system is so complex and interdependent that it needs to go through years of testing before a release is concidered stable.
> For an example, try compiling PostgreSQL on a
> non-XFree FreeBSD machine from the ports tree.
> Notice how it insists on installing XFree86.
It used to want TK, which would want the XFree libs. That's no longer the case.
> You can't pass it any configure script options > like --without-xfree or ---don't build-
> retarded-gui.
For most people flags like -DWITHOUT_X11 etc are good enough. Otherwise scratch your itch and send-pr.
> Even with RPMs I can do that. In the end, you
> usually just wind up downloading the tarball
> and compiling it yourself, which seems to
> defeat the purpouse of a Ports/ Package
> Managment system entierly.
Making your own ports is trivial, pr's usually get resolved in a couple of days, and installing from source interacts with the ports system far better than any RPM/DEB system I've seen.
Frankly it sounds like you haven't tried it in a while. Sure, it's nowhere near perfect, but what is? Certainly not a binary package system with fragile dep issues and completely unaudited sources.