Category: FreeBSD

I finally got my own 1337 r00t Server. After a hint from Daniel Seuffert, that Elkhouse offers cheap FreeBSD root servers, i decided to get one, so that I will be able to use more of my ADSL bandwith for myself.
I will migrate content on this site step by step to Rollo, so expect some disruptions :-).
While doing the migration i decided to implement several improvements. First the apache runs now in a jail, second I have upgraded to php5 and third i intend to evaluate MT3.
The only thing that hasn’t been solved to my satisfaction yet is rollo’s reverse lookup, because I lack clue for configuring BIND in combination with CIDR (but “DNS & BIND” is on its way to me) and i have not yet moved one of my domains to Elkhouse.

Not long ago, CURRENT switched to 6.0, last week the RELENG_6 branch was created, so CURRENT is now 7.0.

mchammer# uname -a
FreeBSD mchammer.arved.de 7.0-CURRENT FreeBSD 7.0-CURRENT #20: Thu Jul 14 16:35:57 CEST 2005     arved@mchammer.arved.de:/usr/obj/usr/src/sys/MCHAMMER  amd64

While messing around with IPIP tunnels i tried to unload the ipfilter kernelmodule, which resulted in an instant reboot 🙁

There are currently only 650 open Problem Reports in the ports/ category. Less than 100 are unassigned. This is the lowest number since 2001. And the next portsfreeze is more than a month away, so there is a realistic chance to further decrease it (555 should be doable). At the moment even unsexy PRs get handled in a short time.
Unfortunately at the same time the kern/ category has reached an alltime high of more than 1500 open bug reports, so i am trying to cleanup some cruft there. I really need an src commit bit.
Reference: FreeBSD PR stats

So Teemu has been nagging me for some time. And Darren seems to have no time to fix ipfilter.
So today i migrated to pf. It was quite straight forward, although not as easy as the ipfw -> ipfilter Migration a few years ago, which worked surprisingly on my first try.
This time i needed three tries, first i added the wrong pass rules for the redirect rules (In ipfilter the nat is done after filtering, in PF before the filtering), than i confused $int_if:network with $internal_net (no they are not identical in my case), and the last error was, i was blocking RFC1918 nets although i was using one 🙂 (the cause of this error is similar to the first error).
I still don’t quite understand my ruleset (especially, why outgoing ntp packets get blocked although i have allowed all tcp udp outgoing).
But the essential parts seem to work, I can IRC and i can receive emails and you can read my blog.
I will try to fix the cornercases over the next week and try to look at the more sophisticated rules, like spamd, altq, carp, etc.
What i really like about PF is the pflog0 device, it makes it really easy to analyze errors in the ruleset.

I am currently trying to get GNOME running on FreeBSD-powerpc, the first big problem is mozilla, which is required for yelp, the GNOME online help browser.
It uses NSPR “Netscape Portable Runtime” which uses headerfiles to define the architecture feature like size of specific types etc of known Architecture/Operating System combinations. Additional is uses a GNU autoconf like configure script and there is a architecture dependant file called xptcinvoke_$ARCH_$OS.cpp *Argh* A portability nightmare.
I expect KDE to have a lot less problems.

PC BSD is a currently hyped BSD-“distro”.
Looking at the project page, it appears to be a one man project. Thanks to osnews distrowatch & Co. the mailinglists are flooded with clueless people.
I doubt that this project will have a long life, libh had several developers, the support of the FreeBSD community and failed.

I tried compiling the USB Audio driver on my Minimac.
Unfortunatly the uaudio(4) driver requires an ISA bus because it uses sndbuf_dmasetdir and sndbuf_dmabounce.
But the powerpc has no ISA bus…..
Luckily sound seems to work with a small patch. Now i just need a kernel hacker to write a nice portable solution.

Yesterday I committed a major update to the FreeBSD smartcard infrastructure. This was one of the most time-consuming commits since i am a FreeBSD committer. I have been working on this since January for several days, exchanging patches with the maintainer and upstream author, doing testing etc.
The commit changed the shared library version, the header file location and the drivers dropdirectory, so i had to fix every single application/ifdhandler that uses pcsc-lite.
Now we have catched up with last years pcsc-lite development and we finally have a port of libccid, so we are now supporting most USB smartcard readers.
So hopefully more people are using smartcards on FreeBSD

16:24 <@lesi> krion: extract xterm source and grep for dragons ;)

This is frightening. From main.c:

/*
*                               W A R N I N G
*
* If you think you know what all of this code is doing, you are
* probably very mistaken.  There be serious and nasty dragons here.
*