John Marino has created something very useful: a graphical tool for Hammer file history. It’s called ‘Slider’, and it uses curses to work in a terminal. It shows historic versions of files and can restore those old versions as needed. This was already possible in Hammer, of course, but it required a sequence of commands that were not straight-forward. I’ve been slow enough posting it that version 2.0 is already out, offering a way to see files that no longer exist, but are still in history. (i.e. deleted some time ago) ‘Time Machine’ sounds like the best name, but that seems to be taken.
I’m going to dive right in with an anecdote: As is normal for anyone in systems administration, I’m busy at work. I’ve been short an employee for some time, and I brought in a managed service provider to do some work. This included a revamping of the network equipment and layout, as it has been growing organically rather than in a planned fashion.
I received the formal assessment from the provider a few weeks ago, and it mentioned that we were using a non ICSA-certified firewall: pf, in the form of pfSense. This was accompanied by some rather drastic warnings about how open source was targeted by hackers! and implied that ICSA certification was a mark of quality rather than a purchasable certification. All bogus, of course.
The reason I’m starting this review with this little story is to note that while open source has become well-accepted for system and application software, there’s still a lot of people that expect commercial hardware to be exclusively handling data once it leaves the server. That’s been valid for a long time, but software like pf represents a realistic option, or even an improvement, over many commercial and proprietary options. Since pf exists in one form or another on all the BSDs, it’s a tool you should be at least somewhat familiar with.
Peter N. M. Hansteen has written about pf first online, and then in printed form, for some time. The Book of PF is in its third edition, and that’s what I have to read. (Disclosure: No Starch Press gave me the book free, without requirements)
The book is excellent, and easier to read than I expected for a book about network processing. It can be read in linear form, as it takes the reader from simple to more complex network layouts. It works as a reference book, too, as it focuses on different tools around pf and what they are used for.
It covers the different pf version in OpenBSD, NetBSD, and FreeBSD, and DragonFly gets at least a partial mention in some portions of the book. For example, OpenBSD recently removed ALTQ, but the other BSDs still use it. With- and without-ALTQ scenarios are covered every place it applies. You’re going to get the most mileage out of an OpenBSD setup with it, though.
The parts where the book shines are the later chapters; the descriptions of greylisting and spamd, the traffic shaping notes, and the information on monitoring pf will be useful for most anyone. It’s quite readable; similar in tone to Peter’s blog. If you enjoy his in–depth online articles, the book will be a pleasant read.
It’s available now from Amazon and directly from No Starch Press. It’s linked in the book slider currently running on the right side of this site, too.
Last of the year!
- Glitches: A kind of history. (via)
- Speaking of glitches: Breaking Madden is still going.
- First Commits. (via)
- Your Friendly North Korean Network Observer. (via)
- The SoftSel Hot List for 1986.
- Steel Mill Hacked. How long until having operations disconnected from the Internet becomes a sign of quality for a business? (via)
- Rooms and Mazes: A Procedural Dungeon Generator. (via)
- The Infocom virtual machine, made
fleshsilicon. (via) - DOSBox in the browser. “…watching a miracle with every boot.” (via)
- Inadvertent Algorithmic Cruelty (via)
- The Future: A Cat Litter Box and DRM. “Internet of Things you can’t own”. (via multiple places)
- When Security Goes Right. This is how problems should be handled.
- Images of Math, a tumblr. (via)
- Two eras of the Internet: pull and push. (via)
Your unrelated link of the week: UpDog, a revolutionary communications platform. (via)
The list is shorter this week; I blame the Christmas holiday.
- OpenBSD now has position-independent executables for some architectures. That may mean changing your upgrade strategy. (5.6 upgrade guide here)
- FreeBSD now has frequency/voltage control on the Raspberry Pi.
- There’s a lot of v7 ARM architectures. I can see why people are waiting for AARMv8.
- FreeBSD has a new NFS client/server.
- RamNode is another VPS provider that supports BSD. (via)
- Also, cloudspin.me.
- [ is a binary program.
BSDNow isn’t slowing down for Christmas, cause there’s a new episode up. There’s two interviews this time – Erwin Lansing, about BSD in Europe, and Cristina Vintila, about BSD conferences. The rest of the episode is a bunch of “How did you get into BSD?” stories from viewers, both in text (i.e. read out from email) and the occasional video answer.
One way to keep file history on an very active Hammer disk from eating up all the space: more snapshots. This may seem counterproductive, but disk pruning eliminates historical data between snapshots, so you can keep older data at the cost of some temporal accuracy.
As part of another thread, Steve Petrie posted an in-depth description of how and where and why he’s using DragonFly. Worth looking at either for workflow tips or for just seeing the use case.
BSDTalk 249 is an 11 minute interview with Scott Long, who is involved with Netflix’s FreeBSD-based local caching appliances. This conversation is from MeetBSD 2014, though I heard Scott talk about the same subject at the last NYCBSDCon – it’s an astounding amount of data flowing through those machines.
I am slightly confused about which day it is.
- Dinosaur’s Pen, excellent old technology pictures. (via)
- Ultima Ratio Regum, a roguelike walking simulator in development. Currently Windows-only.
- 2014 Cacowards winners. These will probably run on most any BSD with a Doom port. (via)
- Effectively Managing Memory at Gmail Scale. All the management issues were in the browser. (via)
- The 12 days of Unix.
- “the artifacts of any media format define its aesthetic like a cultural permalink” (via)
- Origins of the Tablet. (via)
- Hybrid Water Computer. (also via)
- Computers are People, Too. 1982 computer graphics and Disney. (via many places)
- USBdriveby. Maybe gumming up the data parts of your USB ports isn’t such a bad idea. (via)
- Intercal: The Worst Programming Language Ever. A video. (via)
- Why I don’t like hackathons, by Alex Bayley aged 39 1/2. What he describes is very different than the BSD hackathons I’ve known of. (via)
- Useful syadmin tools. Here’s a gift list…
- Learning Unix.
I sort of lost a day this week because of an accidental 20-hour workday, but I still have the links:
- I love cross-pollination. (plus)
- “Why I (mostly) hack on BSD licenced stuff: so I don’t have to deal with this.“
- Tips on pkgsrc packaging.
- Kerberos IV is going away in pkgsrc.
- The pkgsrc-2014Q4 freeze is on.
- A new way to build NanoBSD.
- A new ZFS ARC tunable you may need.
- I could have sworn vigr(8) already existed.
- PC-BSD is moving to Qt5.
- A domain blocking script.
- Showing remote programs on your Mac using X.
- Long thread about BSD VPS hosting. (consensus: try RootBSD or Vultr.)
- OpenBSD man is now really mandoc.
- freebsd-update issues for 10.1.
- Steam on PC-BSD 2. (video)
- The (new) PC-BSD upgrade to 10.1 is available.
- Sunday Morning Linux Review on “FreeBSD Mastery: Storage Essentials”
- Sudo: You’re Doing It Wrong.
- “…what’s the best place to start learning about BSD?“
Note: corrected VPS hosting link.
BSDNow 068 has a large number video links to various BSD conference videos, a bunch of other article links,, and an interview of Michael W. Lucas about his new FreeBSD Mastery: Storage Essentials book.
From a question about mixing in a SSD and a very slow disk: swapcache can make things better, though I suggest other crazy arrangements.
If you really, really want to make sure you aren’t pulling in any parts of X when installing dports, and you’re building from source, there’s a few options you can set to keep X11 off your system. You can even go farther.
I had to type it that way because it rhymes. Sascha Wildner has committed an IPMI driver port, tested/watchdogged by Markus Pfeiffer. What’s it do? It’s a machine management standard.
Minimal link text this week. It just happened that way.
- random in the wild
- Best Unix time-savers
- Where apps end and the system begins.
- The password? You changed it, right?
- Live network attack map. (via)
- Playing with my son.
- At the computer farm. (via)
- Typography in sci-fi: Alien. (via)
- Turing Complete User. (via)
- XLennart. XBill + systemd (via IRC)
- OSI: The Internet That Wasn’t. (via)
- FOSSASIA, March 13-15, 2015, Singapore. (new to me)
- Nethack: the best game of all time? I still like Angband more. (via)
- moreutils, additional Unix-style utilities. (via)
- Plan9Front. (indirectly via)
- Wang Calculators. Neat physical wiring and even Nixie tubes! (via)
- Fixing a computer with the right type of string. (via)
- Previous, a NeXT emulator. I like the name. (via)
- From the previous source, lighting a NeXT cube on fire.
- “Was isolated from 1999 to 2006 with a 486. Built my own late 80s Operating System” (via)
Get ready for some reading.
- There’s some packages moving from pkgsrc-wip to pkgsrc proper.
- pkgsrc-2014Q4 branching is planned for Monday the 15th.
- PC-BSD now has an automatic package/security patch upgrade mechanism.
- Steam on PC-BSD. Holy grail, there.
- PC-BSD needs testers for the new Update Manager, for moving from 10 to 10.1
- NetBSD has imported BIND 9.10.1-P1.
- OpenBSD has added skgpio(4), a driver for the Soekris net6501 GPIO port and LEDs.
- OpenBSD has updated Unbound to 1.5.1.
- Some Japanese input methods for OpenBSD that may work on other BSDs, too.
- pfqstat, a replacements for pfstat designed to work with Charted.
- I don’t know what the ‘BERI Virtio Networking Frontend’ is, but FreeBSD’s got it.
- fstyp(8), the filesystem detector.
- FreeBSD has added AES-ICM and AES-GCM modes to OpenCrypto.
- If you’re stopping in NYC, NYCBUG would like to hear you talk on a topic of interest.
- The case for distributed operating systems in the data center. Sounds like DragonFly’s original charter. (via)
- BSDNow wants to hear your getting-into-BSD story.
- OpenBSD libc version 78.
- There’s a lot of FreeBSD systems at NYI.
- “FreeBSD Mastery: Storage Essentials” is now in physical print.
- “Networking for System Administrators” is next to come out.
- And “Tarsnap Mastery” is next to be written.
- …We’re all benefiting from Michael Lucas going full-time on writing.
It’s possible, if you are several releases (years) behind, to end up with a DragonFly system that can’t compile and install the current release, due to incremental changes over time. It’s rare, but it could happen now between, say, version 3.4 and 4.0. The usual solution would be to incrementally upgrade in order, which is a lot of building and updating. The alternative is the new installworld-force option from Matthew Dillon that forces a new set of binaries into place. Use as a last resort.
If you want to help I/O performance when DragonFly is virtualized, here’s a short checklist of what to work on. I haven’t noticed any problems – but I’m not taxing any of my VMs that heavily.
BSDNow’s episode this week focuses on the just-released Bitrig 1.0, and has an interview with Patrick Wildt of that project. There’s also coverage of other topics, including the new poudriere release – that’s the tool that bulk builds packages for DragonFly and FreeBSD, though I don’t know if it’s unified across both operating systems yet.
bycn82’s rewrite of IPFW2 is available as a git branch to try out; he’s posted the link. Please try, especially if you are still working with the original ipfw.
(note: remember, ‘ipfw’ in DragonFly is what was called ‘ipfw2’ years and years ago because it was a replacement of the original ‘ipfw’ in FreeBSD. It was called ipfw2 but referenced as ipfw so that the same commands worked. Technically, this branch bycn82 is working on would be ipfw3, but he keeps referring to it as ipfw2. Confused? Good.)