Posted on
a pf question on VoIP

I have a pf question for anyone who is interested.  I have this setup in my /etc/pf.conf, to prioritize my VoIP link.  (this system also does NAT.)

extif="em0"
intif="nfe0"
ipphone = "192.168.0.101"
altq on $extif cbq bandwidth 768Kb queue { std, voip }
queue voip bandwidth 168Kb priority 7 cbq(borrow)
queue std bandwidth 600Kb priority 1 cbq(default)
nat on $extif from $intif:network to any -> ($extif)
pass in quick on $intif proto udp from $ipphone to any tag VOIP_OUT keep state
pass in on $intif from $intif:network to any keep state
pass out on $intif from any to $intif:network keep state

pass out on $extif tagged VOIP_OUT keep state queue(voip)
pass out on $extif inet proto tcp all modulate state flags S/SA queue(std)
pass out on $extif inet proto { udp, icmp, gre } all keep state

When I run this, ‘pfctl -s queue’ shows most of the data getting run through the ‘voip’ queue.  I unplug the ATA, I still see the number of packets going up.  It seems packets are getting tagged that shouldn’t be, but I’m not sure why.  Anyone else have a similar – but working – setup?

Update: it was the underscore character in the tag.  Everything matched it, it seems.  Removing that made it work as expected.

 

Posted on
Lazy Reading for 2013/01/13

It’s a very short week this week.  I was on the road for work, so I didn’t see anywhere as much of the Internet as I may have liked.  Count my dports writeup yesterday as part of this and it averages out to a good amount of reading.

  • Favorite Linux Commands.  Not all of them are Linux/bash specific.  (via)
  • Advanced Vim Registers.  Or buffers, or clipboards, if you want to get messy with terms.  (via)
  • “I hate BSD so much!”, he yelled at his spittle-flecked monitor.
  • TOME, a roguelike.  Read through the comments for discussion of many other roguelike games.

Your unrelated link of the week: New Tokyo Ondo.  via Jesse Moynihan, whose Forming comic on that site is an epic read.  Epic, as in it’s actually telling a NSFW world creation story.

Posted on
An early DPorts education

John Marino’s DPorts project, mentioned here briefly before, is interesting.  I had two separate people ask me how it works, so a better explanation is in order.  I’ve tried it out on a test machine over the past few weeks.

Background:

Dports is an effort to use FreeBSD’s ports system as a base for DragonFly, and the pkg tool as a way to manage binary packages built from DPorts.  This is complicated, so I’ll explain each part in order.

  • FreeBSD ports are a FreeBSD-specific collection of software installation files that automate building 3rd-party software on FreeBSD.  You’ve probably already heard of them.  (Note there’s no mention of DragonFly.)
  • DPorts is a collection of files that map to existing FreeBSD ports, and contain any changes necessary to make that port also build on DragonFly.  Many of those programs build without changes on DragonFly.  DPorts builds from source.
  • pkg is used for package management, and is usable on FreeBSD and on DragonFly.  The binary packages produced from building with DPorts can be installed from remote locations and managed separately using pkg, so that software upgrades and installation can be performed with binaries only.  (It’s much faster that way.)

Every port seen in DPorts is known to build on DragonFly.  John Marino adds a port only after it builds successfully, using poudriere as a bulk software tool.   Ports are only updated to a newer version when that newer version builds, too, so once something arrives in DPorts, it should never break from being updated at some point in the future.

Installing:

To use DPorts, you need two things:

  1. DragonFly 3.3 or later, though 3.3 is the most recent right now.
  2. You need to rename /usr/pkg so that your existing pkgsrc binary programs don’t get accidentally used while working with DPorts, causing confusion.  If anything goes wrong with DPorts when you are installing it and you want to go back, remove all the DPorts packages and rename /usr/pkg back to normal.

(Don’t confuse pkg, the management tool, with /usr/pkg, the normal installation directory for pkgsrc. ) For the installation of the base port files:

cd /usr
make dports-create-shallow

If you’ve already renamed your /usr/pkg directory, git won’t be in your path any more.  You can instead download a tarball and unpack it, which also happens to be possible automatically via that same Makefile.

cd /usr
make dports-download

Downloading via git is fastest, so if you do need to use the tarball via make dports-download, build devel/git, delete /usr/dports, and then pull it again with make dports-create-shallow.  This all comes from John Marino’s Github site for DPorts.

Managing DPorts

DPorts doesn’t use pkg_info, pkg_add, and the other tools traditionally seen on DragonFly for pkgsrc.  Instead, package management is done with pkg.   Use pkg info, pkg install, pkg remove, and pkg update to list, install, delete, and upgrade various packages on your system.  Packages built from source or downloaded as prebuilt binaries are managed the same way, using these tools.

See some of the other writing about pkg for FreeBSD for details on how it works.

Since DPorts doesn’t update a package until it gets a successful build, and installations are of successfully built binary packages, upgrades with prebuilt packages should always succeed.  Since they’re binary, they should be fast.  There’s a lot of ‘shoulds’  in this sentence, but these are reasonable suppositions.

What about pkgsrc?

Pkgsrc and DPorts shouldn’t be used at the same time, since one system’s packages may be at different versions but still get picked up during building for the other system.  That’s about it for restrictions.

I intend to try building an experimental release of DragonFly with DPorts, to see if all the right packages can be added, but no guarantees.  DPorts is brand new and does not yet have a repository for downloading packages, so the normal caveats apply; don’t install it on a mission-critical machine, and be ready to deal with any surprises from using it if you do try it out.

What packages are available?

Browsing the Github repo will show you all listed packages.  More complex packages like xorg, openjdk7, and libreoffice install, as does xfce.  Parts of KDE 3 and KDE 4 are in there.  (I haven’t tried either.)  I’m not sure about Gnome, but I don’t think anyone ever is.  There’s no vim, but there is emacs.

That’s just what I see at this exact minute.  It changes daily as more packages are built.  Changes from DragonFly builds are sometimes relevant to the original FreeBSD port, so there’s benefits for everyone here.

What next?

Try it now if it has all the packages you need, or wait for a binary repository to be created to speed things up.  Remember, this is a new project, so a willingness to deal with problems and contribute to fixes is necessary.

Posted on
Maintaining a wiki for fun

The Open Graphics Project, which is building a completely open video card, needs a wiki maintainer.  It’s a volunteer effort.  If you were perhaps thinking you wanted to step up to a more complex project but didn’t want to just be writing code, here is a perfect opportunity.

(Not too different from maintaining a project work blog, after all, and I know that’s rewarding.)