BSDNews 28/03/2016

Last week in BSD

Releases: HardenedBSD, FreeNAS, OPNsense
Other news: BSDSec, HardenedBSD, LibreSSL, MidnightBSD, BSDnow, BSDTalk, DragonFly BSD



New stable release: HardenedBSD-stable 10-STABLE v44

HardenedBSD-10-STABLE-v44 -

FreeNAS 9.10

Jordan Hubbard has announced the release of a new version of FreeNAS, a network attached storage project that is based on FreeBSD. The new version, FreeNAS 9.10, features the same user interface as the earlier 9.3 series, but with an updated FreeBSD core. "This is an interim release between the 9.3 series and 10 (which is still a few months away), using the same UI and middleware that everyone is used to from 9.3 but with new OS underpinnings, specifically FreeBSD 10.3-RC3. Coincident with this release of 9.10, we are also placing 9.3 into maintenance mode and will only be pushing further updates to the 9.3-STABLE train in response to the most critical security advisories or product flaws. We therefore strongly suggest that all current users of 9.3 upgrade to 9.10 in order to continue to benefit from the ongoing maintenance and bug fix work we will be doing on the 9.10-STABLE train. Most, if not all, bug fixes will be made exclusively to the 9.10-STABLE train in reaction to tickets filed on Again: Users who choose to stay on the 9.3-STABLE train will see only the most critical bug fixes and no new features or non-essential enhancements." This release also supports USB 3.0 devices and USB network adapters. Further information is available in the release announcement and release notes. Download: FreeNAS-9.10-RELEASE.iso (405MB, SHA256).

OPNsense 16.1.8 released

This quick 16.1.8 release is not a big update, but it means a lot. We have finished our full sweep of the GUI to update the look and feel of all pages and made the code ready for what is to come now: new features that are on our roadmap for 16.7. The first one will be the HTTPS proxy, but there is also NetFlow and improved statistics / reporting on the shortlist.
A day after 16.1.7 was out last week, FreeBSD 10.2-RELEASE-p14 was announced. Of the four patches enclosed, the two Hyper-V patches we have already brought to OPNsense over a month ago, the OpenSSH patch does not apply since we only use the port and already had it up-to-date. That leaves us with only one patch that we are shipping now to complete the experience.
Attention to everyone using OpenVPN + cryptodev acceleration: the cryptodev module along with older crypto drivers has been removed from the kernel itself, which means that if you need to keep using it, go to System: Settings: Misc and reconfigure your crypto hardware including an enable of cryptodev usage.
New images based on 16.1.8 will be out early next week.
Here are the full patch notes:
  • src: updated tzdata to version 2016b[1]
  • src: fix incorrect argument validation in sysarch[2]
  • src: fix pfi_table_update: cannot set new addresses
  • src: added APU2 temperature sensor support
  • ports: unbound 1.5.8[3], sudo 1.8.16[4], pcre 8.38[5]
  • proxy: better matching for overlapping URLs
  • universal plug and play: refactored pages for improved look and feel
  • vpn: refactored L2TP and PPTP pages for improved look and feel
  • openvpn: fix missed configure stage for Peer to Peer (TLS/SSL) mode
  • system: reworked the behaviour of thermal and crypto modules
  • firewall: tweaked a few rule indicator icons to improve clarity
  • firewall: improved alias validation on edit
  • interfaces: also add previous DHCP override fixes for IPv6
  • language: updated French and German

Het bericht OPNsense 16.1.8 released verscheen eerst op OPNsense.


MidnightBSD with Lucas Holt

MidnightBSD is around for more than 10 years, but still, the most of BSD users are not familiar with it. That's why we decided to have a quick chat with Lucas Holt, MidnightBSD's founder and lead developer. We will talk about how he got started and what he is working on right now. 

Lucas Holt is currently a Senior Application/Programmer Analyst - Team Lead at the University of Michigan. In his own words, MidnightBSD is a heavily modified version of FreeBSD 9.1 with a custom package manager, the sensors framework, ZFS, utilities from NetBSD, OpenBSD, DragonFly and MirBSD, and a good start on a desktop system.


Marking up the Ports tree | BSD Now 134

This week on the show, Allan & Kris have gotten a bit more sleep since AsiaBSDCon, which is excellent since there is a LOT of news to cover. That plus our interview with Ports SecTeam member Mark Felder. So keep it tuned to BSDNow, the place to B...SD!

bsdtalk263 - joshua stein and Brandon Mercer

This episode is brought to you by ftp, the Internet file transfer program, which first appeared in 4.2BSD.
An interview with the hosts of the Garbage Podcast, joshua stein and Brandon Mercer. You can find their podcast at
File Info: 17Min, 8MB.
Ogg Link:

clang in DragonFly, soon

John Marino has added the starting framework to use clang as the alternate base compiler in DragonFly.  Note that it’s not hooked into the build yet.  This is the first non-GCC compiler added into DragonFly, so there’s some work yet before you can have an all-clang system.  This should replace GCC 4.7, which is the current alternate compiler.  GCC 5.0 is the default, if you didn’t know.
Note that clang is present in dports, so it’s already been available for general use, for some time.  This framework is for building DragonFly itself.

Code stuff 


Jan Hovancik

software developer - guitar player - poetry lover