Posts Tagged ‘freebsd’
This year I was a bit more lucky than last year, so I not just prepared for FOSDEM but actually could fly to Brussels and participate. And not just FOSDEM but an “after party”, a very interesting brain storming session in Antwerp called Monitoring Love.
On the first day I participated mostly ARM related presentations and visited various Linux distributions, BSDs, software and hardware projects in the exhibition area. Maybe I’m following Linux on ARM too closely, but the ARM related talks did not provide too much new information to me. On the other hand the exhibition area was great filled with many interesting people to meet.
Here are just a few pictures from openSUSE, Fedora and *BSD:
The second day there were a lot more presentations related to my professional interests. And this was also the day, when I gave my presentation. At the end I visited the exhibition area again.
There was a presentation about the past two years of systemd. One of the topics was how many core Linux components were replaced by systemd. One of these is syslog, and I was glad to learn, that while syslog is being removed from default installs, syslog-ng still has many uses. It’s replaced only on standalone desktops and it will stay so.
Next I attended a couple of presentations dealing with upstream – downstream relations and the complexity of dealing with different distributions and many different versions of related softwares. My presentation was also related to this topic: how to be a good upstream project – from the point of syslog-ng. The best part came right after my presentation: talking to guys who actually work on packaging syslog-ng for various Linux distributions, who I never met in person before, but exchanged many e-mails with.
Before leaving towards Antwerp I visited the exhibition floor once more. As it was end of day two, it was a lot less crowded. This gave me a chance to take some pictures about some interesting projects: a six legged robot and also a humanoid. I read the handout from the makers of the humanoid robot only at home: they are looking for developers. It made me think again that I should refresh my coding knowledge and extend it with some python
The next two days I spent in Antwerp at the Inuits HQ at the Monitoring Love brainstorming. I met many interesting people here, researchers, developers, sysadmins, devops. Some became quite enthusiastic hearing about the possibilities of syslog-ng’s patterndb technology. The most often heard abbreviation during the two days was AMQP. The freshly released syslog-ng 3.4 has support for an AMQP destination. It will be even more supported in the upcoming 3.5 version along with many other interesting new features. You can follow syslog-ng development at https://github.com/balabit
This week was very busy in terms of releases. On Tuesday Fedora Core 18 was released. On Thursday openSUSE beta1 was released and there were also two syslog-ng releases. Of course, I tested all of these before and after release!
I was impatient, and started testing Fedora 18 already a week earlier while still in the release candidate phase. I compiled syslog-ng 3.4RC1 on it and even documented the process to prove that compiling packages on Fedora is nothing magical and needs only just a few simple commands. A week later FC18 was released, and I installed it to a physical machine instead of Vmware to get a better feel of it. The target machine was a FitPC3, a small, yet powerful machine. I used a pendrive as installation source, and enjoyed the brand new installer, which is the major feature of the FC18 release next to the usual version upgrades. The installer became a lot more simple, logical and also faster. The only part which needs some additional love from developers is the partitioner. It probably became a bit too simple and also a bit buggy. I did the exact same steps three times to repartition the machine: two times failure, and doing the exact same mouse clicks for the third time I succeed…
The tiny machine was also the target for another release test: openSUSE 12.3 beta was released on Thursday. This release has a couple of new window managers previously not included in openSUSE, like “awesome” and “e17”. I also tried included KDE 4.10RC, as I was a KDE user for many years. I must admit, I quickly switched back to XFCE This beta is the first Linux distribution to carry syslog-ng 3.4, in release candidate form this time. As the FitPC3 has eSATA and gigabit Ethernet, I also did some performance testing. Using a single eSATA HDD, designed for NAS usage, and I could easily fill the full gigabit bandwidth, reading and writing with over 100 megabytes a second using NFS and SMB. So openSUSE and FitPC3 proved to be also a solid server platform
Thursday was also the day for two syslog-ng releases. The first one was a bugfix release for the current stable syslog-ng, version 3.3.8. The other was syslog-ng 3.4RC2, the second release candidate for the current development version of syslog-ng. I tested both both versions before release on my favorite platforms: openSUSE and FreeBSD. Once they were released, I prepared my openSUSE and SLES packages as usual and helped updating the FreeBSD ports. All of these are available from their regular locations, linked from the 3rd party binaries page of the syslog-ng OSE website.
If you found this page because of Fedora or openSUSE instead of syslog-ng, I definitely recommend checking out our new introductory video about syslog-ng:
The FreeBSD 9.1 release was announced in the last days of 2012 with many interesting new features and bugfixes. My favorite items are performance improvements, better Intel graphics and sound support, many ZFS improvements and many new jail features. For a complete list check the release notes. It is the new long term support version of FreeBSD, so I expect to see a mass update from 8.X to 9.1 in the coming months. I have FreeBSD 9.1 already running in vmware and also plan to try PC-BSD, as they also have a server version now, according to the annoucement.
This release comes only with a smaller number of pre-compiled packages, only the major desktops are included as those take a very long to compile. There is no syslog-ng package, but as usual, it’s available from the ports. As always, ports shipping with the release are outdated. Updating to the latest ports by portsnap or svn is recommended, which allows the use of the latest stable syslog-ng release, version 3.3.7. For those, who are interested in the upcoming syslog-ng 3.4, beta1 is included in ports as sysutils/syslog-ng-devel. You can read more about what’s new in 3.4 in Bazsi’s blog.
Recently there were two release candidates published. Both help to make syslog-ng testing easier.
One is for syslog-ng 3.3.7, called syslog-ng 188.8.131.52. It’s not something to checkout from git, or an automatically generated git snapshot, but a well defined point in time where all known problems in the current 3.3 git head are fixed: https://lists.balabit.hu/pipermail/syslog-ng/2012-September/019365.html
The other one is for FreeBSD, a new port called sysutils/syslog-ng-rc. Right now it contains the above mentioned syslog-ng 184.108.40.206, in the future it will be the port where changes are introduced first. So we have four syslog-ng related ports now for FreeBSD: sysutils/syslog-ng2 for the ancient, unsupported, but still in use 2.0 version, sysutils/syslog-ng for the latest stable version, sysutils/syslog-ng-rc to test changes before the go to the stable version, and also sysutils/syslog-ng-devel for the latest development release (3.4alpha3 at the moment).
For years I was using miniature PowerPC and ARM machines as gateway for my SoHo network. A normal Linux install using openSUSE or Debian, with iptables, proxies, sometimes an IDS or even a torrent server to seed openSUSE alpha/beta/release CDs. While it was fun, these machines were never intended to do this job, additional Ethernet interfaces were on USB, could not keep up with today’s broadband speed increase, and did not like the near 7/24 operation. Now I got a chance to try a machine, designed to be run 7/24, passive cooling and multiple Ethernet ports, so a real gw machine, an eBox 3310mx instead of some nice hacks.
As a FreeBSD maniac, the first firewall distribution I tested on the machine was pfSense. In addition to being a flexible and powerful firewall and routing platform, it can be extended with many add-on packages for IDS (Snort), VoIP, caching proxy (squid), etc. All these arrive with convenient and uniform web interface extensions to the base web GUI.
Using pfSense I had some mixed results. The machine is based on the Vortex86 SoC, which also includes an Ethernet port. In theory FreeBSD is supported, in practice it did not work, only the additional two Ethernet ports. On the other hand, this was the fastest networking stack on the machine: I often measured faster downloads than theoretical maximum on my ADSL line.
As I also wanted to test a three Ethernet setup, so I also downloaded a Linux based firewall distribution. I was recommended to try ZeroShell, but after a few hours I gave up on installation. Then I tried IPCop, a simple, easy to use firewall distribution. Still it had many more features and yet easier to use than my SoHo router box. It has some nice graphs, traffic shaping, VPN connections, a lot more flexible firewall and logs about network activity. On the other hand, while there was support for the on chip Ethernet, its speed was less than optimal.
The best Linux experience I had on the machine was using it with Debian. Installation was quick and easy. Network speed was close to theoretical maximum on each interface. And as it’s a general purpose distribution, I could easily add NAS functionality using USB hard drives and necessary software.
Talking about Debian, I have some good news for you: Zorp GPL packages are available for Debian, as it was announced on the Zorp mailing list recently. This makes installation of Zorp GPL a lot more easy on many different versions of Debian and Ubuntu. Still not as easy as the web GUI based firewall distributions I tested, but thanks to its proxy based architecture, it can provide a lot stricter and fine tuned protection than any others I tested. For details on how to get started read announcement or the maintainers blog.
One of the main strengths of syslog-ng is that it runs on many different architectures. Not just on Linux, but on most BSD variants, AIX, HP-UX, Solaris and the Premium Edition also has clients for Windows and IBM System i. The platform I want to talk about now is FreeBSD. First of all, because it’s my favorite server platform, and also because FreeBSD users seem to like syslog-ng.
How do I know this? Some download statistics, some personal e-mails and also from forum messages:
- When we released the first alpha version of syslog-ng 3.4 and updated the sysutils/syslog-ng-devel port for it, I checked the source download statistics, and most of the downloads were initiated from FreeBSD systems.
- One of the major organizations supporting FreeBSD’s development asked us in private e-mail to enable SSL support by default in the syslog-ng port. Thanks to Cy, who maintains the package in FreeBSD ports, it’s enabled now, so the next time FreeBSD packages are built from ports, syslog-ng will have SSL support compiled in.
- Somebody asked for syslog-ng support in pfsense, a very nice FreeBSD based firewall distribution.
I used pfsense in the last couple of days, and I like it very much, as my Internet connection feels to be a lot faster now even without upgrading the line Once I have a little more time, I’ll check how difficult it would be to integrate syslog-ng into this nice firewall distribution.
The adoption rate of syslog-ng 3.2 is marvellous. It was made available for Mandriva on the date of the release, and about a week later openSUSE Factory has a package, thanks to Marius Tomaschewsky. I also received a patch to include support for cygwin into the system() source, courtesy of Corinna Vinschen. FreeBSD ports still has a 3.2beta1, hopefully it’ll be updated soon.