Fair Internet bandwidth management on a network using OpenBSD.
The point of this article is to explain how to use OpenBSD as a router on your network to allow the Internet access to be used fairly by devices on the network to guarantee everyone they will have at least a bit of Internet to continue working flawlessly.
I will use the queuing features from the OpenBSD firewall PF (Packet Filter) which relies on the CoDel network scheduler algorithm, which seems to bring all the features we need to do what we want.
https://dataswamp.org/~solene/2021-08-30-openbsd-qos-lan.html
#network #pf
The point of this article is to explain how to use OpenBSD as a router on your network to allow the Internet access to be used fairly by devices on the network to guarantee everyone they will have at least a bit of Internet to continue working flawlessly.
I will use the queuing features from the OpenBSD firewall PF (Packet Filter) which relies on the CoDel network scheduler algorithm, which seems to bring all the features we need to do what we want.
https://dataswamp.org/~solene/2021-08-30-openbsd-qos-lan.html
#network #pf
EuroBSDCon 2021 is Online. September 17-19, 2021.
As such, EuroBSDCon 2021 will be an online conference. Details on the practicalities will be provided closer to the event.
https://2021.eurobsdcon.org/
#conference
As such, EuroBSDCon 2021 will be an online conference. Details on the practicalities will be provided closer to the event.
https://2021.eurobsdcon.org/
#conference
Support OpenBSD’s pledge(2), unveil(2) in programming languages.
Some years ago OpenBSD 5.9 bring support of pledge(2) and later OpenBSD 6.4 bring support of unveil(2) system calls. Initially only C/C++ applications had possibility to use these system calls. Later people from community added support to many other programming languages that allows to use pledge(2) and uneil(2) in the most popular languages. Table below helps to understand status of it’s support in these languages...
https://bronevichok.ru/posts/pledge.html
#pledge #unveil
Some years ago OpenBSD 5.9 bring support of pledge(2) and later OpenBSD 6.4 bring support of unveil(2) system calls. Initially only C/C++ applications had possibility to use these system calls. Later people from community added support to many other programming languages that allows to use pledge(2) and uneil(2) in the most popular languages. Table below helps to understand status of it’s support in these languages...
https://bronevichok.ru/posts/pledge.html
#pledge #unveil
By default, scp(1) now uses SFTP protocol.
Thanks to a commit by Damien Miller (djm@), scp(1) (in -current) now defaults to using the SFTP protocol:
https://undeadly.org/cgi?action=article;sid=20210910074941
#ssh #scp #sftp
Thanks to a commit by Damien Miller (djm@), scp(1) (in -current) now defaults to using the SFTP protocol:
https://undeadly.org/cgi?action=article;sid=20210910074941
#ssh #scp #sftp
I got the J language working on OpenBSD.
J is an array programming language. That is to say, the fundamental data type in J is the array. J is a successor language of APL.
https://briancallahan.net/blog/20210911.html
#programming
J is an array programming language. That is to say, the fundamental data type in J is the array. J is a successor language of APL.
https://briancallahan.net/blog/20210911.html
#programming
obsd.jpeg
186 KB
OpenBSD development process visualized.
https://bsd.network/@ben_bai/106943409189934621
#release #system
https://bsd.network/@ben_bai/106943409189934621
#release #system
OpenBSD Webzine.
This webzine is done by volunteers who are passionate about the OpenBSD project development. Our goal is to allow people to stay informed about OpenBSD in a cool, fun and instructive way, like reading a regularly issued magazine of one's favorite hobby.
https://webzine.puffy.cafe/
#link
This webzine is done by volunteers who are passionate about the OpenBSD project development. Our goal is to allow people to stay informed about OpenBSD in a cool, fun and instructive way, like reading a regularly issued magazine of one's favorite hobby.
https://webzine.puffy.cafe/
#link
webzine.puffy.cafe
OpenBSD webzine homepage
Webzine created by volunteers who are passionate about the OpenBSD project development.
"The Style Hymn". Song for the 7.0 release.
https://www.openbsd.org/lyrics.html#70
https://ftp.openbsd.org/pub/OpenBSD/songs/song70.mp3
https://ftp.openbsd.org/pub/OpenBSD/songs/song70.ogg
#song #art
https://www.openbsd.org/lyrics.html#70
https://ftp.openbsd.org/pub/OpenBSD/songs/song70.mp3
https://ftp.openbsd.org/pub/OpenBSD/songs/song70.ogg
#song #art
4-Way Comparison of Compilation Performance on OpenBSD.
I recently bought the Asus ExpertBook B9400CEA. Buying newer hardware when using an operating system with a limited number of kernel developers like OpenBSD is always a bit of a gamble when it comes to how much will work as expected. This laptop looked like it was worth it. It seems to hit the sweet spot between portability, battery life, performance, and customizability (in my case especially multibooting with 2 separate M.2 SSD drives)...
https://portal.mozz.us/gemini/thfr.info/openbsd/Compile-Time-Comparison-Oct-2021/
#system #perf
I recently bought the Asus ExpertBook B9400CEA. Buying newer hardware when using an operating system with a limited number of kernel developers like OpenBSD is always a bit of a gamble when it comes to how much will work as expected. This laptop looked like it was worth it. It seems to hit the sweet spot between portability, battery life, performance, and customizability (in my case especially multibooting with 2 separate M.2 SSD drives)...
https://portal.mozz.us/gemini/thfr.info/openbsd/Compile-Time-Comparison-Oct-2021/
#system #perf
What every IT person needs to know about OpenBSD.
- How to have fun with the world’s most important free software project...
https://bsdly.blogspot.com/2021/09/what-every-it-person-needs-to-know.html
- Slides available here:
https://home.nuug.no/~peter/openbsd_needtoknow/#1
#system
- How to have fun with the world’s most important free software project...
https://bsdly.blogspot.com/2021/09/what-every-it-person-needs-to-know.html
- Slides available here:
https://home.nuug.no/~peter/openbsd_needtoknow/#1
#system
Full WireGuard setup with OpenBSD.
We want all our network traffic to through a WireGuard VPN tunnel automatically, both WireGuard client and server are running OpenBSD, how to do that? While I thought it was simple at first, it soon became clear that the "default" part of the problem was not easy to solve, fortunately there are solutions...
https://dataswamp.org/~solene/2021-10-09-openbsd-wireguard-exit.html
#vpn #wireguard #network
We want all our network traffic to through a WireGuard VPN tunnel automatically, both WireGuard client and server are running OpenBSD, how to do that? While I thought it was simple at first, it soon became clear that the "default" part of the problem was not easy to solve, fortunately there are solutions...
https://dataswamp.org/~solene/2021-10-09-openbsd-wireguard-exit.html
#vpn #wireguard #network
gqrss.
A tool to query and display GitHub issues relating to OpenBSD.
https://git.sr.ht/~qbit/gqrss
#system
A tool to query and display GitHub issues relating to OpenBSD.
https://git.sr.ht/~qbit/gqrss
#system
Packaging the DMD D compiler for OpenBSD.
I will be giving a talk at DConf 2021 about the larger adventure of D on OpenBSD. So I won't spoil everything in this blog post, but this blog post will be a part of the larger talk...
https://briancallahan.net/blog/20211013.html
#d #dev
I will be giving a talk at DConf 2021 about the larger adventure of D on OpenBSD. So I won't spoil everything in this blog post, but this blog post will be a part of the larger talk...
https://briancallahan.net/blog/20211013.html
#d #dev
How to setup goaccess to get nice stats with OpenBSD httpd.
https://si3t.ch/log/2021-10-18-goaccess-setup.html
#goaccess #web
https://si3t.ch/log/2021-10-18-goaccess-setup.html
#goaccess #web
How BSD Authentication Works.
... OpenBSD on the other hand uses a mechanism called BSD Authentication. It was originally developed for a now-defunct proprietary operating system called BSD/OS by Berkeley Software Design Inc., who later donated the system. It was then adopted by OpenBSD in release 2.9. BSD Auth is comparatively much simpler than PAM. Modules or, authentication "styles", are instead stand alone applications or scripts that communicate over IPC. The module has no ability to interfere with the parent and can very easily revoke permissions using pledge(2) or unveil(2). The BSD Authentication system of configured through login.conf(5)...
https://blog.lambda.cx/posts/how-bsd-authentication-works/
#auth #system
... OpenBSD on the other hand uses a mechanism called BSD Authentication. It was originally developed for a now-defunct proprietary operating system called BSD/OS by Berkeley Software Design Inc., who later donated the system. It was then adopted by OpenBSD in release 2.9. BSD Auth is comparatively much simpler than PAM. Modules or, authentication "styles", are instead stand alone applications or scripts that communicate over IPC. The module has no ability to interfere with the parent and can very easily revoke permissions using pledge(2) or unveil(2). The BSD Authentication system of configured through login.conf(5)...
https://blog.lambda.cx/posts/how-bsd-authentication-works/
#auth #system