It has been so long since I ran a #BSD that I don't even remember which BSD it was.
Uncategorized
7
Posts
3
Posters
11
Views
-
It has been so long since I ran a #BSD that I don't even remember which BSD it was. (I could probably dig up that info...)
Circa 20 years ago I used to run BSD gateway/router machines.
I think I'd like to do this again, for a variety of reasons.
But which BSD should I run for this kind of network gateway. It won't host any applications, it won't be a NAS, it'll purely be network/gateway... it'll have the telco router on one side, internal network on another, and one or two DMZ/separate type networks (one for hosting external facing things like Mastodon, the other for untrusted IoT stuff.) It'll run dhcp, dns, and probably be a VPN endpoint.
I do not want to run some specialist gateway adapted customised thing with dashboards etc, just want a plain vanilla OS. (And no bullcrap like containers, docker, etc. Just an OS running on a physical box.)
So, what OS should I run on my network gateway: #OpenBSD, #FreeBSD, #NetBSD
-
It has been so long since I ran a #BSD that I don't even remember which BSD it was. (I could probably dig up that info...)
Circa 20 years ago I used to run BSD gateway/router machines.
I think I'd like to do this again, for a variety of reasons.
But which BSD should I run for this kind of network gateway. It won't host any applications, it won't be a NAS, it'll purely be network/gateway... it'll have the telco router on one side, internal network on another, and one or two DMZ/separate type networks (one for hosting external facing things like Mastodon, the other for untrusted IoT stuff.) It'll run dhcp, dns, and probably be a VPN endpoint.
I do not want to run some specialist gateway adapted customised thing with dashboards etc, just want a plain vanilla OS. (And no bullcrap like containers, docker, etc. Just an OS running on a physical box.)
So, what OS should I run on my network gateway: #OpenBSD, #FreeBSD, #NetBSD
@yvan I'd use OpenBSD or FreeBSD. The good thing is that, if you're using FreeBSD, you can make it read only in a very simple way: https://it-notes.dragas.net/2024/05/31/freebsd-tips-and-tricks-native-ro-rootfs/
-
@yvan I'd use OpenBSD or FreeBSD. The good thing is that, if you're using FreeBSD, you can make it read only in a very simple way: https://it-notes.dragas.net/2024/05/31/freebsd-tips-and-tricks-native-ro-rootfs/
@stefano thanks! Yes, RO root would be a very good thing for this use case. Bookmarked!
-
undefined stefano@mastodon.bsd.cafe shared this topic
-
@stefano thanks! Yes, RO root would be a very good thing for this use case. Bookmarked!
@yvan @stefano read-only root on OpenBSD is easy:
. mount_mfs /dev with size 20m and -P option pointing to a copy of /dev; needed for writable device files; copy of /dev in any dir can be created with 'sh /dev/MAKEDEV all'
. Writable /etc/random.seed is needed at shutdown/reboot. So, make it a symlink to /var/db/random.seed or /var/run/random.seed.
. Test above and set mount / mount option in fstab to ro. -
@yvan @stefano read-only root on OpenBSD is easy:
. mount_mfs /dev with size 20m and -P option pointing to a copy of /dev; needed for writable device files; copy of /dev in any dir can be created with 'sh /dev/MAKEDEV all'
. Writable /etc/random.seed is needed at shutdown/reboot. So, make it a symlink to /var/db/random.seed or /var/run/random.seed.
. Test above and set mount / mount option in fstab to ro.@speedbone @yvan it is. But officially unsupported, so it will break if you don't repatch it after upgrades.
That said, I'm using it. But the "ro" option on FreeBSD is officially supported. -
@speedbone @yvan it is. But officially unsupported, so it will break if you don't repatch it after upgrades.
That said, I'm using it. But the "ro" option on FreeBSD is officially supported. -
@speedbone @yvan absolutely, and doing it on OpenBSD is great as OpenBSD is probably the best platform for this task.
Gli ultimi otto messaggi ricevuti dalla Federazione
-
Bitcoin, un asset in cerca di narrazione
Per il bitcoin un forte ribasso ma finora solo a metà strada dei precedenti. Un asset in crisi di identità, cioè di una ragione per esistere
https://phastidio.net/2026/02/02/bitcoin-un-asset-in-cerca-di-narrazione/
-
@cwicseolfor haha I wholeheartedly agree. I have given up on searching for answers to technical things on the web, when I can just ask the question here and get brilliant advice and solutions in under 2 minutes.
There are so many incredibly smart and generous people on here, willing to help ❤️
-
-
@skinnylatte Thanks for the tip 😄 I have never used AI, somehow cannot bring myself to it. It might also be I avoid using it so that I still exercise my brain capacities? Now, if there is a problematic question, I shall now put it online for some help.
-
@byteseu alle olimpiadi di Cortina terroristi Iran contro terroristi ICE
-
@muffa stellina 🌟
-
@gundersen i plug in for the good vibe
-
@MilInMov attenzione agli infiltrati da meloni per fare casino e giustificare i suoi decretini liberticidi!
