rigoletto@
Developer
- dracut as default initramfs creator
I never got why people do insist in using initramfs, that is not needed at all (just got the things more complicated) unless for some very specific software like plymouth.
- dracut as default initramfs creator
I never got why people do insist in using initramfs, that is not needed at all (just got the things more complicated) unless for some very specific software like plymouth.
Besides not using systemd what was it that made it interesting?
It is what has to use a license that basically says "violate my code as you want as long as you say that that is my code" that everyone will violate it, like nintendo, playstation etc....
Some other cool stuff in Void:
...
Great support for ARM and especially i686 (which many distros are dropping)
...
Personally I installed it on my Rpi3 for a mini-server
...
One of their main developers Greg Fitzgerald, is also a FreeBSD port maintainer
I would take slow over buggy, incorrect, full of security holes, and mostly undocumented (or inadequately documented) any day or night. I know FreeBSD is never going to use LibreSSL, vanilla OpenSSH, or God forbid updated version of PF due to the bad blood between the camps and I am at peace with it. However, I would never put FreeBSD machine as a perimeter firewall or such. My FreeBSD file servers in terms of security are treated just like Red Hat Linux (I don't have Windows machines). Means they need protection of OpenBSD servers to survive the Internet.LibreSSL is slow compared to openSSL.
Are there any flaws with using a minimal FreeBSD + pf for such a gateway machine? I'm just about to create a firewall for my home (as a bhyve vm with two NICs assigned by PCI passthru, I planned to use them as a lagg(4) device with vlans on top) and if FreeBSD isn't suitable for that purpose, I could of course have this vm run OpenBSD ... anything I should read about that topic?However, I would never put FreeBSD machine as a perimeter firewall or such.
Depends on your risk averse level. Don't get me wrong there are people running ISP businesses of FreeBSD. Your lost me when you start taking about virtual machines and perimeter firewall. Virtual machines including OpenBSD's vmm and security are mutually exclusive concepts.Are there any flaws with using a minimal FreeBSD + pf for such a gateway machine? I'm just about to create a firewall for my home (as a bhyve vm with two NICs assigned by PCI passthru, I planned to use them as a lagg(4) device with vlans on top) and if FreeBSD isn't suitable for that purpose, I could of course have this vm run OpenBSD ... anything I should read about that topic?
Bad news for all these cloud service providers then Well, alright, that's a whole different level you're talking about if the possibility to break out of a VM is to be considered. Definitely makes sense for an enterprise network -- not so much for me at home So I guess I'll just stick to FreeBSD for simplicity.Virtual machines including OpenBSD's vmm and security are mutually exclusive concepts.
The more I think about it, the more I would like a small howto about pf.
Seriously speaking, what the advantage of PF over IPFW?
I mean,I've always found IPFW so damn good,featured,understandable and easy to use that never felt the necessity to explore something else, outside DragonflyBSD's IPFW3 (which I sugesst you to check out if you haven't already )
After having faced the nightmare of learning iptables because of the Void Linux Rpi3 server, I just came to the conclusion that IPFW/IPFW3 was the best I could get for both desktop and home server.
So my question (driven from curiosity and sincere interest) is: where does PF fare better than IPFW , in terms of security, performance, features, versatility, documentation, sintax,maintainance, integration wirh other base system utils like natd, or 3rd party siftware like squid, etc..?