HardenedBSD experimental builds

Started by franco, August 28, 2015, 12:20:07 PM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
October 03, 2015, 06:27:02 PM #15
It ought to work once I get the right bits pushed to the web server. I've got a few high-priority things going on and will hopefully take care of that part by the end of October.
November 12, 2015, 05:56:59 PM #16
I just documented my build setup: http://0xfeedface.org/2015/11/07/hbsd-opnsense.html

So I realize I just said that my latest build supports binary upgrades, but due to some issues with going from 15.7.16 to 15.7.18, I'm going to say that it's not possible to do a binary upgrade. There's also a few more changes I should make to the UI (like removing all the mirrors in one of the drop downs). I'm expecting to work on a new build any time within the next 30 days. I'm slightly on the busy side these days with work and a cute wife.

Thanks for all those who are helping test this!
November 12, 2015, 08:54:14 PM #17
I really look forward to 11-CURRENT. :)
November 13, 2015, 06:14:31 AM #18
This is exciting!
November 28, 2015, 04:27:22 PM #19
Here's a little status update and a sneak peek:

I have an 11-CURRENT build that I'm testing out. However, there are two issues:

  • pfsync kernel panic: I've disabled pfsync for now, so no HA setups.
  • Wireless non-functional: The wireless stack on FreeBSD 11-CURRENT has changed quite drastically. Wireless is broken. I've filed a bug report here: https://github.com/opnsense/core/issues/480.

I've also now figured out how to build for the Netgate APU4. My next builds will contain images for: generic, netgate rcc-ve 4860, and the netgate apu4. Please be aware that this build will require a full reinstallation, but backing up and restoring your config ought to work like normal. Going forward, I'll only be using -CURRENT.

Screenshot of a working test installation on my Netgate RCC-VE 4860: http://imgur.com/XVHcZV7
November 28, 2015, 10:14:25 PM #20
11 on hardened will be a great step forward with the new improvements to suricata on the dev opnsense builds I simply cant wait to try them.
November 30, 2015, 08:07:04 AM #21
Quote from: lattera on November 28, 2015, 04:27:22 PM
pfsync kernel panic: I've disabled pfsync for now, so no HA setups.

Shawn, we have zero modifications in this area, can you report this upstream?

Quote from: lattera on November 28, 2015, 04:27:22 PM
Wireless non-functional: The wireless stack on FreeBSD 11-CURRENT has changed quite drastically. Wireless is broken. I've filed a bug report here: https://github.com/opnsense/core/issues/480.

One could argue that upstream broke it. ;)

Quote from: lattera on November 28, 2015, 04:27:22 PM
My next builds will contain images for: generic, netgate rcc-ve 4860, and the netgate apu4.

A little off-topic, but curious: what's the difference between generic and netgate apu4?
November 30, 2015, 02:04:14 PM #22
Yup. Both of these issues are caused by changes upstream (FreeBSD). Neither are caused by OPNSense.
December 04, 2015, 06:05:14 PM #23
Shawn, I still have the syslog port update in my queue. Will be done soon. :)
December 04, 2015, 06:07:52 PM #24
Cool! Thanks! It'll be another couple weeks before I can work further on the wireless issues. I've got a patch to core.git that I've yet to commit to hbsd's fork that starts the port. I need to get back with Adrian Chadd to see if the wireless issues I'm having on 11-CURRENT with hostap mode are specific to me or if he can reproduce. I'll be celebrating five years of marriage with my wife next week, so it'll be a while before I can finish this up.
January 12, 2016, 02:08:09 PM #25
Btw, the link in the wiki to the HardenedBSD images is broken
Print
Go Up Pages 1 2
User actions