LinkedIn Sourceforge Twitter

Vincent's Blog

Pleasure in the job puts perfection in the work (Aristote)

Tell your BSD story

Posted on 2018-08-06 22:17:00 from Vincent in Open Bsd

Roman Zolotarev contacts me in order to answer some of his questions. Basically his idea is to help beginners to discover and use BSD operating systems and related projects.


Questions

The questions of Roman are listed on his page.

In short:
- Who are you?
- What is your favorite BSD system and why?
- How do you use it today?
- How to use BSD at work?

I'll put each question as a title and I'll provide my answers in the associated text

Preface

Unfortunately, I'm not a BSD developer. I do not port and patch applications in order to have them correctly compiled on BSD.
Usually, such interview goes to those persons who are contributing to the project.

But Roman asked me anyhow to answer those questions.

Who are you ?

My name is Vincent Delft, I'm a project and program manager since + 10 years having managed several complex IT and Telco projects / programs in Belgium and Luxembourg.
You can find all my professional life on LinkedIn.
But I'm also an enthusiast user (since 1998) of Opensource solutions. Mainly OpenBSD, Python and Postgresql.
In 2016 I've decided to share some of my stories, this is one of the goal of my blog.
Last element (I'm proud of it ;-)): with a total score of 87.9%, I'm happy owner of the BSD certification since February 2016.

I'm using Linux since 1998. At that time my goal was to develop a house's alarm server able to send short messages (sema digit).
The detailed story of this machine is here.

Since 1998, I've used several Linux distributions, but, for me, the best one was Gentoo. This was a really funny moment, surely with the energy that Daniel Robbins put in it.

But in 2009, I was looking for a simpler system than Linux. Easier to upgrade and easier to maintain release after release. After having looked at FreeeBSD, a little bit of NetBSD, I've selected OpenBSD.

Since that period, OpenBSD has never disappointed me.

On the server part, at that time, OpenBSD was a great system. On desktop it was a little bit more complex. I remind that, at this time, lot of websites were with Flash (not working on OpenBSD).

The point is that, as of today, all machines in my house are OpenBSD. From the NAS with a Time machine, the DAC using the wonderful sndio, the firewall, and even my kids have OpenBSD on their PCs (for school's tasks mainly on libreoffice ).

What is your favorite BSD system and why?

Back in 2007, during my visits at Fosdem, I've received a DVD of FreeBSD. I've install it, but I was not convinced by it.
So, as said just before, OpenBSD is my preferred system.

Openbsd is not the fastest, with most sexy GUI, ...
But it's so simple to use and maintain it.
Moreover, OpenBSD is very well documented, and 1 release every 6 months is a perfect cycle for my needs.

Moreover the openup tool developed by mtier is very good and complementary to the OpenBSD patch system. Indeed, openup provide patches for applications too.

I also like the port system of OpenBSD.
In fact, most of the time, I find the exact tool I need in this app store. OpenBSD port's developers are maintaining intelligently this repository. Most packages are up to date, runs nicely, ...

How do you use it today?

As you have understood, I'm using OpenBSD for Firewall, NAS, DAC, Laptop. But also for websites via vultr.com

On laptop I'm using openbox with Tint2 for the GUI part. I've shared some Tint2 snippets which facilitate me in several tasks. I have also developed a Network Manager Control in Python which allows me to easily switch from network interface.

On the firewall side, I've developed a solution on top of PF and DHCPD which allow me to control outgoing flows based on the users. For example, I'm able to block all advertising sites for all users connected on my wifi network. But I'm also able to cut internet connections for my kids after 23h (it's time to sleep no?). Such filtering can be fined tuned by categories (ads, porn, fishing, ...), users and hours. At home, this avoid lot of troubles on Android phones (the only machine where I cannot install openbsd).

For websites, I also have developed a system to ban bad visitors of my websites: log2table. This is a small daemon I've developed based on fail2ban principles.
More details here
In short, if someone is not doing good thing on my server (via http, ssh, ....), log2table will publish his IP address in a PF table. To each bad action those users increase their non-popularity. At one moment they goes to this table for which PF blocks them for several hours. They idea is to show those guys that, on my web site, they are loosing their time.

I'm also fan of several componenents of OpenBSD, like httpd, smtpd, ssh, ...
Those OpenBSD developers are so good.

How to use BSD at work?

That's a very good question.

I've not the answer.

I would really like to combine daily job and OpenBSD, But I've not yet found how to do it.

If anyone in Belgium is looking for OpenBSD solutions ... feel free to contact me :-)

  • I'll be happy to install a firewall. Tune it for their needs.
  • Why not provide OpenBSD laltops to technician always on the roads (with encryption, read-only, VPN, ...). So no more worries when a machine is lost or stolen. Moreover, those a very cheap machines (OpenBSD does not need lot of HW resources) ?
  • Why not setup small server interfacing with IoT devices (like I did for my alarm's system)?

I have several ideas, but this will only work if there are customers on the other side of the table ;-).



1, 0
displayed: 521



How much does 5 plus 2 ?