Recent and Not So Recent Changes in OpenBSD That Make Life Better

by
Fnord666
from SoylentNews on (#5NTBD)

canopic jug writes:

Consultant and author Peter N M Hansteen has written up an overview of recent and not so recent changes in OpenBSD that make life better (and may turn up elsewhere too). He covers a few decades of developments that he has found particularly useful and explains why. He covers greylisting, spam filters, OpenSSH, and of course PF.

When I found OpenBSD more than twenty years ago, my main Unix exposure was from working with Linuxes and FreeBSD. What attracted me to OpenBSD and finally had me buy an OpenBSD 2.5 CD set was the strong focus on security and code correctness. When the CD set and the classic wireframe daemon T-shirt finally arrived in the mail, I set about at first to install it on whatever spare hardware I had lying around.

[...] OpenBSD has had traffic shaping available in the ALTQ subsystem since the very early days. ALTQ was rolled into PF at some point, but the code was still marked experimental 15 years after it was written, and most people who tried to use it in anger at the time found the syntax inelegant at best, infuriating or worse at most times.

So Henning Brauer took a keen interest in the problem, and reached the conclusion that all the various traffic shaping algorithms were not in fact needed. They could all except one be reduced to mere configuration options, either as setting priorities on pass or match rules or as variations of the theme of the mother algorithm Hierarchical Fair Service Curve (HFSC for short).

Soon after, another not-small diff was making the rounds. The patch was applied early in the OpenBSD 5.5 cycle, and for the lifetime of that release older ALTQ setups were possible side by side with the new queueing system.

OpenBSD is a complete operating system and originally forked from NetBSD back in 1995 which forked from 386BSD which was ported from 4BSD. It's emphasis is on portability, standardization, correctness, proactive security, and integrated cryptography. The current release, 6.9, is its 50th release.

Previously:
(2020) Using OpenBSD Routing Tables to Segment the Home Network for Privacy
(2020) The OpenBSD Project's 25th Anniversary
(2020) WireGuard Imported Into OpenBSD
(2017) OpenBSD and the Modern Laptop
and many more...

Original Submission

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title SoylentNews
Feed Link https://soylentnews.org/
Feed Copyright Copyright 2014, SoylentNews
Reply 0 comments