On Thu, Jan 29, 2004 at 02:22:29AM -0800, Mike Machuidel wrote:

> It may sound weird, but because of what the Linux
> community has become I would like to try and switch
> some of my systems over to FreeBSD. First I have some
> questions about what to expect:

You're welcome here, and I hope that you'll be treated with rather
more courtesy than your recent IRC experiences.
> Is there any alternative for Shorewall? If not, would
> it be wise to port it to FreeBSD?

There are two firewalls supplied with the base system: ipfilter -- see
ipf(8) and ipfw(8).  Ipfilter has been ported to several Unix
flavours, but IPFW is pure FreeBSD.  For most "home" uses either will
serve you well and it's a matter of taste as to which you prefer.  Be
sute and enable the IPFW2 stuff if you're using 4.x -- it's standard
in 5.x, but couldn't be made the default in 4.x due to the commitment
not to make severe API changes except between OS major versions.

Addifionally, OpenBSD's pf(8) is available in ports -- that started
off as a fork of ipfilter but it has added quite a lot extra
functionality.  5.x now has the PFIL_HOOKS mechanism as a generic way
to hook up any sort of firewall.  I'm sure that a port of Shorewall
would be well received, but it could never be included in the base
system as that would force the whole kernel under the GPL.
> Is FreeBSD using PAM by default? Will the combination
> of pam_ldap + nss_ldap + OpenLDAP work?

Yes, FreeBSD uses PAM -- it's actually the OpenPAM implementation --
see http://www.openpam.org/, which is a different implementation, but
functionally identical to what you've been using on Linux.

pam_ldap will work just fine on 4.x, but you'll have to use 5.x for
the nss_ldap functionality.  OpenLDAP clients and servers are readily
available from ports.
> Can FreeBSD resolve reverse dependecies? Is there
> something to clean up orphan dependecies?

You're talking "RPM hell" here aren't you?  FreeBSD ports basically
doesn't have that problem.  If you install pre-compiled packages it's
pretty much the equivalent to Debian's apt-get (although apt-get is
more fully developed as a package management system).  If you install
from ports -- ie. compiling from source -- it's quite similar to
Gentoo's 'emerge' (they copied us...), but the ports system is more
comprehensive, and seems to work a bit more smoothly then emerge.
> Does FreeBSD have something like SYSV modules (just
> asking, of course there's kill)?

There's quite a lot of SYSV compatability stuff -- the shared memory
(SHM) and other SYSV IPC mechanisms are fully supported.  The userland
is BSD-ish (of course), but nothing you can't get used to with a
little practice.  Possibly less than you might expect -- eg. the ps(1)
and df(1) commands in Linux are pretty much the BSD versions, unlike
say, Solaris or HP-UX which are purer SysV.

Probably the biggest difference to Linux is using the Bourne shell
/bin/sh for scripting, rather than BASH or the Korn shell (both of
which are available in ports, but will be installed to
/usr/local/bin/{bash,ksh}.  FreeBSD /bin/sh has about the same
programming capabilities as ksh, but it's not really suited to being
an interactive shell -- tcsh(1) is the default for that, or you can
install ksh(1), bash(1) or zsh(1) from ports.
> How well does DRM/DRI work in FreeBSD?

I take it you mean 'Direct Rendering Manager' rather than Digital
Rights Management or Digital Radio Mondiale.  There is some support in
FreeBSD, but less than under Linux.  It depends on your hardware
basically.  The port of the Linux nVidia drivers works very well.
Otherwise support is as provided through XFree86 or whatever they are
calling themselves nowadays.  There is a Kernel Graphics Interface
project which is making progress, but it's still experimental -- see
> Is it possible to PXE boot the FreeBSD installation
> and install from the network (without setting up NFS)?

> Are there any recommendations for managing a hosting
> server? Software? Configurations?

FreeBSD system recommendations are usually rather more conservative
with respect to stability and reliability than most Linux distros.  If
you're going to be running your hosting servers for profit where
reliability and stability under load is very important, then stick
with FreeBSD 4.x.  Otherwise, the latest branch from -CURRENT (FreeBSD
5.2) seems to work well for a lot of people, and there is some
hardware which is only supported under 5.x.  See
http://www.freebsd.org/releases/5.2R/early-adopter.html for a good

FreeBSD documentation is generally excellent and very readable.  Just
about everything has a useful man page, and there's a wealth of more
in-depth stuff on the website, particularly the Handbook.
> These were all question for now. I hope the story at
> the beginning wasn't too much and didn't violate the
> rules of this forum.

No problem.



Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey         Marlow
Tel: +44 1628 476614                                  Bucks., SL7 1TH UK

Attachment: pgp00000.pgp
Description: PGP signature

Reply via email to