LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > *BSD
User Name
Password
*BSD This forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.

Notices


Reply
  Search this Thread
Old 06-11-2004, 07:17 PM   #1
danny_beta_read
Member
 
Registered: Feb 2004
Distribution: Slackware 9.1, Slackware 9.0, FreeBSD 4.10-RELEASE, Dragon Lite, Slax
Posts: 70

Rep: Reputation: 15
OpenBSD and FreeBSD


Hey All,
Currently, my main machine is just for browsing the web, playing with games, and of course, learing on. But now that I don't have to have wine for school, I can get rid of mandrake. I have the FreeBSD CDs, and I've installed it before, with the only complaint being the firewall not working (now that I look back it was a simple syntax error on my part). But I'm wondering, should I install FreeBSD or OpenBSD? I really like FreeBSD, but I've never tried OpenBSD, so I really don't know. This machine will be a router with the abyss web server on the internal NIC and Apache web server on the external NIC. It will also have SSH tunneling from several machines behind it, and a DNS/DHCP server on the internal NIC.

FreeBSD or OpenBSD?
Thanks!
 
Old 06-11-2004, 07:59 PM   #2
Stack
Member
 
Registered: Oct 2003
Distribution: FreeBSD
Posts: 325

Rep: Reputation: 30
If your planning on using it as a desktop and not a headless server i would have to say FreeBSD hands down.
 
Old 06-11-2004, 08:53 PM   #3
cnjohnson
Member
 
Registered: Nov 2002
Location: Nashville
Distribution: FreeBSD, Linux, OS-X
Posts: 544

Rep: Reputation: 30
OpenBSD is designed with security in mind. Stack corruption usually causes the kenel to dump the offending userland executable (no invading the box with a sneaky buffer overflow issue). Yet, openBSD lags behind freeBSD is available software, those the gap isn't as wide as some make out.

For convenience sake, for the widest range of software on a *nix platform, I say stick with freeBSD. If, on the other hand, you want to thoroughly investigate how to do security *right* then openBSD is a great choice.

YMMV.

Cheers--
Charles
 
Old 06-11-2004, 10:33 PM   #4
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 75
Well it entirely depends what your philosophy on OSs is.

FreeBSD is slightly more scattered and bloated than OpenBSD, but it tends to support new hardware more quickly (although OpenBSD often imports hardware-specific stuff from FreeBSD or NetBSD to keep up). FreeBSD developers are constantly tinkering trying to get the most performance possible out of the i386 platform. This means that the development tree (5.x) is some times unstable. FreeBSD also has a lot more active "ports" of software than the other two BSDs (some where around 10,000 software packages can be built).

On the other hand, OpenBSD focuses very much on correctness and security. OpenBSD has a very centralized and simple configuration, not the split configuration styles that FreeBSD has (on FreeBSD you setup the main daemons in /etc/rc.local, but user install daemons have different install scripts in /usr/local/etc/rc.d). The OpenBSD firewall is highly superior to either of the other two firewalls on FreeBSD (so much so, that the FreeBSD devs ported the OpenBSD firewall to their platform, making a 3rd option).

So really the choice is cutting edge hardware support and maximum performance (will you even notice the difference?) vs. correctness and security. If you think you're going to install tons of very obscure software packages, then maybe FreeBSD is the way to go. You can check the contents of the ports tree for OpenBSD and verify if everything you need is there. From what you mentioned so far, you can do it all on OpenBSD, except I'm not familiar wity Abyss webserver. Do you intend to run that on the machine itself (if so, why two different web servers, that sounds counter-productive) or just pass traffic to a different box that is running Abyss?

Personally, I use OpenBSD for everything (even my workstation desktop) except when I need to test a Mono build for my brother (it hasn't been ported to OpenBSD and I don't feel like trying it from source).

Last edited by chort; 06-11-2004 at 10:35 PM.
 
Old 06-11-2004, 11:21 PM   #5
KneeLess
Member
 
Registered: May 2003
Distribution: Debian GNU/Linux 3.0 Sid, OpenBSD 3.5
Posts: 190

Rep: Reputation: 30
I really like OpenBSD. It doesn't have that many ports, but you can build almost any package that you need from source. And when it says secure by default, it means it. And there are even more numerous things that you that can tighten it down even more. I'd say OpenBSD is the perfect firewall/router, but it also can be used for servers. For me, I doubt I'd use this on a laptop (but I wouldn't use any BSD for that anyway, linux...) or a desktop, but it totally owns the server/firewall category. And c'mon, a primary and secondary firewall that talk to each other using pfsync? That's sweet.

I use it as a gateway from my router into my lan. PF makes sure nobody launches attacks from it either (blocks many outbound connections). For your use, it sounds like OpenBSD to me.

Last edited by KneeLess; 06-11-2004 at 11:23 PM.
 
Old 06-12-2004, 10:35 AM   #6
danny_beta_read
Member
 
Registered: Feb 2004
Distribution: Slackware 9.1, Slackware 9.0, FreeBSD 4.10-RELEASE, Dragon Lite, Slax
Posts: 70

Original Poster
Rep: Reputation: 15
Hey,

First off, the reason I have 2 webservers:
The main one (apache) is used to host my main webpage and a few friends web pages. It operates on eht0 only. Then, I need a website for the internal lan for several reasons (the biggest being file transfers) so I decided to put on abyssws as its allot faster than Apache for downloads and uses way less resources, although it sucks at everything else.

Second, I can't seem to get freeBSD to work. The first time I installed all went well, but then, I had to put mandrake back on for a week, and when I went to put freeBSD back onto it, it never asked what distributions to install, so I was left with an almost non working system.

I tried 3 more times and each time something big went wrong. The first two, it never asked me what distributions, and the third time, it wouldn't let me make a new slice on my FreeBSD partition, so I never got it installed. Is OpenBSD any better? Right now I have slackware installed, which is nice, but it doesn't have a ports system (except for swaret). Is there a better ports system you can get for slack? I use gnome but I also have all the KDE stuff installed.

Thanks!
Danny
 
Old 06-12-2004, 12:12 PM   #7
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 75
I've never heard of having those types of problems installing FreeBSD. Perhaps you have a bad CD burn? Did you try formatting the disk before attempting to run the FreeBSD installer?
 
Old 06-12-2004, 03:53 PM   #8
danny_beta_read
Member
 
Registered: Feb 2004
Distribution: Slackware 9.1, Slackware 9.0, FreeBSD 4.10-RELEASE, Dragon Lite, Slax
Posts: 70

Original Poster
Rep: Reputation: 15
Yeah, I tried formatting the disk. But then it had a bunch of errors when booting because /dev wasn't setup, ad freeBSD assumes its already done if the disks formatted.
 
Old 06-13-2004, 12:42 AM   #9
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 75
Hmmmm, that doesn't sound at all right. I think some how you're skipping steps in sysinstall. I've never had a problem installing FreeBSD on a disk that was already formatted (well, I've never installed an OS on an unformatted disk).
 
Old 06-13-2004, 08:20 PM   #10
danny_beta_read
Member
 
Registered: Feb 2004
Distribution: Slackware 9.1, Slackware 9.0, FreeBSD 4.10-RELEASE, Dragon Lite, Slax
Posts: 70

Original Poster
Rep: Reputation: 15
Hey,
I got freeBSD to install, but now I face a different problem. I got FreeBSD working great, and I love its port system and the ease of everything, but I can't seem to find a good GUI for configuring IPFW. I tried a bunch (qtfw which didn't work at all, fwbuilder which I can't use cause I can't install SSH, and a few others I forget the names of). So I think I'm gonna have to go back to linux, as I can use shorewall or another firewall GUI for that, but I'm not sure what distro to use.
I really want one with a packaging system like freeBSD, but slackware doesn't like my sis NIC and I don't have the patience for gentoo. I need it to have X (gnome and all the KDE libs so I can run KDE programs), iptables (well, I guess just about every distro has this...) and good hardware support. RH, Fedora, and Fedora core won't work on my system, and I find Mandrake to be even slower than windows, so those ones are out of the question...
Any help here would be wonderful, as I need to have this fully installed and ready to be configured by tomorrow morning... tight deadline eh?
Thanks!
Danny
 
Old 06-13-2004, 09:06 PM   #11
Stack
Member
 
Registered: Oct 2003
Distribution: FreeBSD
Posts: 325

Rep: Reputation: 30
Quote:
Originally posted by danny_beta_read
Hey,
I got freeBSD to install, but now I face a different problem. I got FreeBSD working great, and I love its port system and the ease of everything, but I can't seem to find a good GUI for configuring IPFW. I tried a bunch (qtfw which didn't work at all, fwbuilder which I can't use cause I can't install SSH, and a few others I forget the names of). So I think I'm gonna have to go back to linux, as I can use shorewall or another firewall GUI for that, but I'm not sure what distro to use.
I really want one with a packaging system like freeBSD, but slackware doesn't like my sis NIC and I don't have the patience for gentoo. I need it to have X (gnome and all the KDE libs so I can run KDE programs), iptables (well, I guess just about every distro has this...) and good hardware support. RH, Fedora, and Fedora core won't work on my system, and I find Mandrake to be even slower than windows, so those ones are out of the question...
Any help here would be wonderful, as I need to have this fully installed and ready to be configured by tomorrow morning... tight deadline eh?
Thanks!
Danny
Why not configure your firewall by hand? A gui really is not needed when you only need to type in a couple commands. My rule set is no more than 6 lines. I pretty much deny everything inbound except to ssh and allow any outbound connection to leave. Granted it is a workstation and not a firewall.

Second why dont you install KDE on Freebsd? If you know how to use the packadges/ports it should be a breeze.

Last SSH is already installed! Unless you somehow disabled in it rc.conf or who knows how disabled it during install.

PS: You need to recompile your kernel in freebsd to add firewall support.

Last edited by Stack; 06-13-2004 at 09:09 PM.
 
Old 06-14-2004, 09:21 AM   #12
danny_beta_read
Member
 
Registered: Feb 2004
Distribution: Slackware 9.1, Slackware 9.0, FreeBSD 4.10-RELEASE, Dragon Lite, Slax
Posts: 70

Original Poster
Rep: Reputation: 15
Hey,
I am using this machine as a router for several computers, so I don't really want to have to code it by hand, at least not the first time. But I did get slackware to work, so does anyone know how to install the .fw file the compiler makes? I'd really prefer not to install and setup ssh, but if I have to, I guess I have to...
Thanks!
Danny
 
Old 06-14-2004, 10:37 AM   #13
Stack
Member
 
Registered: Oct 2003
Distribution: FreeBSD
Posts: 325

Rep: Reputation: 30
Asking for slackware help in the *BSD forum really is not the thing to do...
 
Old 06-15-2004, 01:07 AM   #14
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 75
Not to mention that running X on a firewall and using GUIs to configure it are not really recommended, either. If you're going to manage a firewall, then you should know how it works. Read the documentation for IPFW (or netfilter/iptables, whatever you go with) and you won't be sorry. Just having "a firewall" isn't going to protect you from anything, but knowing how to set it up properly and understanding the difference between a good configuration and a bad one will make all the difference.

Also, I am completely lost by all the references to "needing SSH" and "not wanting to install SSH". What does SSH have to do with anything, and what in the world is so bad about using it???
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
FreeBSD, OpenBSD, NetBSD, etc. Different ? d_kote23 *BSD 6 05-16-2004 01:31 PM
FreeBSD vs. OpenBSD rehab junkie *BSD 14 01-21-2004 08:55 PM
FreeBSD or OpenBSD ? blackmask *BSD 13 07-25-2003 02:13 AM
FreeBSD, OpenBSD, OpenUnix etc... dsantamassino *BSD 3 05-30-2003 06:55 PM
OpenBSD or NetBSD. FreeBSD? tarballedtux Linux - General 6 04-05-2002 01:56 AM

LinuxQuestions.org > Forums > Other *NIX Forums > *BSD

All times are GMT -5. The time now is 11:05 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration