pfSense é uma distribuiçāo livre, open source e personalizada do FreeBSD adaptada para ser usada como firewall e roteador. Além de ser uma poderosa e flexível plataforma de firewall e roteamento, ele inclui uma longa lista de recursos relacionados e um sistema de pacotes permitindo futuras expansões, sem acrescentar falhas e vulnerabilidades de segurança em potencial na base da distribuição. pfSense é um projeto popular com mais de 1 milhão de downloads desde seu início, inúmeras instalações que vão desde pequenas redes domésticas, protegendo desde um PC ou um Xbox, até grandes corporações, universidades e outras organizações protegendo milhares de dispositivos de rede.

O Projeto acabou de liberar uma nova versão com as seguintes melhorias:

Security Updates

Three FreeBSD security advisories are applicable to prior pfSense releases. These aren’t remotely exploitable in and of themselves, but anyone who can execute arbitrary code on your firewall could use one or more of these to escalate privileges.
FreeBSD-SA-13:13.nullfs
FreeBSD-SA-13:12.ifioctl.asc
FreeBSD-SA-13:09.ip_multicast.asc

IPv6 Support
IPv6 Added to many areas of the GUI. At least the following areas/features are IPv6-enabled. Others may work as well

• Aliases (Firewall) – Aliases can contain both IPv4 and IPv6, only addresses relevant to a given rule will be used
• CARP RA
• CARP Failover
• DHCP Server w/Prefix Delegation
• SLAAC WAN
• 6to4 WAN
• 6to4 WAN w/Prefix Delegation
• 6rd WAN
• 6rd WAN w/Prefix Delegation
• DHCP6 WAN
• DHCP6 WAN w/Prefix Delegation
• DHCPv6 Relay
• DNS Forwarder
• Firewall Rules
• Gateway Groups/Multi-WAN
• Gateway Status (apinger)
• GIF Tunnels
• GRE Tunnels
• GUI Access
• IPsec
• L2TP
• Network Prefix Translation (NPt)
• NTP
• OpenVPN
• Packet Capture
• PPPoE WAN
• Router Advertisements
• Routing
• Server LB
• Static IP
• Syslog (remote)
• Limiters (dummynet pipes)
• Virtual IPs – IP Alias
• Virtual IPs – CARP
• DNS from RA
• Accept RA when forwarding
• Auth via RADIUS
• Auth via LDAP
• XMLRPC Sync
• RRD Graphs
• DHCP Static Mapping – Works by DUID
• DynDNS (HE.net hosted DNS, RFC2136, custom)
• MAC OUI database lookup support for NDP and DHCPv6. (Was already present for DHCP leases and ARP table) requires the nmap package to be installed to activate

NOTE: Unlike earlier snapshots, BETA, etc, currently we do NOT flip the “Allow IPv6″ checkbox on upgrade, to preserve existing behavior. To activate IPv6 traffic, a user will have to flip this setting manually.

Packages

• PBI (push button installer) package support – all of a package’s files and dependencies are kept in an isolated location so packages cannot interfere with one another in the way that was possible on 2.0.x and before using tbz packages
• RIP (routed) moved to a package
• OLSRD moved to a package
• Unbound moved back to a package (Will try integration again for 2.2)
• Increase the verboseness of the package reinstallation process in the system logs for a post-firmware-update package reinstallation operation

OS/Binary/Supporting Program Updates

• Based on FreeBSD 8.3
• Updated Atheros drivers
• OpenSSL 1.0.1e (or later) used by OpenVPN, PHP, IPsec, etc
• PHP to 5.3.x
• OpenVPN to 2.3.x
• Added mps kernel module
• Added ahci kernel module
• Updated ixgbe driver
• Many other supporting packages have been updated

Dashboard & General GUI

• Switch from Prototype to jQuery
• Improved navigation and service status in the GUI (shortcut icons in each section to quickly access config, logs, status, control services, etc)
• Multiple language support, a mostly-complete translation for Brazilian Portuguese is included
• Read-only privilege to create a user that cannot modify config.xml
• Dashboard update check can be disabled
• Fixed theme inconsistencies between the login form and other parts of the GUI
• Various fixes to pages to reduce potential exposure to certain CSRF/XSS vectors
• Updated CSRF Magic
• Set CSRF Magic token timeout to be the same as the login expiration
• Added IE Mobile for WP8 to list of browsers that get an alternate theme at login
• Truncate service status so long package descriptions cannot break formatting of the status table
• Many fixes to HTML/XHTML to improve rendering and validation
• Added a note to the setup wizard letting the user know that it can be canceled at any time by clicking the logo image
• Make dashboard update check respect nanobsd-vga
• Firewall Logs Widget filtering and column changes
• Added totals for some dashboard widget meters (memory, swap, disk usage)
• Changed dashboard display for states and mbufs to be meters, and to show usage as a percentage
• Update dashboard mbuf count via AJAX
• Show a count and layout of CPUs in the dashboard if multiple CPUs are detected

Captive Portal

• Multi instance Captive Portal
• Multiple Captive Portal RADIUS authentication sources (e.g. one for users, one for cards)
• Logic fixes for voucher encryption
• Many optimizations to Captive Portal processing, including a database backend and moving functions to a php module to improve speed
• Optional Captive Portal user privilege
• Add checks to make sure CP hard timeout is less than or equal DHCP server default lease time, to avoid issues with CP sessions being valid for incorrect IPs, and users switching IPs while they should still be connected to the portal
• Fixes for captive portal voucher syncing on HTTPS with a custom port
• Fixes for custom Captive Portal files leaving symlinks on the filesystem after files were removed
• Added MAC OUI database lookup support to CP status (requires nmap package to be installed)

OS/System Management

• Ability to select serial port speed
• Added a manual way to enable TRIM if someone needs it
• Added a manual way to trigger a fsck on reboot
• AES-NI support (Cryptographic Accelerator feature on new Intel/AMD CPUs) — Still experimental, not supported by some areas of the OS yet.
• Support for certain thermal sensors via ACPI, coretemp, and amdtemp
• System startup beep can be disabled
• Separate powerd setting for when on battery
• Add optional ability to change the size of RAM disks for /var/ and /tmp/ for systems that have RAM to spare
• Add optional ability for full installs to use RAM disks for /var/ and /tmp/ as is done on NanoBSD. Reduces overall writes to the media, should be more SSD-friendly
• Use a custom sysDescr for snmp similar to m0n0wall’s format.
• Added tunable to allow disabling net.inet.udp.checksum – disabling UDP checksums can improve performance, but can also have negative side effects
• Added an mtree database with the correct default permissions, owner, sha256 sum, and some other information that is used to verify file permissions post-install and post-upgrade
• APC is not started for PHP unless the system has over 512MB RAM, to reduce memory usage on systems with low RAM

Multi-WAN

• DynDNS multi-WAN failover
• IPsec multi-WAN failover
• OpenVPN multi-WAN failover
• Changed descriptions of the values for gateway monitoring
• Display apinger (gateway monitoring daemon) as a service when it is enabled
• Fixes for apinger to reload via SIGHUP properly, to avoid unnecessary restarts and loss of gateway status data
• “State Killing on Gateway Failure” now kills ALL states when a gateway has been detected as down, not just states on the failing WAN. This is done because otherwise the LAN-side states were not killed before, and thus some connections would be in limbo, especially SIP.
• Due to the change in its behavior, “State Killing on Gateway Failure” is now disabled by default in new configurations and is disabled during upgrade. If you want the feature, you’ll have to manually re-enable it post-upgrade.

NTP

• NTP daemon now has GPS support

IPsec

• More IPsec hash algorithms and DH key groups added, “base” negotiation mode added
• Mobile IPsec supports separate “split DNS” field and doesn’t just assume the default domain for split DNS domains
• Properly ignore disabled IPsec phase 2 entries
• NAT before IPsec (1:1 or many:1) outbound
• Set default Proposal Check setting to Obey for mobile IPsec
• LDAP and RADIUS are now possible authentication sources for IPsec mobile xauth
• Delete the SPDs for an old IPsec entry when it is disabled or removed
• Manage active SPDs on CARP secondary during sync
• Add an option to force IPsec to reload on failover, which is needed in some cases for IPsec to fail from one interface to another.

OpenVPN

• OpenVPN can accept attributes from RADIUS via avpairs for things like inacl, outacl, dns-server, routes
• OpenVPN checkbox for “topology subnet” to use one IP per client in tun mode
• OpenVPN local/remote network boxes can accept multiple comma-separated networks
• OpenVPN status for SSL/TLS server instances can now display the routing table for the VPN instance
• OpenVPN now allows selecting “localhost” as the interface
• Gateways are created for assigned OpenVPN server instances as well as clients
• OpenVPN instances can run on the same port on different interfaces
• OpenVPN status page now has service controls to show the status of the daemon running each instance, and allow for stop/start/restart from that page
• Changed wording of the error displayed when a daemon is not running or the management interface of OpenVPN cannot be reached for an instance
• OpenVPN client-specific Override cleanup fixes
• Fixed double-click to edit of OpenVPN Client-Specific Overrides

NAT/Firewall Rules/Alias

• Aliases separated into tabs for Hosts, Ports, and URLs to improve manageability
• NAT reflection options re-worded to be less confusing
• Adjustable source tracking timeout for Sticky connections
• Firewall rules now support matching on ECE and CWR TCP flags
• Filtering on ECE and CWR TCP flags is now possible
• Added ICMP to protocol list when creating rdr (port forward) rules
• Keep proper positioning of duplicated outbound NAT rules
• When using the + at the top of Outbound NAT rules, add the rule to the top of the list and not the bottom
• Fix ordering of interface group rules in the ruleset
• Track time and user@host which created or updated a firewall, NAT port forward, or outbound NAT rule. If timestamp records are present, display them at the bottom of the rule page when editing. Have the created time/user pre-filled for automated rules such as NAT port forward associated rules and the switch from automatic to manual outbound NAT
• Fix generation of manual outbound NAT rules so that localhost and VPN rules are not unnecessarily duplicated
• Prevent using “block” for an alias name, as it is a pf reserved keyword
• Allow TCP flags to be used on block or reject rules, since they are also valid there
• Updates/fixes to DSCP handling
• Allow advanced options state-related parameters to be used for TCP, UDP and ICMP — Formerly only allowed on TCP
• Respect ports found in rules when policy route negation rules are made
• Do not include disabled OpenVPN networks in generated policy route negation rules

Certificates

• Improved denoting of certificate purposes in the certificate list
• Imported CRLs can be edited and replaced
• Can set digest algorithm for CA/Certs (sha1, sha256, etc)
• Default digest algorithm is now SHA256
• Show CA and certificate start and end dates in the their listings
• Correct tooltip description when adding a certificate
• Relax input validation on a CA/Cert description since it is only used cosmetically in pfSense and not in the actual CA/cert subject
• Allow removing blank/empty CA and Cert entries

Logging

• More system log separation, Gateways, Routing, Resolver split into their own tabs
• Firewall logs can now be filtered by many different criteria
• Firewall logs can be sorted by any column
• Firewall logs can optionally show the matching rule description in a separate column or in between rows
• Firewall logs now show an indicator icon if the direction of a log entry is OUT rather than IN
• Add popup DNS resolution method to firewall log view
• Reduced logging output from IGMP proxy
• Reduced logging output from DynDNS
• Relocated filterdns logs to the resolver log file/tab
• Relocated DHCP client logs to the DHCP tab
• Fix system script logging so the correct script filename is printed in the log, rather than omitting the script name entirely
• Add independent logging choices to disable logging of bogon network rules and private network rules. Add upgrade code to obey the existing behavior for users (if default block logging was disabled, so is bogon/private rule blocking)
• Add a checkbox to disable the lighttpd log for people who don’t want their system log full of messages from lighttpd in some cases where they are filling the log unnecessarily

Notifications

• Add the ability to disable Growl or SMTP notifications but keep their settings intact, so the mail settings can be used for other purposes (packages, etc)
• Add a test button to selectively test Growl or SMTP notifications without re-saving settings
• Do not automatically generate a test notification on saving notification settings, as there are now individual test buttons

High Availability (CARP, pfsync, XML-RPC)

• High Availability Synchronization options (Formerly known as “CARP Settings” under Virtual IPs Promoted to its own menu entry, System > High Avail. Sync
  • This is to make it easier to find, as well as make its purpose more clear. “CARP” is a part of High Availability, as is XMLRPC/pfsync state synchronization, but it’s a bit of a misnomer to refer to the sync settings as CARP
• Ensure that the user does not remove only the last IP alias needed for a CARP VIP in an additional subnet
• Disable pfsync interface when state synchronization is not in use
• Fixed issues with DHCP server config synchronization ordering on secondary nodes
• Restart OpenVPN servers when CARP transitions to master (clients were already restarted), otherwise if CARP was disabled, the servers would never recover
• Removed the automatic pfsync rule, since the documentation always recommends adding it manually, and to add it behind the scenes with no way to block it can be counter-productive (and potentially insecure). If you did not follow the documentation and add your own pfsync or allow all rule on the sync interface, your state synchronization may break after this upgrade. Add an appropriate rule to the sync interface and it will work again.
• Allow XMLRPC to sync IP Alias VIPs set to Localhost for their interface
• In DHCP leases view, use the internal interface name (lan/opt1/etc) for the failover pool name, rather than a number. In certain cases the number can get out of sync between the two nodes, but the interface names will always match
• Print the user-configured interface description next to the DHCP failover pool name, rather than only the internal name (lan/opt1/etc)
• Add option to synchronize authentication servers (RADIUS, LDAP) via XMLRPC

NanoBSD

• Fixes for conf_mount_ro/conf_mount_rw reference checking/locking
• Diag > NanoBSD now has button to switch media between read/write and read-only
• Diag > NanoBSD now has a checkbox option to keep the media read/write
• Fixed an issue with NanoBSD time zones not being properly respected by all processes the first reboot after a firmware upgrade

DHCP Server

• DHCP can support multiple pools inside a single subnet, with distinct options per pool
• DHCP can allow/deny access to a DHCP pool by partial (or full) MAC address
• DHCP static mappings can have custom settings for gateway, DNS, etc
• DHCP static mappings can optionally have a static ARP entry created
• Fix Dynamic DNS updates from DHCP (ISC changed the config layout and requires zone declarations)
• When crafting DHCP Dynamic DNS zones, do not use invalid DNS servers for the IP type (e.g. skip IPv6 DNS servers, because the DHCP daemon rejects them)
• Added a config backup section choice for DHCPv6

Traffic Shaper

• Schedules can now be used with limiters
• Traffic shaper queues view updated
• CoDel AQM Shaper Discipline
• Allow PRIQ queues to be deleted.
• Limiters now allow the user to set the mask they want to use, rather than assuming masking will always be per-IP. This allows per-subnet limits and similar
• Limiters now allow setting masking for IPv6
• Limiters now allow setting a burst size. This will pass X amount of data (TOTAL, NOT a rate) after an idle period before enforcing the limit

DNS Forwarder

• In DNS forwarder, DNS query forwarding section with options for sequential and require domain
• Allow a null forwarding server in DNS Forwarder domain overrides to ensure that queries stay local and never go outside the firewall
• Add DNS Forwarder option to not forward private reverse lookups
• DNS Forwarder domain overrides can now specify a source address for the query, to help resolve hostnames over VPN tunnels
• DNS Forwarder now can change the port upon which it listens, for better cohabitation with other DNS software such as tinydns or unbound, if both are needed
• DNS Forwarder now has an option to select the interfaces/IP Addresses upon which it will respond to queries
• DNS Forwarder can now be set to only bind to specific IPv4 IPs (the underlying software, dnsmasq, does not support selectively binding to IPv6 IPs)
• Improved handling of some dnsmasq custom config options

User Manager

• Configurable RADIUS authentication timeout in User Manager
• Print the error message from LDAP in the log for a bind failure. Helps track down reasons for authentication failures
• Re-enable admin user if it’s disabled when ‘Reset webConfigurator password’ option is used.
• Restrict maximum group name length to 16 characters or less (OS restriction)
• Added option to UTF-8 encode LDAP parameters to improve handling of international characters
• CDATA protected LDAP fields in config to avoid invalid XML with international characters

DynDNS

• Fixed handling of DynDNS 25-day update and add ability to configure update interval
• Added DynDNS No-IP Free Account Support
• Add AAAA support to RFC2136 updates
• Add cached IP support to RFC2136, add GUI button to force update for single host
• Fix double click row to edit for RFC2136
• Add option to RFC2136 to find/use the public IP if the interface IP is private. (Off by default to preserve existing behavior on upgrade)
• Add server IP column and cached IP display to RFC2136 host list
• Include RFC2136 hosts in DNS rebinding checks
• Include both dyndns and RFC2136 hosts in referer check

Graphs

• Add ability to reverse-resolve IPs on Status > Traffic Graph in the rate table
• Add ability to filter local or remote IPs on Status > Traffic Graph in the rate table
• Change maximum values for RRD throughput to account for 10G links. Previous maximums would have caused blank spots on the graph during periods of high throughput
• Fixes to RRD data resolution/retention
• Added RRD Graph for mbuf clusters
• Changed default RRD graph colors to be more visually distinct to help avoid ambiguity between multiple values on the same graph

Misc

• Add option to the packet capture page to control whether or not promiscuous mode is used on the NIC. Rarely, NICs can have issues with promiscuous mode
• Make parent interface and all VLANs share MTU
• Fix cellular signal strength indicator
• Fix PPP config cleanup when removing an interface
• Disallow adding IP Alias or CARP VIP that would be the network or broadcast address of a subnet
• Diagnostics > Sockets page to show open network sockets on the firewall
• Diagnostics > Test Port page to perform a simple TCP connection test to see if a port is open
• The pftop page has additional options to display more detailed information and sort it
• Fixed conflict between static IP and static route in the same subnet
• Do not apply static ARP entries to disabled interfaces
• Do not allow bridge members to be assigned to itself
• Changed Diag > Ping to use more available source addresses (CARP VIPs, IP Alias VIPs, OpenVPN interfaces, IPv6 Link-Local IPs)
• Changed Diag > Traceroute to use more available source addresses (CARP VIPs, IP Alias VIPs, OpenVPN interfaces, IPv6 Link-Local IPs)
• Changed shell prompt to not force background color, to be kinder to those not using black as a background in their terminal
• Add a field to allow rejecting DHCP leases from a specific upstream DHCP server.
• Updated the help system to handle some recent added files for 2.x and clean out some old/obsolete files
• Allow selecting “Localhost” as an interface for IP Alias VIPs – this way you can make IP Alias VIPs for binding firewall services (e.g. Proxy, VPN, etc) in routed subnets without burning IPs for CARP unnecessarily
• Updated list of mobile service providers
• Fix max length for WPA passphrase. A 64-char passphrase would be rejected by hostapd and leave an AP in an open state
• Added MSS clamping to the setup wizard
• Add a setting to configure the filterdns hostname resolution interval (defaults to 300s, 5 minutes)
• Omit IP mismatch warnings (e.g. behind a port forward, VPN IP, etc) if HTTP_REFERER protection is disabled
• Fixes for selecting/detecting PPP devices such as 3G/4G modems
• Rather than doing auto-detection to find serial PPP devices, use a glob when listing potential PPP serial devices
• Prevent sshlockout from a crash/coredump if a format string like %s is present in the buffer
• Fix SMART to see adaX devices
• Fix SMART interpretation of output from SCSI devices
• Fixed display of user SSH keys when present
• Updated p0f database from FreeBSD
• Fix UPnP Interface name selection to show the configured description entered by the user
• Allow setting the external UPnP interface (must be default route WAN)
• Fix Diag > Tables AJAX fadeOut after deletion for rows with CIDR mask format
• Improve Diagnostics > Routes to fetch output via AJAX and have configurable filtering and sizes. Improves handling of large routing tables, such as a full BGP feed
• When deleting or renaming a virtual server from the Load Balancer (relayd) manually clean up the NAT rules it leaves behind to avoid conflicts
• Many, many bug fixes
• Various fixes for typos, formatting, input validation, etc

SH/PHP Shell Scripts

• Git package for gitsync is now pulled in as a pfSense-style PBI package
• Added playback shell scripts added to enable/disable CARP
• Added playback shell scripts to add and remove packages from the command line
• Added playback shell script to remove shaper settings
• Added playback shell script to control services from the command line
• Add a simple CLI mail script capable of sending an SMTP message using echo/piped input. (Uses SMTP notification settings for server details)
• Added a script to convert a user’s filesystem from device names to UFS labels, for easier portability in case the disk device changes names (e.g. adX to adY, adX to daY, or adX to adaX). ONLY FOR FULL INSTALLS. NanoBSD already uses labels

Mais pode ser lido nesses 2 links abaixo:

http://blog.pfsense.org/?p=712 - 2.1-RELEASE
http://blog.pfsense.org/?p=718 - Gold Subscription

Mãos à obra e um bom fim de semana para todos.  :)

Glen Barber enviou um e-mail para as listas freebsd-current e freebsd-snapshots avisando sobre a primeira liberação ALPHA do ciclo que dará origem ao FreeBSD 10.0-RELEASE. O FreeBSD 10 virá com muitas novidades:

Overall system / architectural changes

LDNS and Unbound will replace BIND:

• Unbound and LNDS will replace BIND as the system’s DNS resolver and tools. BIND will of course always be available from ports.

GCC is no longer built as part of the base system:

• GCC is no longer a part of the default base system on architectures where CLANG is used instead. CLANG is used on i386 and AMD64.

VPS Support:

• Virtual Private Systems for FreeBSD (VPS) is an extension of the VIMAGE concept to the rest of the kernel (OS-level virtualization, similar to jails), and can e.g. migrate live VPSs from one host to another.

Unmapped VMIO buffers:

• The use of the unmapped buffers eliminate the need to perform TLB shootdown for mapping on the buffer creation and reuse, greatly reducing the amount of IPIs for shootdown on big-SMP machines and eliminating up to 25-30% of the system time on i/o intensive workloads.

Raspberry Pi support:

• With little work, FreeBSD is now able to run on the Raspberry Pi platform!

bhyve:

• “bhyve” is the BSD Hypervisor, developed from scratch to offer a light-weight low-level HVM virtualization on FreeBSD. It supports virtio for IO paravirtualization.

Superpages for ARMv6/v7:

• Superpages support provides improved performance and scalability by allowing TLB translations to dynamically cover large physical memory regions. All ARMv6 and ARMv7-based platforms can take advantage from this feature.

General ARM improvements:

• FreeBSD/arm has been greatly improved, including support for ARMv6 and ARMv7, SMP and thread-local storage (TLS). Additionally support for some newer SoC like the MV78x60 and OMAP4 was added.

ARM EABI:

• The default ABI on ARM is now the ARM EABI. This brings a number of improvements and allows future support for VFP and Thumb-2.

Kernel, hardware support & other low level improvements:

Atomic close-on-exec:

• Add various APIs that set the close-on-exec flag atomically with allocating a file descriptor. These can be used to avoid undesirably passing file descriptors to child processes if threads or signal handlers call fork and exec. Some software starts to depend on these features.

Support for AMD GPUs kernel-modesetting:

• It will allow the use of newer xf86-video-ati drivers and AMD GPUs.

Support for the RDRAND random number generator:

• RDRAND is the new Intel’s CPU instruction for accessing its hardware random number generator, also known as the code-name Bull Mountain. It is present in Ivy Bridge and newer CPUs.

Virtio:

• “virtio” is the name for the paravirtualization interface developed for the Linux KVM, but since adopted to other virtual machine hypervisors (with the notable exception of Xen). This work brings in a BSD-licensed clean-room implementation of the virtio kernel drivers for disk (block and SCSI) IO, network IO, PCI and memory ballooning. Tested with on Qemu/KVM, VirtualBox, and BHyVe.

Variable symlinks:

• The support for variable symbolic links (varsym) has been ported from DragonflyBSD, supporting automatic expansion of per-process, per-jail or system-wide variables in symbolic file links.

Networking improvements:

ipfw support for setting/matching DSCP:

• Add ipfw support for setting/matching DiffServ codepoints (DSCP) in IP header (former TOS field). Setting DSCP support works for both IPv4 and IPv6 packets. DSCP can be specified by name (AFxy, CSx, BE, EF), by value (0..63) or via tablearg. Matching DSCP accepts several classes at once (af11,af22,be).

SMP-friendly pf firewall:

• The pf firewall, originally from OpenBSD, got upgraded to support fine-grain locking and better utilization on multi-cpu machines, which allows it to perform significantly faster.

CARP rewrite.

NetMap:

• NetMap is a framework for high-performance direct-to-hardware packet IO, offering low latency and high PPS rates to userland applications while bypassing any kernel-side packet processing. With NetMap, it is trivially possible to fully saturate a 10 Gbps network interface with minimal packet sizes.

Up to 65536 routing tables:

• Until now FreeBSD only supported up to 16 different routing tables. With this changes up to 65536 are supported.

Wireless Improvements:

Concurrency/SMP work:

• net80211 has had issues on preemptive, multi-core CPUs. A lot of these race conditions have been found and fixed in -HEAD. The important fixes have been backported to 9.x.

Improved 802.11n stack support:

• The net80211 stack has had numerous 802.11n improvements, including (but not limited to) better handling of 802.11n BAR TX frames and 802.11n options. It also correctly supports 1, 2 and 3 stream 802.11n configurations (although no public driver as yet supports 3-stream 802.11n operation.)

802.11s mesh support:

• The 802.11s support is being continuously updated to the release specification rather than earlier draft specifications. Although this doesn’t yet support 802.11n, the aim is to be specification compliant and complete by 10.0-RELEASE.

Atheros PCI/PCIe 802.11n support:

• The Atheros driver, HAL and rate control code has undergone some significant development work to support 802.11n.
  • This includes:
    • Fixing many SMP/concurrency races;
    • Teaching the HAL about 802.11n rates;
    • Teaching the ath_rate_sample rate control module about 802.11n, as well as the required rate control API changes;
    • Implementing 802.11n TX aggregation, including software retransmissions, BAR handling and other required features.
    • Although there are a few features still under development (notably AP power save mode), both AP and STA operation is stable enough for home use and testing. (Read: more than just the author is using this feature.)

Storage subsystems’ improvements:

New iSCSI stack:

• The new iSCSI stack is kernel-mode and focused on reliability and interoperability.

ZFS NOP-write optimization:

• The zio nop-write improvement from Illumos was imported into -CURRENT. To reduce I/O, nop-write skips overwriting data if the checksum (cryptographically secure) of new data matches the checksum of existing data. It also saves space if snapshots are in use.
• It currently works only on datasets with enabled compression, disabled deduplication and sha256 checksums.

Online growfs(8) for r/w-mounted UFS filesystems:

• UFS filesystems can now be enlarged with growfs(8) while mounted read-write. This is especially useful for virtual machines, allowing the addition of more harddrive space without interruption of service.

ZFS TRIM support:

• As a world’s first, FreeBSD now has TRIM support in ZFS! UFS has already had TRIM support for some time.

LZ4 compression support in ZFS:

• LZ4 is a new, very fast compression algorithm (http://code.google.com/p/lz4/) which improves ZFS compression/decompression performance by up to 50%/80% compared to the default LZJB (http://wiki.illumos.org/display/illumos/LZ4+Compression).

FUSE support in the base system:

• A state of the art FUSE implementation is now part of the FreeBSD base system. It allows the use of nearly all fusefs file systems under FreeBSD without installing the unstable “fusefs-kmod” kernel module from ports. Most notable is the “ntfs-3g” implementation of Windows NTFS.
• http://fuse.sourceforge.net/ FUSE is the userland file system API developed for Linux. The FreeBSD port (including the clean-room BSD-licenced reimplementation of the kernel module) was created during 2 summer of code mandates and being revived by gnn recently. The functionality in this commit matches the content of fusefs-kmod port, which doesn’t need to be installed anymore for -CURRENT setups.

Desktop-related changes:

USB Audio 2.0:

• USB Audio support was upgraded to support version 2.0. New devices should support higher bandwidth, increased sampling frequency and wider dynamic range.

Other changes:

• Maximum username (login) length increased to 32 characters: http://svnweb.freebsd.org/base?view=revision&revision=243023
• vmxnet3 VMWare paravirtualized network driver committed: http://svnweb.freebsd.org/changeset/base/254738
• Efficienty improvements in network-related kernel data structures: http://svnweb.freebsd.org/base?view=revision&revision=254780
• Improvements in parallel GEOM processing, using direct dispatch in simple cases: http://svnweb.freebsd.org/changeset/base/254787
• Efficiency improvements in the virtual memory system: http://svnweb.freebsd.org/base?view=revision&revision=254544, http://svnweb.freebsd.org/base?view=revision&revision=254025
• CAIA Delay-Gradient (CDG) congestion control algorithm for TCP: http://svnweb.freebsd.org/changeset/base/252504
• Since the ports tree has also been converted to Subversion from CVS, the cvs program has been removed from the base system (it is still available in the ports): http://svnweb.freebsd.org/changeset/base/251794. Instead, svnlite (http://svnweb.freebsd.org/changeset/base/251886) and svnup (http://www.freshports.org/net/svnup) are available.
• ZFS now has L2ARC compression (http://wiki.illumos.org/display/illumos/L2ARC+Compression): http://svnweb.freebsd.org/base?view=revision&revision=251478
• Newly created UFS file systems will have faster fsck operation: http://svnweb.freebsd.org/base?view=revision&revision=248623
• GEOM_LABEL creates labels based on disk ID strings: http://svnweb.freebsd.org/changeset/base/249508
• Faster booting by using a better read cache: http://svn.freebsd.org/changeset/base/241053
• 64-bit ino_t, allowing file systems with a really huge number of files: http://svn.freebsd.org/changeset/base/241011
• Shared memory pages between kernel&userland for faster interaction: http://svn.freebsd.org/changeset/base/237433
• Clang 3 will be the default compiler for FreeBSD 10: http://svn.freebsd.org/changeset/base/228379, http://lists.freebsd.org/pipermail/freebsd-stable/2012-May/067486.html
• New timecounter infrastructure: RADclock, http://www.synclab.org/radclock/
• ZFS fault monitoring and management daemon, http://svn.freebsd.org/changeset/base/222836
• NVM Express drivers: nvme(4) and nvd(4), http://svnweb.freebsd.org/changeset/base/240616
• unbound (validating, recursive, and caching DNS resolver) included ?, http://svnweb.freebsd.org/changeset/base/249140
• counter(9) API that implements fast and raceless counters, provided (but not limited to) for gathering of statistical data: http://svnweb.freebsd.org/changeset/base/249268, http://lists.freebsd.org/pipermail/freebsd-arch/2013-April/014204.html

ISO do FreeBSD 10.0 ALPHA1 aqui.

Maiores referências aqui.

Glen Barber anunciou na lista freebsd-stable com cópia para FreeBSD Release Engineering Team, a liberação do 9.2 RC4. Espera-se que seja o último RC antes do lançamento final do 9.2-RELEASE.

Abaixo as mudanças do RC4 em relação ao RC3:

• Revert the tribute boot loader logo as the default logo.
• Fix a filesystem bug that would cause removed files to fail to dereference vnodes until the filesystem was forcibly unmounted and remounted.
• Fix a rtadvd(8) segmentation fault on service reload.
• Create and correct ownership and permissions of /var/authpf in the standard mtree.
• Fix a NFS deadlock.
• Stop SIOCSIFADDR, SIOCSIFBRDADDR, SIOCSIFDSTADDR and SIOCSIFNETMASK at the socket layer rather than pass them on to the link layer without validation or credential checks.  [SA-13:12]
• Prevent cross-mount hardlinks between different nullfs mounts of the same underlying filesystem.  [SA-13:13]
• Fix the length calculation for the final block of a sendfile(2) transmission which could be tricked into rounding up to the nearest page size, leaking up to a page of kernel memory. [SA-13:11]

Uma ISO para instalação pode ser baixada aqui.

Pessoal,

Desculpem o atraso mas eu estava na praia. Sim, nós nerds também vamos à praia. hahahah

Saiu finalmente o anúncio oficial do novo release do FreeBSD. Abaixo ele na íntegra:

The FreeBSD Release Engineering Team is pleased to announce the availability
of FreeBSD 9.1-RELEASE.  This is the second release from the stable/9 branch,
which improves on the stability of FreeBSD 9.0 and introduces some new
features.  Some of the highlights:

	- New Intel GPU driver with GEM/KMS support
	- netmap(4) fast userspace packet I/O framework
	- ZFS improvements from illumos project
	- CAM Target Layer, a disk and processor device emulation subsystem
	- Optional new C++11 stack including LLVM libc++ and libcxxrt
	- Jail devfs, nullfs, zfs mounting and configuration file support
	- POSIX2008 extended locale support, including compatibility with
	  Darwin extensions
	- oce(4) driver for Emulex OneConnect 10Gbit Ethernet card
	- sfxge(4) driver for 10Gb Ethernet adapters based on Solarflare
	  SFC9000 controller
	- Xen Paravirtualized Backend Ethernet Driver (netback) improvement
	- hpt27xx(4) driver for HighPoint RocketRAID 27xx-based SAS 6Gb/s HBA
	- GEOM multipath class improvement
	- GEOM raid class is enabled by default supporting software RAID
	  by deprecated ataraid(8)
	- kernel support for the AVX FPU extension
	- Numerous improvements in IPv6 hardware offload support.

Please note that precompiled third-party packages are not available for
9.1-RELEASE at the time of release.  See the "Availability" section below
for further details.

For a complete list of new features and known problems, please see the
online release notes and errata list, available at:

    http://www.FreeBSD.org/releases/9.1R/relnotes.html
    http://www.FreeBSD.org/releases/9.1R/errata.html

For more information about FreeBSD release engineering activities,
please see:

    http://www.FreeBSD.org/releng/

 Availability
 -------------

FreeBSD 9.1-RELEASE is now available for the amd64, i386, powerpc64,
and sparc64 architectures.

FreeBSD 9.1 can be installed from bootable ISO images or over the
network.  Some architectures also support installing from a USB memory
stick.  The required files can be downloaded via FTP as described in the
section below.  While some of the smaller FTP mirrors may not carry all
architectures, they will all generally contain the more common ones such
as amd64 and i386.

MD5 and SHA256 hashes for the release ISO and memory stick images are
included at the bottom of this message.

The purpose of the images provided as part of the release are as follows:

  dvd1: This contains everything necessary to install the base FreeBSD
	operating system, the documentation, and a small set of pre-built
	packages aimed at getting a graphical workstation up and running.
	It also supports booting into a "livefs" based rescue mode.  This
	should be all you need if you can burn and use DVD-sized media.

  disc1: This contains the base FreeBSD operating system. It also supports
	booting into a "livefs" based rescue mode.  There are no pre-built
	packages.

  bootonly: This supports booting a machine using the CDROM drive but
	does not contain the support for installing FreeBSD from the
	CD itself.  You would need to perform a network based install
	(e.g. from an FTP server) after booting from the CD.

  memstick: This can be written to an USB memory stick (flash drive) and
	used to do an install on machines capable of booting off USB
	drives.  It also supports booting into a "livefs" based rescue
	mode.  There are no pre-built packages.

As one example of how to use the memstick image, assuming the USB drive
appears as /dev/da0 on your machine something like this should work:

  # dd if=FreeBSD-9.1-RELEASE-amd64-memstick.img of=/dev/da0 bs=10240 conv=sync

Be careful to make sure you get the target (of=) correct.

Due to the security incident reported here:

	http://www.FreeBSD.org/news/2012-compromise.html

only the small third-party package set on the DVD image is available at this
time for users who require pre-built packages (just GNOME and KDE windowing
systems).  The FreeBSD Project's package building infrastructure is undergoing
a complete review and redesign.  At this time we can not commit to a date
the full release package set will become available.  A separate announcement
will be made when that becomes available.  If you wish to install 9.1-RELEASE
now you can build your own packages using portsnap(8) to obtain an up to
date ports tree and then build the packages.  If you require pre-built
packages you should wait for the announcement of the full release package
set becoming available.

FreeBSD 9.1-RELEASE can also be purchased on CD-ROM or DVD from several
vendors.  One of the vendors that will be offering FreeBSD 9.1-based
products is:

~   FreeBSD Mall, Inc.        http://www.freebsdmall.com/

 FTP
 ---

At the time of this announcement the following FTP sites have
FreeBSD 9.1-RELEASE available.

	ftp://ftp.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.1/
	ftp://ftp5.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.1/
	ftp://ftp7.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.1/
	ftp://ftp8.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.1/
	ftp://ftp.au.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.1/
	ftp://ftp.cn.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.1/
	ftp://ftp.cz.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.1/
	ftp://ftp.dk.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.1/
	ftp://ftp.fr.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.1/
	ftp://ftp.jp.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.1/
	ftp://ftp.ru.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.1/
	ftp://ftp.tw.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.1/
	ftp://ftp.uk.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.1/
	ftp://ftp2.us.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.1/
	ftp://ftp10.us.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.1/
	ftp://ftp.za.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.1/

However before trying these sites please check your regional mirror(s)
first by going to:

  ftp://ftp.<yourdomain>.FreeBSD.org/pub/FreeBSD

Any additional mirror sites will be labeled ftp2, ftp3 and so on.

More information about FreeBSD mirror sites can be found at:

  http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/mirrors-ftp.html

For instructions on installing FreeBSD or updating an existing machine to
9.1-RELEASE please see:

  http://www.FreeBSD.org/releases/9.1R/installation.html

 Support
 -------

9.1-RELEASE is an extended support releases and will be supported by
the FreeBSD Security Team until it's End-of-Life (EoL) date of
December 31st 2014. As 9.1-RELEASE got delayed, the EoL of 9.0-RELEASE
has been pushed to March 31st 2013 to allow people sufficient time to
upgrade. As always all EoL dates can be found at:

  http://www.FreeBSD.org/security/

 Other Projects Based on FreeBSD
 -------------------------------

There are many "third party" Projects based on FreeBSD.  The Projects
range from re-packaging FreeBSD into a more "novice friendly" distribution
to making FreeBSD available on Amazon's EC2 infrastructure.  For more
information about these Third Party Projects see:

  http://wiki.FreeBSD.org/3rdPartyProjects

 Acknowledgments
 ---------------

Many companies donated equipment, network access, or man-hours to
support the release engineering activities for FreeBSD 9.1 including
The FreeBSD Foundation, Yahoo!, NetApp, Internet Systems Consortium,
Sentex Communications, New York Internet, Juniper Networks, and
iXsystems.

The release engineering team for 9.1-RELEASE includes:

Ken Smith <kensmith@FreeBSD.org>        Release Engineering,
                                        amd64, i386, sparc64 Release Building,
					Mirror Site Coordination
Robert Watson <rwatson@FreeBSD.org>     Release Engineering, Security
Konstantin Belousov <kib@FreeBSD.org>   Release Engineering
Marc Fonvieille <blackend@FreeBSD.org>  Release Engineering, Documentation
Josh Paetzel <jpaetzel@FreeBSD.org>	Release Engineering
Hiroki Sato <hrs@FreeBSD.org>           Release Engineering, Documentation
Bjoern Zeeb <bz@FreeBSD.org>            Release Engineering, Package Building
Marcel Moolenaar <marcel@FreeBSD.org>   ia64, powerpc Release Building
Nathan Whitehorn <nwhitehorn@FreeBSD.org> powerpc64 Release Building
Simon Nielsen <simon@FreeBSD.org>       Security Officer

 Trademark
 ---------

FreeBSD is a registered trademark of The FreeBSD Foundation.

 ISO Image Checksums
 -------------------

MD5 (FreeBSD-9.1-RELEASE-amd64-bootonly.iso) = 03ec0d36578a5b2092c75ac8e3eb1979
MD5 (FreeBSD-9.1-RELEASE-amd64-disc1.iso) = f0a320fd52383c42649d48ea545915a9
MD5 (FreeBSD-9.1-RELEASE-amd64-dvd1.iso) = 5da132138da8360491eb0efa24760859
MD5 (FreeBSD-9.1-RELEASE-amd64-memstick.img) = 9fb2d4ad338df42f5d86cd1ae3a427c4

MD5 (FreeBSD-9.1-RELEASE-i386-bootonly.iso) = 0c2338e03b9249c9806b8c2b10f36dec
MD5 (FreeBSD-9.1-RELEASE-i386-disc1.iso) = e37d86ce83908bf4b667fdae7298bca5
MD5 (FreeBSD-9.1-RELEASE-i386-dvd1.iso) = dd07dc30035806cabd136f99ccab7eac
MD5 (FreeBSD-9.1-RELEASE-i386-memstick.img) = 149b98037944300927a21341aa9a455a

MD5 (FreeBSD-9.1-RELEASE-powerpc64-bootonly.iso) = f65cb227e049c48bbc369d79a72e2916
MD5 (FreeBSD-9.1-RELEASE-powerpc64-memstick) = 4febdf7210882e8a9f8eee35315722ce
MD5 (FreeBSD-9.1-RELEASE-powerpc64-release.iso) = a26c7c24a0497980ffc67e1f199a5bba

MD5 (FreeBSD-9.1-RELEASE-sparc64-bootonly.iso) = 3fb02e9998e6341fea7fa75073dcf5ea
MD5 (FreeBSD-9.1-RELEASE-sparc64-disc1.iso) = 7fdec91c78799263d88f3918b71e219f

SHA256 (FreeBSD-9.1-RELEASE-amd64-bootonly.iso) = a7e429071a409232f36024df2fc92eed15dc795445030b305fa242c88d6f4596
SHA256 (FreeBSD-9.1-RELEASE-amd64-disc1.iso) = 776ba34df5ffb8b5f04b823aacea32210104204b5d3d1547334a22c86cf7090e
SHA256 (FreeBSD-9.1-RELEASE-amd64-dvd1.iso) = 7955f97e25985915013c1568319752c4006e722539c65723685923e343c3b5dc
SHA256 (FreeBSD-9.1-RELEASE-amd64-memstick.img) = d085657fc039f579a69598163de39cd0d5d09b3f5ba79ea93bb508e7958cdef4

SHA256 (FreeBSD-9.1-RELEASE-i386-bootonly.iso) = 73361f5947a71465797979a99e9fdee40797c3fc5ebc9dd4d3d31262f4940985
SHA256 (FreeBSD-9.1-RELEASE-i386-disc1.iso) = 211f9562e0c122598e03aa3fdb38dd8a5c79197a9d09e6ad32f9ee9ba4eb6e0e
SHA256 (FreeBSD-9.1-RELEASE-i386-dvd1.iso) = 46a53f57e21a7a1c2d1c014bf2cfafae3848c749174777f3a04543f1da25b678
SHA256 (FreeBSD-9.1-RELEASE-i386-memstick.img) = 9d037fbf6ac62350bf5d39be820f843c215befac94f8668a5d9935f6bec8e37d

SHA256 (FreeBSD-9.1-RELEASE-powerpc64-bootonly.iso) = a2cd9f2d58571d3e9fbb5fadd13237622d4bf1a732d61acbe649e29153a16801
SHA256 (FreeBSD-9.1-RELEASE-powerpc64-memstick) = 02d0bb7236335c6154683800a17c84eb810fbf7950da8c818a519bc09b7ef84e
SHA256 (FreeBSD-9.1-RELEASE-powerpc64-release.iso) = b04fb13eab306424319bb8ecd280a655ca6df51dc1ff5dcd6adb6eaa3ff88dba

SHA256 (FreeBSD-9.1-RELEASE-sparc64-bootonly.iso) = be55f9950e70e4da13c29c90bae0c2110e176939085d72b77e18e23307bbfaea
SHA256 (FreeBSD-9.1-RELEASE-sparc64-disc1.iso) = aa57a02b2d7e46ad8ccca1adcef0ae9aad86b2f4fb5ee9d42e21a95ae2c29f47

Bem, segundo Nicole Reid é possível mas vai demandar um certo trabalho e paciência. Nada que uma boa bacia de pipoca e um refri bem gelado não possam te animar.  🙂

Eu aprendi que as coisas muito fáceis não são tão prazerosas quanto aquelas que nos proporcionam um certo desafio em fazê-las.

Então para quem não se incomoda com o trabalho, aqui vai o link para o artigo de Nicole Reid:

https://cooltrainer.org/2012/01/02/a-freebsd-9-desktop-how-to/

Qualquer dúvida por favor postem para o autor, mas aceito os comentários de quem seguiu o seu artigo.  🙂

Be happy, use FreeBSD.

BSD Magazine é uma revista mensal de excelente qualidade técnica, visual e gratuita para todo e qualquer profissional que queira ficar bem informado sobre tecnologia e informação utilizando BSD e outros Softwares Livres.

A revista encontra-se em idioma Inglês e para baixá-la basta informar o seu e-mail e clicar para baixar. Todas as outras edições anteriores também podem ser baixadas. Seu formato está em pdf.

Conteúdo:

É isso mesmo pessoal!!! Para quem está usando a árvore svn releng/9.1 já pode atualizar e usar o FreeBSD 9.1-RELEASE. Abaixo o BSDInfo já usando o sistema novo.  🙂

(root@zeus)[~]# uname -a
FreeBSD zeus.bsdinfo.com.br 9.1-RELEASE FreeBSD 9.1-RELEASE #38 r243752: Sat Dec  1 15:10:14 BRST 2012     root@zeus.bsdinfo.com.br:/usr/obj/usr/src/sys/GONDIM  amd64

Em /usr/src/UPDATING:

Updating Information for FreeBSD current users

This file is maintained and copyrighted by M. Warner Losh <imp@freebsd.org>.
See end of file for further details.  For commonly done items, please see the
COMMON ITEMS: section later in the file.  These instructions assume that you
basically know what you are doing.  If not, then please consult the FreeBSD
handbook.

Items affecting the ports and packages system can be found in
/usr/ports/UPDATING.  Please read that file before running portupgrade.

20121205:
9.1-RELEASE.

É isso aí pessoal… agora é só aguardarmos o anúncio oficial e as ISOs.  🙂

Um excelente fim de semana pra todos.

Recebi por e-mail informações que não será ainda lançado o FreeBSD 9.1-RELEASE. Teremos ainda pela frente um RC3 pelo menos. Abaixo as informações na íntegra:

The second release candidate of the 9.1-RELEASE release cycle is now
available on the FTP servers for amd64, i386, ia64, powerpc, and
powerpc64.  The MD5/SHA256 checksums are at the bottom of this message.
The ISO images and, for architectures that support it, the memory stick
images are available here:

  ftp://ftp.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.1/

(or any of the FreeBSD mirror sites).

A third RC build has been decided on, currently scheduled for a week
from now.  The release builds themselves will begin about a week after
RC3.  The current target schedule has been updated:

  http://www.freebsd.org/releases/9.1R/schedule.html

If you notice any problems you can report them through the normal Gnats
PR system or here on the -stable mailing list.

There was enough "community push-back" from the decision to not export
the 9.1 release branch activity to CVS that the decision has been
reversed.  A firm decision has been made that 10.X release activity will
not be exported to CVS.  It hasn't been decided yet if the upcoming 8.X
and/or 9.X (past 9.1) release activity will be exported.  More
information about that will get posted as decisions get made.

If you want to do a source-based update to an existing system using SVN
the branch to use is releng/9.1.  If you would like to use CVS instead
use RELENG_9_1.

The freebsd-update(8) utility supports binary upgrades of i386 and amd64 
systems running earlier FreeBSD releases.  Systems running 9.0-RELEASE,
9.1-BETA1, or 9.1-RC1 can upgrade as follows:

# freebsd-update upgrade -r 9.1-RC2

During this process, FreeBSD Update may ask the user to help by merging 
some configuration files or by confirming that the automatically performed
merging was done correctly.

# freebsd-update install

The system must be rebooted with the newly installed kernel before 
continuing.

# shutdown -r now

After rebooting, freebsd-update needs to be run again to install the new 
userland components, and the system needs to be rebooted again:

# freebsd-update install
# shutdown -r now

Users of earlier FreeBSD releases (FreeBSD 7.X, 8.X) can also use
freebsd-update to upgrade to FreeBSD 9.1-RC2, but will be prompted to
rebuild all third-party applications (e.g., anything installed from the
ports tree) after the second invocation of "freebsd-update install", in
order to handle differences in the system libraries between FreeBSD 7.X
or FreeBSD 8.X and FreeBSD 9.X.

Checksums:

MD5 (FreeBSD-9.1-RC2-amd64-bootonly.iso) = bacba310a6387a8d64df8178aa9d1de0

MD5 (FreeBSD-9.1-RC2-amd64-memstick.img) = 1e539c978e49d4115fa48851e148e156

MD5 (FreeBSD-9.1-RC2-amd64-disc1.iso) = e4c61498e58fec93744b248f17573bc6

MD5 (FreeBSD-9.1-RC2-i386-bootonly.iso) = 9d839532595355511b62359f02be68ad

MD5 (FreeBSD-9.1-RC2-i386-memstick.img) = f44f9c00fec04c7544a401b62e653249

MD5 (FreeBSD-9.1-RC2-i386-disc1.iso) = ad17598b8a1f9e048bf496ce34b6d8be

MD5 (FreeBSD-9.1-RC2-ia64-bootonly.iso) = 8a70c60bea27fb81ae66e518283eec8d

MD5 (FreeBSD-9.1-RC2-ia64-memstick) = 0be81103f6aa4d8becba2f341370e5a2

MD5 (FreeBSD-9.1-RC2-ia64-release.iso) = 2546fc2d11c7b3d5031ed285146dc815

MD5 (FreeBSD-9.1-RC2-powerpc-bootonly.iso) = 5678929dd41181e52cd5da1389be05d1

MD5 (FreeBSD-9.1-RC2-powerpc-memstick) = bc681cda1d4e49e0288f27bd616130b7

MD5 (FreeBSD-9.1-RC2-powerpc-release.iso) = eb5ac93ad8befc567e03e8ce58051cdd

MD5 (FreeBSD-9.1-RC2-powerpc64-bootonly.iso) = a035c65d8268e5d8b32f8d84ca266588

MD5 (FreeBSD-9.1-RC2-powerpc64-memstick) = b6dcfb14de1b835e582253eb179a7072

MD5 (FreeBSD-9.1-RC2-powerpc64-release.iso) = 9bd3bddaaab25948fea3c3957f889414

SHA256 (FreeBSD-9.1-RC2-amd64-bootonly.iso) = 8cb69eedc8d2bd493b4acb6df2092865047ce4475f4142ba227b8cb4ab3754ad

SHA256 (FreeBSD-9.1-RC2-amd64-memstick.img) = 4d552c2f2641ddfebe158427460785d3e0b184e603ef01f433579004d26dd54c

SHA256 (FreeBSD-9.1-RC2-amd64-disc1.iso) = 6b874d20c909a4a53d8eaa8aa3c1316a957a27406265ca83e9399daa42271177

SHA256 (FreeBSD-9.1-RC2-i386-bootonly.iso) = f0df7bc32ffb973f7f269c3097fd223de7f6832ee7d77aadae91e3b42de61a10

SHA256 (FreeBSD-9.1-RC2-i386-memstick.img) = d8e2a686d69c4c3cbaff8bb4e8324f9c66ad3b563bf48e163e8f91be75ebb3b4

SHA256 (FreeBSD-9.1-RC2-i386-disc1.iso) = 165e342d89f57bdd06f24b4f8bdc0b45b1eec4e5bbde52b6fd5dbabeae290cf6

SHA256 (FreeBSD-9.1-RC2-ia64-bootonly.iso) = c9e730b1bdc7bd9b2a51ac860456bb98c6a06cba58e3a604fcb30e2dc991731d

SHA256 (FreeBSD-9.1-RC2-ia64-memstick) = df5622b66575a3bd4bf2d878569dc2b0d1b8bf5cab1596c3632f19da048aa774

SHA256 (FreeBSD-9.1-RC2-ia64-release.iso) = 11a48342921fbff0abb7bab0cd9b32838036dda09c0383c6fea34d679768dd49

SHA256 (FreeBSD-9.1-RC2-powerpc-bootonly.iso) = b3462a7fc55adcf7e00bb3ef0d8f4a2a6c2e9b44329d4a6c823a1cf1394521ae

SHA256 (FreeBSD-9.1-RC2-powerpc-memstick) = 6a42285f71c8359aac931c28958ade49c0677bf6a350f285646a86c02584a266

SHA256 (FreeBSD-9.1-RC2-powerpc-release.iso) = 3ebb722b9a17e8facf5378cb6026670da583b2b42ba08be6d0d74e3ad658096d

SHA256 (FreeBSD-9.1-RC2-powerpc64-bootonly.iso) = 6fe6c7abf12bf6eafbefb4db03d2dcccd6af6bbd12311da1cf4fd821d4965219

SHA256 (FreeBSD-9.1-RC2-powerpc64-memstick) = 3218173781294b089a10ec65386ac140a78c7a9908e0912fe88ffc2df3317a66

SHA256 (FreeBSD-9.1-RC2-powerpc64-release.iso) = 03659f3493a79519ad31d8e19c4ac50755e58c573f9596244284b2d7ff70cc42

Olá

Este é um post simples, mas com uma dica bem útil para quem gosta de fazer tutoriais ou que, por qualquer outro motivo, deseje gravar a área de trabalho enquanto utiliza o seu sistema FreeBSD (deve funcionar com outros unix-like também). Para capturar a área de trabalho não é necessário nenhum aplicativo com interface gráfica complexa, basta utilizar o ffmpeg para isso.

Da página de manual do ffmpeg tem-se que:

"ffmpeg is a very fast video and audio converter that can also grab from a live audio/video source. "



É exatamente esta característica de capturar o vídeo de uma outra fonte “ao vivo” que pode-se utilizar para capturar a tela.

Antes de começar, obviamente é necessário instalar o ffmpeg. Na árvore do ports ele encontra-se em

multimedia/ffmpeg



A instalação deve ser feita com suporte a X11GRAB.  Utilize um make config dentro da pasta do ffmpeg para realizar a configuração da instalação. Para referência, esta é a configuração de uma instalação em que este recurso está funcionando.



===> The following configuration options are available for ffmpeg-0.7.13_6,1:
AACPLUS=off: AAC support via libaacplus
ALSA=off: ALSA audio architecture support
AMR_NB=off: AMR Narrow Band audio support (opencore)
AMR_WB=off: AMR Wide Band audio support (opencore)
CELT=off: CELT audio codec support
DEBUG=off: Install debug symbols
DIRAC=on: Dirac support via libdirac
FAAC=on: FAAC AAC encoder support
FFSERVER=on: Build and install ffserver
FREETYPE=on: TrueType font rendering support
FREI0R=on: Frei0r video plugins support
GSM=on: GSM codec support
LAME=on: LAME MP3 encoder support
OPENCV=on: OpenCV support
OPENJPEG=on: Enhanced JPEG graphics support
OPTIMIZED_CFLAGS=off: Use extra compiler optimizations
RTMP=off: RTMP protocol support via librtmp
SCHROEDINGER=off: Dirac support via libschroedinger
SDL=on: Simple Direct Media Layer support
SPEEX=on: Speex audio format support
THEORA=on: Ogg Theora support
VAAPI=on: VAAPI (GPU video acceleration) support
VDPAU=off: VDPAU (GPU video acceleration) support
VORBIS=on: Ogg Vorbis audio codec support
VO_AACENC=off: AAC audio encoding via vo-aacenc
VO_AMRWBENC=off: AMR Wide Band encoding via vo-amrwbenc
VPX=on: VP8 video codec support
X11GRAB=on: Enable x11 grabbing
X264=on: H.264 video codec support via x264
XVID=on: Xvid MPEG-4 video codec support
===> Use 'make config' to modify these settings

O comando make install realiza a instalação do pacote.

Sempre antes de realizar a captura da tela deve-se checar as configurações do mixer caso deseje-se também o audio na gravação. Pode-se utilizar o comando mixer para isso. Como exemplo, esses são os parâmetros de um sistema onde a gravação com áudio está funcionando:

[ota@squitch ~]$ mixer
Mixer vol      is currently set to 100:100
Mixer pcm      is currently set to 100:100
Mixer speaker  is currently set to 100:100
Mixer mic      is currently set to  90:90
Mixer cd       is currently set to  75:75
Mixer mix      is currently set to  90:90
Mixer rec      is currently set to  90:90
Mixer igain    is currently set to  75:75
Recording source: mic

Um outro pacote que deve ser instalado é o x11/xdpyinfo, pois ele é que será utilizado para retornar o tamanho da área de trabalho.

Por fim, aqui está o script que deve ser salvo em um arquivo e depois adicionado a permissão de execução para o mesmo (chmod ugo+x nome_do_arquivo).

#!/bin/sh
if [ -f /var/tmp/$USER.gravatela.pid ]; then
    kill -TERM `cat /var/tmp/$USER.gravatela.pid`;
    rm -rf cat /var/tmp/$USER.gravatela.pid
else
    /usr/local/bin/ffmpeg -y -f oss -async 441 -ar 44100 -i /dev/dsp  -f x11grab -s `/usr/local/bin/xdpyinfo | /usr/bin/grep 'dimensions:'| /usr/bin/awk '{print $2}'` -r 40 -i :0.0 -qscale 0 /home/$USER/Desktop/Video.avi &
echo $! > /var/tmp/$USER.gravatela.pid
fi

O funcionamento do script é simples. Ele, a primeira vez que é executado, inicia a captura da área de trabalho e salva em um arquivo na pasta Desktop do usuário. Se executado novamente ele termina o processo de captura. Este script pode ser acionado por um atalho de teclas do Gnome, basta para isso que, no Gnome 2, o usuário vá em Sistema->Preferência->Atalhos de Teclado e adicione um atalho personalizado para o script.

Ps.: Obrigado ao usuário Carlos Eduardo G. Carvalho (Cartola) da lista FUG-BR por ter adicionado ao comando para capturar a tela os parâmetros para capturar o áudio também.

Este pequeno roteiro eu realizei utilizando o adaptador Bluetooth bem Xing-Ling da imagem abaixo.

O primeiro passo é verificar se os drivers necessários estão presentes no kernel. O meu sistema é este aqui:

FreeBSD squitch 8.3-RELEASE-p4 FreeBSD 8.3-RELEASE-p4 #22: Mon Sep 24 17:16:29 BRT 2012     ota@squitch:/usr/obj/usr/src/sys/SQUITCH  i386

Nele, apenas ao plugar o adaptador na entrada USB os seguintes drivers são carregados automaticamente:

ng_ubt.ko
ng_hci.ko
ng_bluetooth.ko
ng_l2cap.ko
ng_btsocket.ko
ng_socket.ko

Verifique no seu sistema se os drivers aparecem ao plugar o adaptador USB. Você pode fazer isso utilizando o comando kldstat. Ex:

[ota@squitch ota]$ kldstat


Se não for o caso do seu sistema, você pode carregar os módulos utilizando o comando kldload <nome do módulo>.  Por exemplo:

squitch# kldload ng_ubt

Caso deseje você pode também adicionar a seguinte linha

ng_ubt_load="YES"

no arquivo

/boot/loader.conf

e os seguintes drivers serão carregados no momento do boot:

ng_ubt.ko
ng_hci.ko
ng_bluetooth.ko

e os seguintes (na minha máquina) quando plugo o adaptador bluetooth:

ng_l2cap.ko
ng_btsocket.ko
ng_socket.ko

Verifique na sua máquina se os drivers estão sendo carregados. Você obviamente pode fazer uma comparação com os drivers que listei aqui. Caso esteja tendo problemas você pode dar uma olhada no handbook sobre o assunto. Note também que outros dispositivos necessitam de outros drivers como, por exemplo, os que usam o chip Broadcom BCM2033. Neste caso o handbook cobre com mais detalhes.

Após checar os drivers, ao plugar o seu dispositivo você deve ver no terminal do sistema (ou em algum terminal gráfico se digitar dmesg) algo semelhante a isso:

ugen1.2: <vendor 0x0a12> at usbus1
ubt0: <vendor 0x0a12 product 0x0001, class 224/1, rev 2.00/19.15, addr 2> on usbus1
WARNING: attempt to domain_add(bluetooth) after domainfinalize()
WARNING: attempt to domain_add(netgraph) after domainfinalize()

A mensagem contendo ubt0 é especialmente animadora, pois indica que o driver bluetooth reconheceu o seu dispositivo.

Descubra então os dispositivos bluetooth nas proximidades com o comando hccontrol:

[ota@squitch ota]$ hccontrol -n ubt0hci inquiry
Inquiry result, num_responses=1
Inquiry result #0
BD_ADDR: 94:51:03:ed:dd:f6
Page Scan Rep. Mode: 0x1
Page Scan Period Mode: 0x2
Page Scan Mode: 00
Class: 5a:02:0c
Clock offset: 0x67ec
Inquiry complete. Status: No error [00]

Note que alguns dispositivos podem estar configurados para não aparecer quando uma busca é feita. Então, verifique se o seu Android está com a configuração “Detectável” habilitada.

O meu sistema responde com a seguinte para o meu celular:

[ota@squitch ota]$ hccontrol -n ubt0hci inquiry
Inquiry result, num_responses=1
Inquiry result #0
    BD_ADDR: 94:51:03:ed:dd:f6
    Page Scan Rep. Mode: 0x1
    Page Scan Period Mode: 0x2
    Page Scan Mode: 00
    Class: 5a:02:0c
    Clock offset: 0x4106
Inquiry complete. Status: No error [00]

De posse do BD_ADDR você deve criar uma entrada no arquivo /etc/bluetooth/hcsecd.conf para que o dispositivo Android consiga parear com o computador. A entrada no meu caso tem:

device {
        bdaddr 94:51:03:ed:dd:f6;
        name    "GT-S5300B";
        pin     "3295";
}

Onde bdaddr foi obtido na busca de dispositivos, name é um nome dado por você, e pin é o pin que você deverá digitar no Android no momento do pareamento.

Agora como root rode os daemons que vão responder a comunicação bluetooth:

squitch# /etc/rc.d/hcsecd onestart ubt0
Starting hcsecd.
squitch# /etc/rc.d/sdpd onestart
Starting sdpd.
squitch#

Vamos então acessar o servidor de arquivos do dispositivo Android. Instale o port comms/obexapp e então execute (modificando o endereço para o seu caso, óbvio):

[ota@squitch ota]$ obexapp -a 94:51:03:ed:dd:f6 -C FTRN

Uma tela solicitando o pin deve ter sido aberta no dispositivo Android. Digite o pin do campo pin da entrada device do arquivo /etc/bluetooth/hcsecd.conf correspondente ao seu dispositivo.

Pronto, agora é só aceitar o pedido para transferência de arquivos do computador e um terminal será aberto. Você pode digitar help para abrir a ajuda dos comandos. Por exemplo:

obex> help
CApability, CD, DElete, DIsconnect, Empty, GET, GETDefault, Ls, Mkdir, Put?
obex> Ls
Access    Owner    Group    Size       Modified         Name
          n/a      n/a      n/a        n/a              LOST.DIR/
          n/a      n/a      n/a        n/a              external_sd/
          n/a      n/a      n/a        n/a              DCIM/
          n/a      n/a      n/a        n/a              Android/
          n/a      n/a      n/a        n/a              Notifications/
          n/a      n/a      n/a        n/a              samsungapps/
          n/a      n/a      n/a        n/a              Mercury/
          n/a      n/a      n/a        n/a              media/
          n/a      n/a      n/a        n/a              bluetooth/
          n/a      n/a      n/a        n/a              .polarisViewer/
          n/a      n/a      n/a        n/a              Sounds/
          n/a      n/a      n/a        n/a              burstlyImageCache/
          n/a      n/a      n/a        n/a              Ringtones/
          n/a      n/a      n/a        n/a              social_cache/
          n/a      n/a      n/a        n/a              Pictures/
          n/a      n/a      n/a        n/a              WhatsApp/
          n/a      n/a      n/a        n/a              .temp/
Success, response: OK, Success (0x20)
obex>

Lista os arquivos e diretórios do aparelho. Sendo que existe um porém. Por default os arquivos não aparecem na listagem. Por exemplo:

obex> cd DCIM
Success, response: OK, Success (0x20)
obex> ls
Access    Owner    Group    Size       Modified         Name
                                                        ..
          n/a      n/a      n/a        n/a              Camera/
          n/a      n/a      n/a        n/a              .thumbnails/
Success, response: OK, Success (0x20)
obex> cd Camera
Success, response: OK, Success (0x20)
obex> ls
Access    Owner    Group    Size       Modified         Name
                                                        ..
Success, response: OK, Success (0x20)
obex>

Não mostra nenhum arquivo embora eles estejam lá. Para que você possa visualizá-los você deve ir no aplicativo do Android “Meus arquivos“, ir até a pasta, tocar no botão à esquerda do botão central do celular, clicar na combo “Mais” e escolher “Visibilidade do Bluetooth“. Então é só marcar os arquivos que você quer que apareçam na listagem e depois em “Conc.“. A listagem agora exibe:

obex> ls
Access    Owner    Group    Size       Modified         Name
                                                        ..
  R       n/a      n/a      238658     n/a              2012-09-27 22.55.16.jpg
Success, response: OK, Success (0x20)
obex>

Para baixar o arquivo é só rodar (para o arquivo do exemplo):

obex> GET 2012-09-27\ 22.55.16.jpg
238658 bytes streamed in 3 seconds (79552 bytes/sec)
Success, response: OK, Success (0x20)
obex>

Caso deseje ter um terminal no dispositivo Android execute o comando (novamente substituído o endereço, óbvio):

squitch# rfcomm_sppd -a 94:51:03:ed:dd:f6 -c 1 -t /dev/ttyp1

Aceite o pedido de conexão no Android. Abra um outro terminal e execute

squitch# chgrp users /dev/ttyp1

Em seguida (como usuário comum mesmo) execute um terminal no dispositivo criado:

[ota@squitch ota]$ cu -l ttyp1

Pronto, você pode agora digitar comandos AT. Se tiver a lista de comandos AT que o Galaxy suporta por favor me envie para eu disponibilizar aqui.

Para enviar arquivos do Android para o FreeBSD diretamente pelos comandos Bluetooth do Android sem precisar conectar via terminal você deve rodar um servidor no FreeBSD na pasta que você quer que receba os arquivos. Ex:

[ota@squitch ota]$ cd Downloads/
[ota@squitch Downloads]$ obexapp -s
[ota@squitch Downloads]$

E enviar os arquivos pelo Bluetooth do Android. Os arquivos deverão aparecer na pasta onde você rodou o servidor.

Muito mais detalhes você pode encontrar em: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-bluetooth.html.

Se esta página foi útil para você, por favor, deixe um comentário.