FreeBSD is a free Unix-like operating system descended from AT&T UNIX via the Berkeley Software Distribution (BSD). It has been characterized as "the unknown giant among free operating systems". It is not a clone of UNIX, but works like UNIX, with UNIX-compliant internals and system APIs. FreeBSD is generally regarded as reliable and robust.
FreeBSD is a complete operating system. The kernel, device drivers and all of the userland utilities, such as the shell, are held in the same source code revision tracking tree, whereas with Linux distributions, the kernel, userland utilities and applications are developed separately, then packaged together in various ways by others.
Third-party application software may be installed using various software installation systems, the two most common being source installation and package installation, both of which use the FreeBSD Ports system.
History
FreeBSD's development began in 1993 with a quickly growing, unofficial patchkit maintained by users of the 386BSD operating system. This patchkit forked from 386BSD and grew into an operating system taken from U.C. Berkeley's 4.3BSD-Lite (Net/2) tape with many 386BSD components and code from the Free Software Foundation. After two public beta releases via FTP (1.0-GAMMA on September 2, 1993, and 1.0-EPSILON on October 3, 1993), the first official release was FreeBSD 1.0, available via FTP on November 1st, 1993 and on CDROM on December 30, 1993. This official release was coordinated by Jordan Hubbard, Nate Williams and Rodney W. Grimes with a name thought up by David Greenman. Walnut Creek CDROM agreed to distribute FreeBSD on CD and gave the project a machine to work on along with a fast Internet connection, which Hubbard later said helped stir FreeBSD's rapid growth. A "highly successful" FreeBSD 1.1 release followed in May 1994.
However, there were legal concerns about the BSD Net/2 release source code used in 386BSD. After a lawsuit between UNIX copyright owner at the time Unix System Laboratories and the University of California, Berkeley, the FreeBSD project re-engineered most of the system using the 4.4BSD-Lite release from Berkeley, which, owing to this lawsuit, had none of the AT&T source code earlier BSD versions had depended upon, making it an unbootable operating system. Following much work, the outcome was released as FreeBSD 2.0 in January 1995.
FreeBSD 2.0 featured a revamp of the original Carnegie Mellon University Mach virtual memory system, which was optimized for performance under high loads. This release also introduced the FreeBSD Ports system, which made downloading, building and installing third party software very easy. By 1996 FreeBSD had become popular among commercial and ISP users, powering extremely successful sites like Walnut Creek CD-ROM (a huge repository of software that broke several throughput records on the Internet), Yahoo! and Hotmail. The last release along the 2-STABLE branch was 2.2.8 in November 1998. FreeBSD 3.0 brought many more changes, including the switch to the ELF binary format. Support for SMP systems and the 64 bit Alpha platform were also added. The 3-STABLE branch ended with 3.5.1 in June 2000.
Features
Networking
FreeBSD's TCP/IP stack is based on the 4.2BSD implementation of TCP/IP which greatly contributed to the widespread adoption of these protocols. FreeBSD also supports IPv6, SCTP, IPSec, IPX, AppleTalk and wireless networking.
Storage
FreeBSD has several unique features related to storage. Soft updates maintain filesystem integrity in the event of a system crash. The GEOM framework provides features such as RAID (levels 0, 1, 3 currently), full disk encryption, and concatenation of drives. Filesystem snapshots allow an image of a filesystem at an instant in time to be efficiently created. Snapshots allow reliable backup of a live filesystem. FreeBSD also provides the ZFS filesystem as an alternative to the normal UFS2 file system.
Security
FreeBSD provides several security-related features including access control lists (ACLs), security event auditing, extended file system attributes, fine-grained capabilities and mandatory access controls (MAC). These security enhancements were developed by the TrustedBSD project. The project was founded by Robert Watson with the goal of implementing concepts from the Common Criteria for Information Technology Security Evaluation and the Orange Book. This project is ongoing and many of its extensions have been integrated into FreeBSD.
The project has also ported the NSA's FLASK/TE implementation from SELinux to FreeBSD. Other work includes the development of OpenBSM, an open source implementation of Sun's Basic Security Module (BSM) API and audit log file format, which supports an extensive security audit system. This was shipped as part of FreeBSD 6.2. Other infrastructure work in FreeBSD performed as part of the TrustedBSD Project has included SYN cookies, GEOM and OpenPAM.
While most components of the TrustedBSD project are eventually folded into the main sources for FreeBSD, many features, once fully matured, find their way into other operating systems. For example, OpenPAM and UFS2 have been adopted by NetBSD. Moreover, the TrustedBSD MAC Framework has been adopted by Apple for Mac OS X.
Much of this work was sponsored by DARPA.
Portability
FreeBSD has been ported to a variety of processor architectures. The FreeBSD project organizes architectures into tiers that characterize the level of support provided. Tier 1 architectures are mature and fully supported. Tier 2 architectures are undergoing major development. Tier 3 architectures are experimental or are no longer under active development (as is the case of DEC Alpha) and tier 4 architectures have no support at all.
FreeBSD has been ported to the following architectures:
Third Party Software
For more details on this topic, see FreeBSD Ports.FreeBSD has a repository of thousands of applications that are developed by third parties outside of the project itself. (Examples include windowing systems, Internet browsers, email programs, office suites, and so forth.) In general, the project itself does not develop this software, only the framework to allow these programs to be installed (termed the Ports Collection ). Applications may be installed either from source, if its licensing terms allow such redistribution (these are called ports ), or as compiled binaries if allowed (these are called packages ). The Ports Collection supports the latest release on the -CURRENT and -STABLE branches. Older releases are not supported and may or may not work correctly with an up-to-date ports collection.
Ports Collection
Each package in the Ports Collection is installed from source. Each port's Makefile automatically fetches the application source code, either from a local disk, CD-ROM or via ftp, unpacks it on the system, applies the patches, and compiles. This method can be very time consuming as compiling large packages can take hours, but the user is able to install a customized program.
Packages system
For most ports, precompiled binary packages also exist. This method is very quick as the whole compilation process is avoided, but the user is not able to install a program with customized compile time options.
Utilities for managing ports and packages
There are many utilities available for managing ports and packages available in GUIs and CLIs. These are some of them:
- barry - A KDE frontend to the ports system
- bpm - A GUI ports collection manager
- kports - A KDE frontend to the ports system
- pib - A GUI Ports Collection management tool
- portbrowser - A GUI frontend for the ports system
Linux compatibility
Most software that runs on Linux can run on FreeBSD without the need for any compatibility layer. FreeBSD nonetheless still provides a compatibility layer for several other Unix-like operating systems, including Linux. Hence, most Linux binaries can be run on FreeBSD, including some commercial applications distributed only in binary form. Examples of applications that can use the Linux compatibility layer are StarOffice, the Linux version of Firefox, Adobe Acrobat, RealPlayer, Oracle, Mathematica, MATLAB, WordPerfect, Skype, Wolfenstein: Enemy Territory, Doom 3 and Quake 4 (though some of these applications also have a native version). No noticeable performance penalty over native FreeBSD programs has been noted when running Linux binaries, and, in some cases, these may even perform more smoothly than on Linux. However, the layer is not altogether seamless, and some Linux binaries are unusable or only partially usable on FreeBSD. This is often because the compatibility layer only supports system calls available in the historical Linux kernel 2.4.2. There is support of Linux 2.6.16 syscalls, enabled by default in 8-CURRENT and available in 7.0+. However, there is currently no support for running 64 Bit Linux binaries.
Development
FreeBSD currently has more than 200 active developers and thousands of contributors.
Governance structure
The FreeBSD Project is run by FreeBSD committers, or
Firewalls
30.1 Introduction. Firewalls make it possible to filter incoming and outgoing traffic that flows through your system. A firewall can use one or more sets of “rules” to inspect ...
FreeBSD Firewall Configuration
FreeBSD Firewall Configuration. FreeBSD makes it very easy to set up a rule-based packet filtering firewall. You can protect just one host, or an entire network.
Firewalls: Re: FreeBSD Firewall Package
Hello Jesse, My company, CYCON Technologies, currently offers a FreeBSD firewall called CYCON Labyrinth. It is a packet filtering firewall that not only provides statefull ...
Firewalls - The FreeBSD Forums
IPFW, PF, IPF (but not limited) related discussion ... New posts: Hot thread with new posts: No new posts: Hot thread with no new posts
FreeBSD Firewall Host Based Firewalls - Layered Tech Support Forums
FreeBSD Firewall Host Based Firewalls BSD Based Operating Systems
FreeBSD firewall module for webmin | Get FreeBSD firewall module for ...
Get FreeBSD firewall module for webmin at SourceForge.net. Fast, secure and free downloads from the largest Open Source applications and software directory
Re: FreeBSD firewall block syn flood attack
To: jeremie le-hen < le-hen_j@epita.fr > Subject: Re: FreeBSD firewall block syn flood attack; From: Mike Silbersack < silby@silby.com > Date: Tue, 20 May 2003 08:45:34 -0500 (CDT)
Firewalls: FreeBSD Firewall Package
Hello Everyone! Sorry to bother you, but we are just putting in a new server at my workplace, and I was wondering if anyone had any suggestions on Free/Commercial 4.4BSD or ...
FreeBSD firewall block syn flood attack
Ryan James wrote: >>Hello, >>I current have a FreeBSD 4.8 bridge firewall that sits between 7 servers and >the internet. The servers are being attacked with syn floods and go ...
FreeBSD Firewall - DirectAdmin Forums
FreeBSD Firewall FreeBSD 4.x ... My server is FreeBSD 4.9 and DirectAdmin is installed too. Just wondering did DirectAdmin secured the system up like firewall?