Contributed by ben on from the shiny-new-toys dept.
The OpenBSD team is proud to announce the release of OpenBSD 4.0. See the full announcement for more information. For a list of the shiny new toys, and release highlights read on..
- New/extended platforms:
- OpenBSD/armish.
- Various ARM-based appliances, using the Redboot boot loader, currently only supporting the Thecus N2100 and IOData HDL-G.
- OpenBSD/sparc64.
- UltraSPARC III based machines are now supported!
- OpenBSD/zaurus.
- Support for the Zaurus SL-C3200.
- OpenBSD/armish.
- Improved hardware support, including:
- New msk(4) driver for Marvell/SysKonnect Yukon-2 Gigabit Ethernet.
- New bnx(4) driver for Broadcom NetXtreme II Gigabit Ethernet.
- New xge(4) driver for Neterion Xframe/Xframe II 10Gb Ethernet.
- New rum(4) driver for Ralink Technology 2nd gen USB IEEE 802.11a/b/g wireless.
- New acx(4) driver for Texas Instruments ACX100/ACX111 IEEE 802.11a/b/g wireless.
- New pgt(4) driver for Connexant/Intersil Prism GT Full-MAC IEEE 802.11a/b/g wireless.
- New uath(4) driver for Atheros USB IEEE 802.11a/b/g wireless.
- New binary blob free wpi(4) driver for Intel PRO/Wireless 3945ABG IEEE 802.11a/b/g wireless.
- New arc(4) driver for Areca Technology Corporation SATA RAID; including RAID management via bio(4).
- New mfi(4) driver for LSI Logic & Dell MegaRAID SAS RAID; including RAID management via bio(4).
- New azalia(4) driver for generic High Definition Audio.
- New SD/MMC/SDIO drivers (sdhc(4), sdmmc(4)), currently supporting SD memory cards as fake SCSI sd(4) drives.
- New udcf(4) driver for Gude ADS Expert mouseCLOCK DCF77/HBG time signal station receivers.
- New uslcom(4) driver for Silicon Laboratories CP2101/CP2102 based USB serial adapters.
- New ucycom(4) driver for Cypress microcontroller based USB serial adapters.
- New uark(4) driver for Arkmicro Technologies ARK3116 based USB serial adapters.
- New umsm(4) driver for Qualcomm MSM EVDO based modems.
- New Dallas/Maxim 1-Wire bus support, including:
- New gpioow(4) driver for 1-Wire bus bit-banging through GPIO pin
- New onewire(4) 1-Wire bus driver
- New owid(4) 1-Wire ID family driver
- New owtemp(4) 1-Wire temperature family driver
- New isagpio(4) driver for ISA I/O mapped as GPIO.
- New nmea(4) line discipline for NMEA 0183 (GPS) devices. The new nmeaattach(8) utility can be used to receive NMEA 0183 data and provide the time received as a timedelta sensor to be used by, for example, ntpd(8).
- New VAX framebuffer drivers:
- New lcg(4) driver for VAXstation 4000/60 and VLC color frame buffers
- New lcspx(4) driver for Low-Cost SPX color frame buffers
- New gpx(4) driver for GPX color frame buffers
- smg(4) driver for Small Monochrome Graphics frame buffers heavily updated to be a modern wscons(4) driver
- Support for VAX-based Digital VXT2000 and VXT2000+ terminals.
- The bge(4) driver supporting newer chipsets, such as the Broadcom BCM5754, BCM5755, BCM5786, and BCM5787.
- The em(4) driver supporting newer chipsets, such as the Intel ESB2 and ICH8.
- The nfe(4) driver supporting newer chipsets, such as the NVIDIA MCP61 and MCP65.
- The re(4) driver supporting newer chipsets, such as the Realtek RT8101E, RT8168, and RT8169SC.
- The dc(4) driver supporting newer chipsets, such as the ADMtek ADM9511 and ADM9513.
- The pciide(4) driver supporting newer chipsets, such as:
- ATI IXP300 SATA, IXP600 IDE
- Intel 6321ESB IDE/SATA, 82801G SATA, and 82801H SATA
- IT Express IT8211F IDE
- NVIDIA MCP61 SATA, MCP65 SATA
- Promise PDC205xx SATA
- ServerWorks SATA
- VIA VT8237A SATA
- The mpt(4) driver has been replaced with mpi(4), a more stable driver that supports more hardware.
- The com(4) driver now supports pcmcia and cardbus cards on macppc.
- Working interrupt routing on Sun Netra t1 105, Ultra 60 and possibly other sparc64 systems.
- Work around broken VIA and NVIDIA MPBIOSes, fixes interrupt routing with GENERIC.MP on several systems.
- Initial bio(4) support for Compaq/HP ciss(4) Smart ARRAY 5/6 SAS/SCSI RAID controllers.
- Improved speed control on some systems:
- New SpeedStep detection code, also adds support for VIA C7-M, and several newer Pentium M’s.
- Support SpeedStep in rudimentary fashion on most unknown CPU’s that advertise the feature.
- Zaurus can be moved into slower speeds now too.
- The Pentium 4 Thermal Clock Control driver now supports more CPU’s including the Intel Pentium M and Xeon, and provides an estimated performance impact.
- Numerous improvements to PowerNow K7 and K8 support on i386, and support for K8 was added to amd64.
- Support for Intel 945G/GM video chipsets (on i386).
- Support for additional I2C sensors:
- The adt(4) driver now supports the National Semiconductor LM9600, SMSC EMC6D10x and SMSC SCH5017 chips.
- The admtemp(4) driver now supports the Analog Devices ADM1023, Genesys Logic GL523SM and Global Mixed-mode Technology G781 chips.
- New tools:
- GNU RCS has been replaced with OpenRCS.
- New functionality:
- IPsec has been greatly improved:
- ipsecctl(8) has been greatly extended and completely supersedes ipsecadm(8):
- Lots of documentation improvements (man ipsec.conf)
- IPv6 support
- AH support
- Transport mode support
- Dynamic IKE support for roaming users
- USER_FQDN id support
- sasyncd(8) works much better:
- communicates with isakmpd(8), telling it to run active or passive depending on the master/slave state of the carp(4) interfaces. This makes IPsec failover setups much more robust.
- looks at the carp(4) interface group by default to suppress preemption of IPsec traffic during system boot.
- isakmpd(8) can now be safely configured by ipsecctl(8) on startup.
- ipsecctl(8) has been greatly extended and completely supersedes ipsecadm(8):
- ftp(1) now supports HTTPS.
- cdio(1) can now perform track-at-once burning and rewritable blanking.
- spppcontrol(8) and wicontrol(8) functionality has been merged into ifconfig(8).
- gcc(1) provides a new warning, -Wstack-larger-than-N, to report functions which are too greedy in stack variables, see gcc-local(1) for details.
- An in-kernel getcwd(3) implementation.
- A new system call adjfreq(2) to allow ntpd(8) to adjust the tick rate of the system clock automatically.
- Support for X11 on VAX has been added
- Virtual Allocation Table (VAT) support for UDF.
- C99 functions round(3), roundf(
- IPsec has been greatly improved:
(Comments are closed)
By Anonymous Coward (64.142.92.182) on
By Anonymous Coward (72.193.216.83) on
THANKS to ALL!!!
By Anonymous Coward (69.70.178.201) on
Prove it. Over, and over, and over again. OpenBSD for all!
By Anonymous Coward (203.35.163.50) on
By Anonymous Coward (62.252.32.12) on
integer overflow with safer constructs."
Could someone tell me which safer constructs those are, or which manpage I can find those in?
Comments
By Anonymous Coward (76.3.196.122) on
By Anonymous Coward (68.167.146.78) on
Comments
By Anonymous Coward (66.225.135.194) on
My post on misc@ last week...
(It's been running over a week, whitelist is to 3800, spam's through to the McAfee Webshield are down to 6.02% from 200%, all because of OpenBSD. This is on about 72,000 LEGITIMATE incoming emails for approximately 450 mailboxes.)
Hi,
Just had some interesting stats I thought I'd share for the archive.
Originally, we only had a Mcafee Webshield protecting our MS Exchange Server. We were receiving approximately 2x as much spam as we email. If we received 10,000 emails, our Webshield would have trapped over 20,000 spam's. It is actually quite a good appliance.
Yesterday, to protect our system from a virus that the webshield was not catching, I implemented greylisting on an OpenBSD box in front of the webshield. I have been running greylisting at home for several years now, & know it's effective, but never had concrete numbers to measure against.
Overnight, our spamd protected webshield only received (caught) 191 spam emails, and processed approximately 4200 legitimate emails. Satistically, that should have been around 9000 spams processed in that timeframe. During that period, my server's whitelist has grown to over 700 email servers.
The good thing is that these emails have been blocked without receiving the body, so our bandwidth usage will be reduced.
Pretty impressive figures!
Cheers,
Steve Williams
Comments
By Luis (66.159.200.194) on
Yeah, isn't it great! I've set up an obsd box for a client to use spamd and configured sendmail to use Spamcop's blocklist. Spam? What spam? This simple layered approach literally squashed their spam issue. I even managed to convince them to buy a cd for my troubles. So yeah, its worth it (purchasing a cd) and then some.
By jtorin (213.185.19.190) on
By Anonymous Coward (195.29.157.74) on
Great work !!
By Anonymous Coward (220.239.57.51) on
So here goes! :)
By Anonymous Coward (220.245.179.130) on http://freeweb.ozi.nu/~torrent/
Comments
By Igor Sobrado (81.37.167.54) on
Not a very good contribution to the OpenBSD project, though...
Please, buy the OS media from the OpenBSD team instead! OpenBSD is one of the few projects in computing I heartly believe we *must* support. They are doing an excellent and very hard work on each release, -as the other BSD projects, of course-, and we need to support it. We really must support OpenBSD.
I started using OpenBSD some years ago making my own ISO images from the distribution files available on the project mirrors and, sometimes, setting up local FTP servers. About a year ago, one of the developers of this excellent operating system sent me a copy of the OS media for free (thanks!) and, since then, I am buying items to support OpenBSD from an european authorized dealer (KD85). Last september, I preordered OpenBSD 4.0, and the books "Building Firewalls with OpenBSD and PF", "Secure Architectures with OpenBSD" and "Absolute OpenBSD" from this company.
Even if there are other ways to put our hands on the operating system (e.g., for me it is easier to copy the installation tarballs downloaded from a mirror to a bootable CF card on my Soekris net4801 before making an upgrade on that network appliance) I certainly prefer supporting this project.
Please, support this project!
Comments
By Anonymous Coward (68.167.146.78) on
>
> Not a very good contribution to the OpenBSD project, though...
>
> Please, buy the OS media from the OpenBSD team instead! OpenBSD is one of the few projects in computing I heartly believe we *must* support. They are doing an excellent and very hard work on each release, -as the other BSD projects, of course-, and we need to support it. We really must support OpenBSD.
>
I have to agree. Yesterday, I downloaded OpenBSD 4.0 and made my own ISO image to see if it works for me. Well, it does. I have just put in my order for the CD set.
The team is doing a kick-ass job and has now for just over eleven years.
By Andrew B (167.127.24.25) on
I bought the 3.9 media and whilst I love the OS I was disappointed at the restricted selected of packages, even for i386 -- for those of us without on-demand Internet access this seriously restricts the utility of the media, and one can forget about ports; without an Internet connection one has to resort to compiling by hand. Until the team provide a DVD distribution that contains all the packages and architectures hosted on the the FTP site I can't justify spending a full day's earnings on the media. So I'll be sitting on 3.9 for a while...
Comments
By Igor Sobrado (156.35.192.3) on
>
> I bought the 3.9 media and whilst I love the OS I was disappointed at the restricted selected of packages, even for i386 -- for those of us without on-demand Internet access this seriously restricts the utility of the media, and one can forget about ports; without an Internet connection one has to resort to compiling by hand. Until the team provide a DVD distribution that contains all the packages and architectures hosted on the the FTP site I can't justify spending a full day's earnings on the media. So I'll be sitting on 3.9 for a while...
I am certainly against distributing OpenBSD on DVD on some platforms (e.g., i386) as it will seriously limit the number of systems supported by the official distribution. Not all i386 computers have DVD drives. However, it can be an option for amd64 and other state-of-the-art platforms.
Comments
By Anonymous Coward (68.167.146.78) on
You're right; not all i386 computers have DVD drives. For that matter, neither do all PPC or SPARC boxes (my PMac G3 B&W and Sun Ultra 5, for example). However, just about every new x86 PC that has come out over the last four years has come with at least a combo CD-RW/DVD-ROM drive. This is why you see a lot of the GNU/Linux distros, including even Slackware now, available on both media.
Comments
By Igor Sobrado (81.37.167.54) on
Indeed, I have a copy of OpenBSD 3.9 here. I see that the second CD on the distribution is labeled "macppc*, amd64*, track 2 is audio track". Selling a DVD for amd64 means that PPC version will not run on older machines.
One of the features I appreciate on OpenBSD is that, as happens with FreeBSD and NetBSD, it does not have large hardware requirements. Being able to boot from a CD-ROM or from a network is certainly good. Restricting OpenBSD to machines developed in the last four years is something that I believe (and really hope!) is unaceptable for the goals of the project.
Just my opinion, but I think that your suggestion of selling both media is an excellent one. Perhaps selling two distributions (one in CD-ROM and one in DVD) should be considered by the OpenBSD developers in the future. However, don't know how expensive will be maintaining two sets of disks. Money is more important for other areas of the project (buying hardware, paying for network connection, hackatlons...)
On the other hand, there are a lot of updates on the anonymous FTP server and its mirrors. When I installed OpenBSD on my desktop computer (Pentium, 166 MHz) some time ago, I installed X.Org, OpenMotif and Mozilla firefox (all in the distribution media). After a month or so I found that the FTP servers had updated releases of firefox! I wrongly supposed that packages were updated only each six months, in synchronization with the new operating systems releases.
In short, I see software packages in the CD-ROM as a bonus, but not required at all. The real depots for packages are the anonymous FTP servers.
By xuxu (213.30.114.4) superbofh@gmail.com on http://www.eatis.org
Comments
By Matthias Kilian (84.134.30.138) on
-v, please
"some problems" isn't very helpful.
By Obelix (88.82.33.250) obelix@gaulois.net on
Comments
By ozamosi (85.8.9.80) on
I've been considering whether I should buy the CD or not. I don't use OBSD as my primary OS, and it doesn't even install on my primary computer. It is a project I want to support, but at 50 euros, the CD's quite expensive.
That pic, however, was all I needed. I'm buying the CD as I'm typing this.
Comments
By Janne Johansson (82.182.176.20) jj@inet6.se on
>
> I've been considering whether I should buy the CD or not. I don't use OBSD as my primary OS, and it doesn't even install on my primary computer. It is a project I want to support, but at 50 euros, the CD's quite expensive.
Then donate. Or get together with some friends and buy one.
Or even hold a fund-raiser and donate the results!
By Anonymous Coward (69.207.171.114) on
By ahafey (82.69.184.245) on
You've just gained another four OpenBSD supporters!