-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Sun, May 08, 2022 at 08:01:08PM -0700, J Holsapple wrote:
> I have pfSense (BSD) installed, and working fine for over 6 mos now, as my
> network IDPS on the external interface. Went OCD and created a complete
> installation guide and integration script.
> It's a bit long and detailed but it works like a charm:
>
https://github.com/jcholsap/freemod/issues/1#issue-1016495279
I managed to get an OpenBSD template sort of working a while back. I
was able to get networking and storage to work, and X11 worked via
emulated VGA, but I ultimately gave up because of some clashes on the
OpenBSD mailing lists. A proper integration would require substantial
additions to the OpenBSD kernel:
- - nullfs (BSD version of bind mounts) for /home and /usr/local. The
workaround (a loopback NFS mount) is not something I would be okay
with for production use.
- - Hardened xnf(4) (netfront) and xbf(4) (blkfront) drivers. The current
drivers are not safe in the presence of malicious backends.
- - Userspace access to Xen event channels and grant tables, so that
libvchan and gui-agent can work.
Additionally, a Xen-aware bootloader would be needed if booting other
than in HVM mode is desired.
- --
Sincerely,
Demi Marie Obenour (she/her/hers)
Invisible Things Lab
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEdodNnxM2uiJZBxxxsoi1X/+cIsEFAmKD3PIACgkQsoi1X/+c
IsFFlA/+P76WfNwmIKDoTdoP3J9SQ1e5PQ+fMDF+phjeQmli4AB3MErGMUn0LcOX
kTT+8E0o/+OiUmEjKpPTlxhVWsXqDDwsbqqiipSg9mZBygWzoECXMP6g6Rd3I38F
WQV0Hpm2W0ha7a/oqPdlE5Kklnk76VTAdr6DhIlXvcAc31hEZklUdfUifRNAMmpQ
prKiNdwYBcC+k+PUMwITgzvwP2CgiUc+Hf8wDt7Hj+CjVoi9uVkg0lv4KSRQI9Dj
w3Dxvt6S59P86fPqfce7DwBnGM+hBHem/brkV+mrH+ZTmhSZLxW4DyT28x7/65JM
hgggZxiZ9Z6pfiavZ1CKQaArX+Yc7WzUpigLEZnv6dMZHysbEf44v4uD3T1tz77k
EPv4qtyEXGyKQplmuLWo+eoK8eJxDCHBly2fKef3QEtji+F9HWLs66oVpWyaT6r0
IP5k8ew+oWTcLhgvu0mSKwztJWFaWzw4vmKD0X2vikGybXlKmICffD14OOPuVpL4
gCbh/aU615glPMn+u1vhIYjGrbFZLi8/wCQCfI1rp4rX/ElzoVpA7SvCmc5Cy5b2
oE+ylbLkxe5opfkkJICpCUNRbWDe0Do+54aKdJCQn4pl6qhAGMwI3nYPQ0jbM30y
/0lOYqwqYTlwiZFASIxATZYftUZMzddeNmFoV4fSUN14FCQ8tIU=
=gLNM
-----END PGP SIGNATURE-----