Tag: freebsd
-
Slow iSCSI performance on ZFS Volumes (zvol)
TL;DR: For reasons, don’t use ZVOLs for iSCSI volumes. Instead, just use a generic file. I’ve been reorganizing my lab a bit to consolidate some storage and wanted to experiment with iSCSI. I thought “wow, what a great use-case for ZFS ZVOLS…”. If you recall, ZFS has the ability to create block devices called ZVOLs.…
-
Adding WiFi Card to Alix apu Running pfSense
I always thought it would be neat to manage my home WiFi from the same interface as the rest of my network. After eyeing the hardware for a long time and doing some research every couple months or so, I finally made the leap and purchased the necessary hardware. As I’m using an Alix apu2c2,…
-
Bhyve pfSense 2.4 no console menu
I ran into an annoying issue today while trying to install pfsense 2.4.2 in a bhyve VM using the ISO installer. Everything went swimmingly until post-install when pfsense finished startup and never provided the expected pfSense console. All it would show is bootup complete. I went through and confirmed /etc/ttys was configured properly and added…
-
A security event pipeline using Bro, Kafka, and FreeBSD Jails
With the help of the Bro Kafka plug-in, we’ll configure Bro to stream JSON-formatted logs through Kafka and use python to subscribe and print events from the stream. This tutorial uses FreeBSD 11.1-RELEASE. But can easily be adapted to Linux installations. How do you monitor events from multiple Bro sensors throughout a network? Do you…
-
Bro on FreeBSD Using Netmap
NETMAP is a framework for very fast packet I/O from userspace with support for FreeBSD, Linux, and even Windows. Here, we’ll show how to set Bro up to use it. Bro provides support for monitoring interfaces using netmap. However, as of FreeBSD 11.1 (bro-2.5.1) the binary package doesn’t ship with the needed netmap plugin. Furthermore,…
-
Install Bro on pfSense
I’ve been working with Bro a lot lately and thought it’d be worth trying to get Bro running on pfSense. In an ideal situation, you wouldn’t normally run an IDS on your firewall, but for low bandwidth installations or the budget constrained, it’ll work fine. 1. You’ll need to enable ssh access to your pfSense…