DOCSLIB.ORG

Bsdcan—The Technical BSD Conference

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Bsdcan—The Technical BSD Conference noyance. To address this, one must express to the user— IBM’s attitude toward open source, eventually convincing clearly and concisely—the nature of the decision to be the company to become involved in many open-source made and its impact. The authors consider the role of on - communities such as the Apache Foundation and Linux line help in aiding the user to make intelligent security de - kernel development. Venema concluded his talk by hu - cisions. morously alluding to the fact that even though his original There are several forms of online help, including docu - motivation in writing Postfix was to provide an alternative mentation, context-sensitive help, assistants, wizards, stag - to the complexity of Sendmail, the number of lines of code n Postfix has now exceeded that in Sendmail. However, he ing, and social navigation. Staging refers to the process of i training the user in steps toward more advanced security now considers the feature set of Postfix to be more or less aims (e.g., training the user on one new security idea per complete. day). Social navigation refers to the practice of showing Recent Improvements to the FreeBSD Ports Monitoring the statistics for each decision for other users on the net - System work; this is controversial because the majority may in fact Mark Linimon choose incorrectly. Several capability matrices show the Summarized by Bill Moran ([email protected]) strengths and weaknesses of each approach but in the end all are less than reliable and offer no substitute for built-in Mark Linimon provided some demonstrations of his ongo - security mechanisms that cannot be overridden. The au - ing work to tame the FreeBSD ports system. The FreeBSD thors indicate a “slight preference” for wizard-based mech - ports system provides a convenient method for building anisms in cases where changes are made infrequently. and installing third-party software on FreeBSD, and it currently includes over 17,000 applications. Mark has done a great deal of work creating a reporting mechanism BSDCan—The Technical BSD Conference that summarizes much of the development of the ports system so that problems can be more easily discovered Ottawa, Canada and addressed. The results of his efforts can be seen at May 18–19, 2007 http://portsmon.freebsd.org/. USENIX is a Gold Level Sponsor of this event. Network Stack Virtualization for FreeBSD 7.0 Open Source Security Lessons Marko Zec Wietse Venema Summarized by Bill Moran ([email protected]) Summarized by Julian C. Dunn ([email protected]) Marko Zec (http://www.tel.fer.hr/zec/) demonstrated his Wietse Venema is perhaps most well-known as the author work virtualizing the FreeBSD network stack. By abstract - of the Postfix mail transport agent, which is arguably just ing the vnet structure an additional layer, Marko was able as popular as Sendmail, the granddaddy of all mail trans - to create completely independent networking environ - port agents. He began his talk with an amusing interlude ments within a single FreeBSD instance, each with its own showing how difficult it is to quantify the popularity of IP information and routing table, thereby providing an ex - Postfix using Google Trends, given that the term “Postfix” cellent opportunity to use FreeBSD as a network research has multiple definitions. platform or to improve FreeBSD’s existing jail system. A Before Postfix, Venema was instrumental in creating live CD is available for download from http://www.tel.fer SATAN (Security Administrator’s Tool for Analyzing Net - .hr/imunes/, and Marko is working to get his improve - works) and, prior to that, the widely deployed TCP Wrap - ments merged into the mainline FreeBSD source tree. pers, which continues to be shipped with many open- Varnish HTTP Accelerator source operating systems. He shared some of the lessons Poul-Henning Kamp learned from his time spent in the open-source security space, not only in terms of the technology but in terms of Summarized by Julian C. Dunn ([email protected]) publicity as well. For example, Venema showed several Poul-Henning Kamp is a FreeBSD kernel developer who media quotations prior to the release of SATAN that has worked on a multitude of both kernel-space and “user - claimed the tool would cause widespread destruction on land” applications ranging from disk encryption to embed - the Internet. Of course, when the tool was released, no ap - ded systems. Lately, he has been working on the Varnish preciable increase or decrease in system compromises was HTTP Accelerator project (http://varnish.projects.linpro recorded, according to the various CERT organizations .no/), which aims to provide inbound HTTP acceleration Venema surveyed. for busy Web sites such as VG (http://vg.no), the Web site for a popular Norwegian newspaper. Venema has had much better media relations around the release of Postfix, claiming that a single New York Times ar - Kamp began by explaining why Squid, the classic HTTP ticle heralding the release of the “IBM Secure Mailer” proj - caching solution, is programmed poorly. He outlined the ect (as Postfix was then known) single-handedly changed methods in which it “fights the kernel” by trying to explic - ;LOGIN: AUGUST 2007 CONFERENCE SUMMARIES 105 itly separate memory and disk storage. He denounced this to significantly improve the speed and bandwidth usage by methodology, saying that because the kernel provides vir - writing a customized compression program called bsdiff tual memory services there is no need for user applications that is aware of byte substitutions. I was also interested to to do this work. Doing so results in excessive system calls, hear Colin describe existing technologies, such as HTTP which lowers performance. In contrast, Varnish simply al - pipelining and DNS SRV records, that are largely unused locates large objects in virtual memory and lets the kernel but could solve many problems plaguing the Internet. manage memory in the optimal way. How Open Source Projects Survive Poisonous People Varnish also maximizes performance in many other ways Brian Fitzpatrick and Ben Collins-Sussman by using careful programming tactics, for example, by Summarized by Bill Moran ([email protected]) avoiding expensive text-processing operations if they can be avoided. In addition, Varnish’s configuration language Being a member of several groups (not all of them open (VCL) is preprocessed and compiled into binary, then dy - source software groups), I decided to attend the lecture by namically loaded for speed. Multiple configurations can be Ben Collins-Sussman and Brian Fitzpatrick on how groups loaded concurrently and an interactive command-line in - can survive poisonous people. Ben and Brian took turns terface (CLI) manager can switch configurations, in addi - covering various aspects of four tenets: comprehension, tion to doing other cache operations such as purging ob - fortification, identification, and disinfection. I found their jects, retrieving cache statistics, and so on. insights enlightening, but the highlight was when they asked the room if anyone knew what “bikeshed” referred Future work on Varnish will see features such as edge side to, only to find that not only did everyone in the room includes and URL rewriting added. Kamp hopes to eventu - know, but the man who popularized the phrase, Poul-Hen - ally see the project moved under the auspices of the ning Kamp, was sitting in the back of the room. Apache Software Foundation, as there would be a natural synergy with the Apache HTTP Daemon. Failover and Load Balancing with pfSense FreeBSD Security Features Scott Ullrich and Chris Buechler Summarized by Chris Buechler ([email protected]) Robert Watson Summarized by Bill Moran ([email protected]) I was one of the presenters for this session and a co- founder of this project. pfSense is a FreeBSD-based firewall Robert Watson (http://www.watson.org/~robert/) gave an distribution using OpenBSD’s pf packet filter, with a Web excellent overview of his ongoing work extending the interface for configuring all aspects of the system. This FreeBSD security model, first providing an overview of presentation focused on the failover and load balancing ACLs (access control lists). ACLs offer an extremely flexi - functionality available in the system. ble method of describing permissions on filesystem ob - jects. Unfortunately, the two leading systems of ACLs, Five main topics were covered: CARP, multi-WAN failover, POSIX and NT, are not compatible. FreeBSD supports policy-based routing and failover, DNS failover, and in - POSIX ACLs, but there is interest in supporting NT ACLs, coming and outgoing load balancing. since NFSv4 uses them. Robert also described the powerful CARP allows for seamless hardware failover, to accommo - security auditing tools introduced in FreeBSD 6.2. These date hardware failure, or firewall maintenance and up - tools are required by Orange Book and other evaluations grades without loss of connectivity. Typical CARP configu - and provide a method for fine-grained monitoring of sys - rations and deployments were discussed. tems. FreeBSD’s audit tools are based on Solaris and Mac OS, but these tools can be extended with the concept of Multi-WAN failover allows the use of multiple Internet audit pipes, which allow the administrator to create multi - connections, and upon failure of a connection, the remain - ple filters of audit events. Finally, Robert covered manda - ing WAN connection(s) can be automatically used to tory access controls (MACs), which supplement discre - maintain connectivity. Common deployment scenarios tionary access controls (such as filesystem permissions). If were illustrated and discussed. you’ve worked with SE Linux, the MAC framework will Policy-based routing and failover enables routing of traffic feel familiar. based on IP protocol, TCP or UDP port, and source or des - tination IP, among other possibilities. Upon failure of the Portsnap preferred routing destination, backup destinations can be Colin Percival utilized.
Load more

Recommended publications
  • Freenas® 11.0 User Guide
    FreeNAS® 11.0 User Guide June 2017 Edition FreeNAS® IS © 2011-2017 iXsystems FreeNAS® AND THE FreeNAS® LOGO ARE REGISTERED TRADEMARKS OF iXsystems FreeBSD® IS A REGISTERED TRADEMARK OF THE FreeBSD Foundation WRITTEN BY USERS OF THE FreeNAS® network-attached STORAGE OPERATING system. VERSION 11.0 CopYRIGHT © 2011-2017 iXsystems (https://www.ixsystems.com/) CONTENTS WELCOME....................................................1 TYPOGRAPHIC Conventions...........................................2 1 INTRODUCTION 3 1.1 NeW FeaturES IN 11.0..........................................3 1.2 HarDWARE Recommendations.....................................4 1.2.1 RAM...............................................5 1.2.2 The OperATING System DeVICE.................................5 1.2.3 StorAGE Disks AND ContrOLLERS.................................6 1.2.4 Network INTERFACES.......................................7 1.3 Getting Started WITH ZFS........................................8 2 INSTALLING AND UpgrADING 9 2.1 Getting FreeNAS® ............................................9 2.2 PrEPARING THE Media.......................................... 10 2.2.1 On FreeBSD OR Linux...................................... 10 2.2.2 On WindoWS.......................................... 11 2.2.3 On OS X............................................. 11 2.3 Performing THE INSTALLATION....................................... 12 2.4 INSTALLATION TROUBLESHOOTING...................................... 18 2.5 UpgrADING................................................ 19 2.5.1 Caveats:............................................
    [Show full text]
  • Introduction of an Advanced Caching Layer Leveraging the Varnish Technology Stack and Integrating It to the Existing Web Platform
    Introduction of an Advanced Caching Layer Leveraging the Varnish Technology Stack and Integrating It to the Existing Web Platform Author: Irina Vasilieva Director: Jaime M. Delgado Merce June 21, 2018 Barcelona School of Informatics Universitat Polit`ecnicade Catalunya Thesis presented for the Bachelor Degree of Computer Science Abstract Web performance nowadays plays a significant role for many leading enterprises and the ones that trying to gain more visibility and users. Multiple studies and research papers in the area show that poor performance have a negative impact on business goals. An endless waiting for slow Web pages to load frus- trates demanding visitors into seeking alternatives and as a result, abandoning a website. Many different solutions and approaches came up recently to solve performance and scalability issues on the web sites. It is no surprise, that companies attempt to retain their users, improve user experience, conversions and SEO rankings to get a profitable revenue. HTTP requests reduction, file compression, in- frastructure, image optimization are some of the web performance optimization techniques, or even a combination of them, enterprises find useful for their web platforms. Varnish, an open source software, was suggested as a proxy caching server to prove that it can drastically improve hit rate and response times on the website. It can deal with performance and scalability at the highest level. In order to demonstrate the caching capability of Varnish a web platform was built based on Adobe Experience Manager with its own out of the box caching tool, named dispatcher. The main focus is to replace dispatcher and compare the web per- formance outcome.
    [Show full text]
  • Why Did We Choose Freebsd?
    Why Did We Choose FreeBSD? Index Why FreeBSD in General? Why FreeBSD Rather than Linux? Why FreeBSD Rather than Windows? Why Did we Choose FreeBSD in General? We are using FreeBSD version 6.1. Here are some more specific features which make it appropriate for use in an ISP environment: Very stable, especially under load as shown by long-term use in large service providers. FreeBSD is a community-supported project which you can be confident is not going to 'go commercial' or start charging any license fees. A single source tree which contains both the kernel and all the rest of the code needed to build a complete base system. Contrast with Linux that has one kernel but hundreds of distributions to choose from, and which may come and go over time. Scalability features as standard: e.g. pwd.db (indexed password database), which give you much better performance and scales well for very large sites. Superior TCP/IP stack that responds well to extremely heavy load. Multiple firewall packages built in to the base system (IPF, IPFW, PF). High-end debugging and tracing tools, including the recently announced port of the Sun Dynamic Tracing tool, DTrace, to FreeBSD. Ability to gather fine-grained statistics on system performance using many included utilities like systat, gstat, iostat, di, swapinfo, disklabel, etc. Items such as software RAID are supported using multiple utilities (ata, ccd. vinum, geom). RAID-1 using GEOM Mirror (see gmirror) supports identical disk sets, or identical disk slieces. Take a look at the most stable web sites according to NetCraft (http://news.netcraft.com/archives/2006/06/06/six_hosting_companies_most_reliable_hoster_in_may.html).
    [Show full text]
  • Truenas® 11.3-U5 User Guide
    TrueNAS® 11.3-U5 User Guide Note: Starting with version 12.0, FreeNAS and TrueNAS are unifying (https://www.ixsystems.com/blog/freenas- truenas-unification/.) into “TrueNAS”. Documentation for TrueNAS 12.0 and later releases has been unified and moved to the TrueNAS Documentation Hub (https://www.truenas.com/docs/). Warning: To avoid the potential for data loss, iXsystems must be contacted before replacing a controller or upgrading to High Availability. Copyright iXsystems 2011-2020 TrueNAS® and the TrueNAS® logo are registered trademarks of iXsystems. CONTENTS Welcome .................................................... 8 Typographic Conventions ................................................ 9 1 Introduction 10 1.1 Contacting iXsystems ............................................... 10 1.2 Path and Name Lengths ............................................. 10 1.3 Using the Web Interface ............................................. 12 1.3.1 Tables and Columns ........................................... 12 1.3.2 Advanced Scheduler ........................................... 12 1.3.3 Schedule Calendar ............................................ 13 1.3.4 Changing TrueNAS® Settings ...................................... 13 1.3.5 Web Interface Troubleshooting ..................................... 14 1.3.6 Help Text ................................................. 14 1.3.7 Humanized Fields ............................................ 14 1.3.8 File Browser ................................................ 14 2 Initial Setup 15 2.1 Hardware
    [Show full text]
  • BSD UNIX Toolbox 1000+ Commands for Freebsd, Openbsd
    76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page iii BSD UNIX® TOOLBOX 1000+ Commands for FreeBSD®, OpenBSD, and NetBSD®Power Users Christopher Negus François Caen 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page ii 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page i BSD UNIX® TOOLBOX 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page ii 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page iii BSD UNIX® TOOLBOX 1000+ Commands for FreeBSD®, OpenBSD, and NetBSD®Power Users Christopher Negus François Caen 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page iv BSD UNIX® Toolbox: 1000+ Commands for FreeBSD®, OpenBSD, and NetBSD® Power Users Published by Wiley Publishing, Inc. 10475 Crosspoint Boulevard Indianapolis, IN 46256 www.wiley.com Copyright © 2008 by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada ISBN: 978-0-470-37603-4 Manufactured in the United States of America 10 9 8 7 6 5 4 3 2 1 Library of Congress Cataloging-in-Publication Data is available from the publisher. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permis- sion should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355, or online at http://www.wiley.com/go/permissions.
    [Show full text]
  • Guide to Open Source Solutions
    White paper ___________________________ Guide to open source solutions “Guide to open source by Smile ” Page 2 PREAMBLE SMILE Smile is a company of engineers specialising in the implementing of open source solutions OM and the integrating of systems relying on open source. Smile is member of APRIL, the C . association for the promotion and defence of free software, Alliance Libre, PLOSS, and PLOSS RA, which are regional cluster associations of free software companies. OSS Smile has 600 throughout the World which makes it the largest company in Europe - specialising in open source. Since approximately 2000, Smile has been actively supervising developments in technology which enables it to discover the most promising open source products, to qualify and assess them so as to offer its clients the most accomplished, robust and sustainable products. SMILE . This approach has led to a range of white papers covering various fields of application: Content management (2004), portals (2005), business intelligence (2006), PHP frameworks (2007), virtualisation (2007), and electronic document management (2008), as well as PGIs/ERPs (2008). Among the works published in 2009, we would also cite “open source VPN’s”, “Firewall open source flow control”, and “Middleware”, within the framework of the WWW “System and Infrastructure” collection. Each of these works presents a selection of best open source solutions for the domain in question, their respective qualities as well as operational feedback. As open source solutions continue to acquire new domains, Smile will be there to help its clients benefit from these in a risk-free way. Smile is present in the European IT landscape as the integration architect of choice to support the largest companies in the adoption of the best open source solutions.
    [Show full text]
  • Freebsd's Firewall Feast
    SEE TEXT ONLY FreeBSD’s Firewall Feast By Michael W Lucas reeBSD is famous for all sorts of fantastic gets silently dropped, and which is sent back to features, such as ZFS, jails, bhyve virtual- the source with a letter of complaint. A packet- ization, and the Ports Collection. It’s forwarding packet filter is the original firewall. F somewhat infamous, however, for having The firewalls all have a common core feature three different firewalls: PF, IPFilter, and IPFW. set considered the minimum for a modern pack- Where did all these firewalls come from, and et filter. They can track the state of a TCP/IP con- why are they all still in the system? nection and permit traffic based on existing con- The IT industry has repeatedly abused, nections. They can all return resets or silently stretched, and tormented the word firewall to fit drop connections. All can manage non-routable all sorts of different products. When someone addresses and perform network address transla- uses firewall, ask them exactly what they’re talk- tion. They all work with lists of rules defining ing about. Do they mean a caching HTTP proxy how to respond to traffic from different IP like Squid or Varnish? A generic proxy like addresses and network ports. Incoming packets relayd? Or a TCP/IP packet filter? are compared to the list of rules until they are All of FreeBSD’s firewalls are packet filters. permitted or rejected. They control which TCP/IP addresses and ports The firewalls have their own unique features, can connect to the host.
    [Show full text]
  • Bsdcan 2015 UCL Working Group
    BSDCan 2015 UCL Working Group [email protected] Overview The goal of this working group is to develop a template for all future configuration files that is both human readable and writable, but is also hierarchical, expressive, and programmatically editable. Agenda ● Opening: What is UCL ● Presentation of work in progress: converting newsyslog and bhyve to UCL ● Discuss common requirements for configuration files ● Develop a common set of grammar/keys to work across all configuration files ('enabled' activates/deactivates each block, allows disabling default configuration without modifying the default files, ala pkg) Agenda (Continued) ● Discuss layering (/etc/defaults/foo.conf -> /etc/foo.conf -> /etc/foo.conf.d/*.conf -> /usr/local/etc/foo.conf.d/*.conf) ● Discuss required features for management utilities (uclcmd) ● Identify additional targets to UCL-ify ● Develop a universal API for using libucl in various applications, simplify loading configuration into C structs (libfigpar?) What is the Universal Configuration Language? ● Inspired by bind/nginx style configuration ● Fully compatible with JSON, but more liberal in what it accepts, so users do not have to write strict JSON ● Can Output UCL, JSON, or YAML ● Supports handy suffixes like k, mb, min, d ● Can be as simple or as complex as required ● Allows inline comments (# and /* multiline */) ● Validation and Schema support ● Supports includes, macros, and variables Why UCL is great -- all of this is valid param = value; key = “value”; flag = true; section { number = 10k string
    [Show full text]
  • Sysadmin Documentation Documentation Release 1.0
    Sysadmin Documentation Documentation Release 1.0 Alexander Werner Nov 05, 2018 Contents: 1 FreeBSD 3 1.1 Resources.................................................3 1.2 Installation of software..........................................3 1.3 Update of software............................................3 1.4 System update..............................................4 1.5 Change system configuration......................................4 2 MariaDB Galera Cluster 5 2.1 Tasks...................................................5 3 PF - FreeBSD Packet Filter 7 3.1 Installation................................................7 3.2 Configuration...............................................7 4 Unbound DNS 9 4.1 Installation................................................9 4.2 Configuration...............................................9 5 ZFS 11 5.1 Installation................................................ 11 5.2 Operation................................................. 11 6 Setup of Debian 9 on a Lenovo Thinkpad 470 13 6.1 Preparation................................................ 13 6.2 Booting the Installer........................................... 13 6.3 Partitioning the disk........................................... 14 6.4 Software selection............................................ 14 6.5 Finishing the setup............................................ 14 6.6 Post-Setup................................................ 14 7 Resources 15 8 Indices and tables 17 i ii Sysadmin Documentation Documentation, Release 1.0 This manual serves as
    [Show full text]
  • Learning HTTP 2.Pdf
    L e a r n i n g H T T P/2 A PRACTICAL GUIDE FOR BEGINNERS Stephen Ludin & Javier Garza Learning HTTP/2 A Practical Guide for Beginners Stephen Ludin and Javier Garza Beijing Boston Farnham Sebastopol Tokyo Learning HTTP/2 by Stephen Ludin and Javier Garza Copyright © 2017 Stephen Ludin, Javier Garza. All rights reserved. Printed in the United States of America. Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472. O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (http://oreilly.com/safari). For more information, contact our corporate/insti‐ tutional sales department: 800-998-9938 or [email protected]. Acquisitions Editor: Brian Anderson Indexer: Wendy Catalano Editors: Virginia Wilson and Dawn Schanafelt Interior Designer: David Futato Production Editor: Shiny Kalapurakkel Cover Designer: Karen Montgomery Copyeditor: Kim Cofer Illustrator: Rebecca Demarest Proofreader: Sonia Saruba June 2017: First Edition Revision History for the First Edition 2017-05-14: First Release 2017-10-27: Second Release See http://oreilly.com/catalog/errata.csp?isbn=9781491962442 for release details. The O’Reilly logo is a registered trademark of O’Reilly Media, Inc. Learning HTTP/2, the cover image, and related trade dress are trademarks of O’Reilly Media, Inc. While the publisher and the authors have used good faith efforts to ensure that the information and instructions contained in this work are accurate, the publisher and the authors disclaim all responsibility for errors or omissions, including without limitation responsibility for damages resulting from the use of or reliance on this work.
    [Show full text]
  • Freebsd Foundation February 2018 Update
    FreeBSD Foundation February 2018 Update Upcoming Events Message from the Executive Director Dear FreeBSD Community Member, AsiaBSDCon 2018 Welcome to our February Newsletter! In this newsletter you’ll read about FreeBSD Developers Summit conferences we participated in to promote and teach about FreeBSD, March 8-9, 2018 software development projects we are working on, why we need Tokyo, Japan funding, upcoming events, a release engineering update, and more. AsiaBSDCon 2018 Enjoy! March 8-11, 2018 Tokyo, Japan Deb SCALE 16x March 8-11, 2018 Pasadena, CA February 2018 Development Projects FOSSASIA 2018 March 22-25, 2018 Update: The Modern FreeBSD Tool Chain: Singapore, Singapore LLVM's LLD Linker As with other BSD distributions, FreeBSD has a base system that FreeBSD Journal is developed, tested and released by a single team. Included in the base system is the tool chain, the set of programs used to build, debug and test software. FreeBSD has relied on the GNU tool chain suite for most of its history. This includes the GNU Compiler Collection (GCC) compiler, and GNU binutils which include the GNU "bfd" linker. These tools served the FreeBSD project well from 1993 until 2007, when the GNU project migrated to releasing its software under the General Public License, version 3 (GPLv3). A number of FreeBSD developers and users objected to new restrictions included in GPLv3, and the GNU tool chain became increasingly outdated. The January/February issue of the FreeBSD Journal is now available. Don't miss articles on The FreeBSD project migrated to Clang/LLVM for the compiler in Tracing ifconfig Commands, Storage FreeBSD 10, and most of GNU binutils were replaced with the ELF Tool Multipathing, and more.
    [Show full text]
  • Varnish Documentation Release 3.0.2
    Varnish Documentation Release 3.0.2 Varnish Project January 09, 2012 CONTENTS 1 Varnish Installation 3 1.1 Prerequisites...............................................3 1.2 Installing Varnish.............................................3 1.3 Compiling Varnish from source.....................................4 1.4 Getting hold of us............................................6 1.5 Reporting bugs..............................................7 1.6 Upgrading from Varnish 2.1 to 3.0....................................9 2 Using Varnish 13 2.1 Backend servers............................................. 13 2.2 Starting Varnish............................................. 14 2.3 Logging in Varnish............................................ 14 2.4 Sizing your cache............................................ 15 2.5 Put Varnish on port 80.......................................... 15 2.6 Varnish Configuration Language - VCL................................. 16 2.7 Statistics................................................. 18 2.8 Achieving a high hitrate......................................... 19 2.9 Cookies.................................................. 22 2.10 Vary.................................................... 23 2.11 Pitfall - Vary: User-Agent........................................ 24 2.12 Purging and banning........................................... 24 2.13 Edge Side Includes............................................ 26 2.14 Running inside a virtual machine (VM)................................. 27 2.15 Advanced Backend configuration...................................
    [Show full text]