That kind of seems crazy to me, considering OpenBSD has worked perfectly fine with every wifi capable device I've tested it on. Granted, most of them were older machines.
Is this just an artifact of FreeBSD primarily focusing on server hardware rather than consumer/end-user stuff?
Basically no one supports Broadcom SoftMAC WiFi cards very well, but OpenBSD just doesn't. I have a 2015 MacBook Air with a BCM4350 where the recommended fix is to go buy a FullMAC card from a similar vintage MacBook Pro and just cope with the fact that the card barely fits in the case and can't be secured properly.
Ah very true. It comes in third in terms of "cool" factor, looking more like something a local retirement home would take to bingo night than something deserving the astrovan name. But I respect it nonetheless.
A classic example is Docker inserting its firewall rules before everything else, causing any "published" ports to be wide open even if a firewall ruleset was configured. They might have fixed this, or doubled down on their design choice. Either way, that kind of complexity can really bite you if you're not careful.
Hey, op here, this was almost a decade ago, but I'll try to describe what's going on here. It's kind of a crappy picture.
* WAN connection comes in by coax, into my cheapo cable modem (off screen), and then by Ethernet into the franken-NIC sitting on top of the laptop.
* The NIC on top is a normal PCIe card, but with the bracket missing. The ExpressCard riser [1] is connected by a mini-HDMI cable, the flat black cable, which curves up, around, and back in from the left side into the laptop
* Then, the blue cable on the side of the laptop is a VLAN trunk going into the Cisco switch on port 23/24, outside the picture.
* From there, another port on the switch is setup as an access/untagged port going into one of the LAN ports on the D-Link acting as the access switch
I don't think it was set up here, but at one point I also had a dock under the ThinkPad, with the serial adapter wired up to the switch's console port so I could manage everything by ssh'ing into the router.
Also note that all the cables were hand-crimped because I was too cheap to buy new patch cables at the time.
I was in college, and truly had more time than money back then. it's the kind of doohickey made by only somebody very young, very crazy, or a bit of both. ;)
A good QA team will be the definitive experts on a piece of software. They have more complete and in-depth experience than sales, engineering, or anybody else. A single software engineer might know their specific piece, but your QA tester will know everything.
Even easier, just throw together some iptables rules & install dnsmasq. Obviously out of reach of most non-techy people but it's not much worse than most self-hosted things people build. I've even done it with USB-Ethernet dongles.
Maybe "whitebox" stuff will have a moment here. Buy a ARM based "computer" that just happens to have a built in switch and 802.11 radio, and separately purchase an SD card with the OS on it.
Or, perhaps this will be VyOS's time to shine... https://vyos.io/
Can't really see anything really happening in the consumer space, but maybe business/enterprise will move in one direction or another.
The easiest one I've set up was ClearOS. I was happy enough with OpnSense but when I upgraded a network card I had issues with driver compatibility because of the FreeBSD core. ClearOS being Linux it worked out of the box, and getting ClearOS set up seriously only took me like fifteen minutes. I was shocked.
I love my NixOS thing, because I am part of the cult of NixOS, but it's probably something I wouldn't recommend for most people because it was kind of a pain in the ass to get working. The reason I do it now is because it lives on the same box that is my server.
I've looked into Vyos, it sort of reminds me of the Cisco stuff and it looks interesting, but it never seemed sufficiently better than my NixOS thing.
I really don't think that the Nix language is nearly as bad as people say it is once you get used to it, and I've been using NixOS since before ChatGPT was released so I've gotten pretty ok with it. Plus, there are niceties like being able to use variables for things like interface names which makes it pretty nice.
Also, something kind of nice about NixOS is that once you get it working, it kind of stays working. I have my config file backed up to Sourcehut, and I'm relatively confident that the configuration file is an accurate representation of reality.
Yeah, considering the number of corporate IT products that count anything from a port scan to requesting /wp-admin a "thwarted cyberattack" I can see this going very poorly when every cowboy IT manager gets their sheriff badge.
There have been plenty of inflection points like that throughout history. Famously, Jimmy Carter installed solar heating on the roof of the white house. Reagan took them down shortly after.
It seems like we never quite learn our lesson about energy security...
- Mount something in a rack not firmly attached to brackets or a shelf
- Install anything with a battery larger than you'd find in a RAID card
Not to mention all the other ways this is sub-par in terms of airflow, density, serviceability, out-of-band management, etc.
I get the allure of it, but I wouldn't really want my gear anywhere near a bunch of laptops stuck in a cabinet.
reply