Tag Archives: wifi

Valuable News – 2018/10/07

The Valuable News weekly series is dedicated to provide summary about news, articles and other interesting stuff mostly but not always related to the UNIX or BSD systems. Whenever I stumble upon something worth mentioning on the Internet I just put it here so someone else can

Today the amount information that we get using various information streams is at massive overload. Thus one needs to focus only on what is important without the need to grep(1) the Internet everyday. Hence the idea of providing such information ‘bulk’ as I already do that grep(1).


Using Dummynet for Traffic Shaping on FreeBSD.

HardenedBSD 1100056.6 Released.

Cache Invalidation Bug in Linux Memory Management.

IBM is responsible for making \ the path separator instead of / in MS-DOS.

State of Memory Safety in Linux.

Haiku R1/Beta1 Released.

FreshRSS – free self-hostable aggregator.

Miniflux is a minimalist and opinionated feed reader.

Using very old ZFS filesystem can give you kernel panic on Linux.

OpenBSD vmd(8) now works out of the box on AMD Ryzen.

The origin of the name POSIX.

PostgreSQL Per-Table Autovacuum Tuning.

Sequence Caching: Oracle vs. PostgreSQL.

Polish BSD User Group.

OpenSSH 2.3-7.4 Mass Username Enumeration (CVE-2018-15473).

The POWER9 Desktop is Now Official!

If you were the Linus Torvalds of FreeBSD what would be the first thing you would change?

BSD Now 266 – File Type History.

OpenBSD on the Desktop: some thoughts.

Installing Gophernicus in OpenBSD.

FreeBSD finally updates GNOME port to 3.28 version.

FreeBSD – FCP-0101 – Deprecating Most 10/100 Ethernet Drivers.

In Other BSDs for 2018/10/06.

DTrace is coming to Windows. Already available on FreeBSD/macOs/Illumos. The only holdout is Linux.

Announcing pkgsrc-2018Q3 Release.

Migrating OmniOS VM from KVM to bhyve.

FreeBSD diskinfo -wS (synchronous writes) bandwidth limits on Optane devices.

First SmartOS snapshot with bhyve support as alternative hypervisor to QEMU/KVM.

FreeBSD amd64: make memset less slow with mov.


AMD 12-core (2970WX) and 24-core (2920X) Threadripper 2 CPUs on 29th October.

RISC-V Inches Toward The Center.

Lenovo ThinkPad X1 Extreme / 6-core / 64 GB RAM / GTX 1050 Ti / under 4 pounds.

ARM Partners with Xilinx to Bring Cortex-M Processors to FPGAs.

iDRACula Vulnerability Impacts Millions of Legacy Dell EMC Servers.

Wi-Fi Alliance Introduces Wi-Fi 6 (802.11ax) Technology.
Wi-Fi 5 to identify devices that support 802.11ac technology.
Wi-Fi 4 to identify devices that support 802.11n technology

MicroZed Chronicles: XDF & Versal.

Intel Customized SoC for HP: Amber Lake-Y with On-Package LTE Modem.

High resolution photos of the motherboard that looks almost the same in Bloomberg.


Insufficient Sleep Associated with Risky Teen Behavior.

Annoying habits of highly effective people.

Your IQ Matters Less Than You Think.


World’s Oldest Torrent Still Alive After 15 Years.

After Seeing These 15 Maps You’ll Never Look At The World The Same.


FreeBSD Desktop – Part 13 – Configuration – Dzen2

Time for real configuration of the status bar. In today’s article of the FreeBSD Desktop series I will describe how to configure the Dzen2.

You may also check earlier articles of the FreeBSD Desktop series:


The provided status bar backed by Dzen2 will be providing the following information.

  • date: Date in ISO 8601 format along with current time.
  • sys: CPU frequency, CPU temperature, system load and free RAM.
  • ip: List of current IP addresses and its interfaces.
  • gw: System default network gateway.
  • dns: System default DNS.
  • ping: Current Internet access state.
  • vol/pcm: Volume level for vol and pcm backends.
  • fs: ZFS pools free space.
  • bat: Battery and AC status.
  • top: Top 3 processes with highest CPU usage along with their RAM usage.

Here is how such Dzen2 looks like in action.



The Dzen2 offers feature that Conky or other status bar applications does not offer. I would call it refresh on demand. If you would like to implement refresh interval of 60 seconds for example (not so often) and also refresh that information everytime you ‘click’ on the status bar (or by other action) its possible to implement in Dzen2 using mkfifo(1) command.

Why anyone would want to implement such ‘strange’ refresh policy? To get more battery life mostly as You do not need this information to be refreshed every second and if You need up to date information then you will refresh it manually with a click on the status bar and have the needed information. The other reason is ‘focus’. If this status bar refreshes every second, then it ‘caches’ your attention, this may prevent you from focusing deep enough on the task you are currently doing. If you do something important that requires focus then You do not want status bar (or anything else) to distract you with useless at the moment information.

To achieve such configuration we would need three things. The dzen2-fifo.sh script that will start initial fifo on the ~/.dzen2-fifo file. The dzen2-update.sh to update the fifo and would be run from the crontab(1) every 60 seconds. A dzen2(1) action configured with left mouse button click to invoke dzen2-update.sh to update the fifo. All these scripts and scripts used directly by Dzen2 to gather needed information are available in the scripts-status-bar.tar.gz file.

To start Dzen2 at the X11 startup we will use script from the earlier ‘bulk’ already available – __openbox_restart_dzen2.sh – which kills all instances of Dzen2 and then starts the fifo backed Dzen2 with dzen2-fifo.sh script available in the scripts.tar.gz file.

Here is how its configured in the ~/.xinitrc (or ~/.xsession) file.

% grep dzen ~/.xinitrc                      
  ~/scripts/__openbox_restart_dzen2.sh &

Remember to put ‘&‘ at the end of the line.

Lets have a look how the ‘update’ is configured in the crontab(1) as shown below.

% crontab -l
  0 * * * * ~/scripts/dzen2-update.sh 1> ~/.dzen2-fifo                                        2> /dev/null

The scripts that Dzen2 uses to gather information are:


… and this one to ’emulate’ clicks to implement Openbox virtual desktops switching with [Scroll Up] and [Scroll Down] mouse events.


The dzen2-update.sh is kinda like Conky on terminal, it just puts all that information in text format with Dzen2 colors syntax as shown below.

% dzen2-update.sh
 ^fg(#aaaaaa)date: ^fg(#eeeeee)2018/07/05/Thu/10:11 ^fg(#dd0000)| ^fg(#aaaaaa)sys: ^fg(#eeeeee)800MHz/46.1C/0.83/4.5GB ^fg(#dd0000)| ^fg(#aaaaaa)ip: ^fg(#eeeeee)wlan0/wirelesssid/ ^fg(#dd0000)| ^fg(#aaaaaa)gw: ^fg(#eeeeee) ^fg(#dd0000)| ^fg(#aaaaaa)dns: ^fg(#eeeeee) ^fg(#dd0000)| ^fg(#aaaaaa)ping: ^fg(#eeeeee)^fg(#dd2200)NOPE ^fg(#dd0000)| ^fg(#aaaaaa)vol/pcm: ^fg(#eeeeee)100/100 ^fg(#dd0000)| ^fg(#aaaaaa)fs: ^fg(#eeeeee)local/69.2G sys/3.27G ^fg(#dd0000)| ^fg(#aaaaaa)bat: ^fg(#eeeeee)AC/^fg(#ffffff)90% ^fg(#dd0000)| ^fg(#aaaaaa)top: ^fg(#eeeeee)firefox/15%/0.6GB firefox/13%/0.3GB firefox/11%/0.4GB 


To make most scripts work Your user (vuk in the series) needs to be in the wheel, operator and network groups and doas(1) (sudo(8) equivalent) needs to be installed and configured in the following way.

# pkg install doas

# pw groupmod wheel    -m vuk
# pw groupmod operator -m vuk
# pw groupmod network  -m vuk

# cat /usr/local/etc/doas.conf
permit nopass :wheel as root

permit nopass :network as root cmd ifconfig
permit nopass :network as root cmd dhclient
permit nopass :network as root cmd umount
permit nopass :network as root cmd wpa_supplicant
permit nopass :network as root cmd ppp
permit nopass :network as root cmd killall args -9 dhclient
permit nopass :network as root cmd killall args -9 wpa_supplicant
permit nopass :network as root cmd killall args -9 ppp
permit nopass :network as root cmd cat args /etc/ppp/ppp.conf
permit nopass :network as root cmd /etc/rc.d/netif args onerestart
permit nopass :network as root cmd tee args /etc/resolv.conf
permit nopass :network as root cmd tee args -a /etc/resolv.conf


In this post I attach scripts related to Dzen2. Download them all in the scripts-status-bar.tar.gz file and unpack them into the ~/scripts directory.

Here are these scripts.

% tar -tf scripts-status-bar.tar.gz

Make sure they remain executable.

% chmod +x ~/scripts/*

To make them work properly add ~/scripts into the ${PATH} variable at the beginning of the ~/.xinitrc file.

  export PATH=${PATH}:~/scripts

All of my scripts have this ‘mysterious’ line at the end. Its for statistics to check which scripts are run when (or it at all to which ones to delete).

echo '1' >> ~/scripts/stats/$( basename ${0} )

Thus it is needed to create the ‘stats’ directory.

% mkdir -p ~/scripts/stats

I have implemented that about two months ago and here are the results.

% wc -l ~/scripts/stats/* | sort -n
       1 /home/vermaden/scripts/stats/__openbox_show_screenshot.sh
       2 /home/vermaden/scripts/stats/__openbox_cpufreq.sh
       2 /home/vermaden/scripts/stats/__openbox_current_wallpaper.sh
       2 /home/vermaden/scripts/stats/__openbox_fullscreen.sh
       4 /home/vermaden/scripts/stats/__openbox_restart_dzen2.sh
       4 /home/vermaden/scripts/stats/dzen2-fifo.sh
       5 /home/vermaden/scripts/stats/__openbox_dmenu.sh
       5 /home/vermaden/scripts/stats/__openbox_restart_conky.sh
       5 /home/vermaden/scripts/stats/__openbox_restart_tint2.sh
       6 /home/vermaden/scripts/stats/__openbox_delete_wallpaper.sh
       7 /home/vermaden/scripts/stats/__openbox_freebsd_sound.sh
       8 /home/vermaden/scripts/stats/aero-snap.sh
      12 /home/vermaden/scripts/stats/__openbox_edit_screenshot.sh
      16 /home/vermaden/scripts/stats/__openbox_lock_zzz.sh
      16 /home/vermaden/scripts/stats/__openbox_lock.sh
      22 /home/vermaden/scripts/stats/shot.sh
      24 /home/vermaden/scripts/stats/network.sh
     214 /home/vermaden/scripts/stats/xterm.sh
     960 /home/vermaden/scripts/stats/random_wallpaper.sh
    2767 /home/vermaden/scripts/stats/desktop-battery-warning.sh
   13834 /home/vermaden/scripts/stats/desktop-kill-shit.sh
   17916 total

Of course I limited the output only to scripts that are available in this article, but be patient, more to come later πŸ™‚


To make these scripts work and generally to make all this setup work we will need these dependencies.

  • dzen2
  • xdotool
  • wmctrl

To install them all with pkg(8) just type this line below.

# pkg install dzen2 xdotool wmctrl


After adding Dzen2 to crontab(1) and keeping the earlier entries the complete crontab(1) would look like that.

% crontab -l
  *     *     * * * ~/scripts/desktop-kill-shit.sh                                       1> /dev/null 2> /dev/null
  */5   *     * * * ~/scripts/desktop-battery-warning.sh
  */20  *     * * * ~/scripts/random_wallpaper.sh ~/gfx/wallpapers                       1> /dev/null 2> /dev/null
  12,0  *     * * * /usr/bin/find ~/.cache -mtime +10 -delete                            1> /dev/null 2> /dev/null
  0     */3   * * * /usr/bin/find ~/.local/share/Trash/files -mtime +1 -delete           1> /dev/null 2> /dev/null

  0     *     * * * ~/scripts/dzen2-update.sh 1> ~/.dzen2-fifo                                        2> /dev/null


This Dzen2 configuration implements five ‘mouse actions’ or shortcuts available on the status bar.

  • [Scroll Up] – switch next virtual desktop.
  • [Scroll Down] – switch previous virtual desktop.
  • [Right Click] – show Openbox root menu.
  • [Middle Click] – show Openbox window menu.
  • [Left Click] – update Dzen2 Status Bar with dzen2-update.sh invoke.

Hope I haven’t forgot anything, feel free to ask or remind me πŸ˜‰


FreeBSD Desktop – Part 2 – Install

This is the second post in the FreeBSD Desktop series.

You may also check earlier/other articles of the FreeBSD Desktop series:

How about actually installing FreeBSD? On a real hardware? You may first want to mess with the FreeBSD installer in a virtualized hardware (Bhyve/KVM/XEN/Virtualbox/…) so You will gain some confidence. In these posts series we will create a complete step by step FreeBSD desktop installation on USB 2.0 pendrive. 8 GB size or more is required. This way You will not have to ‘touch’ you installed system and as You gain confidence in FreeBSD You may want to switch to it if it suits your needs better then the currently installed system on your hardware. This way You can also try it on various computers without the need of (re)install or You may use it as You ‘go/mobile’ system on a stick.

For the series I will use one of the best laptops ever made – Lenovo ThinkPad X220 – shown below.


Its a 2011 12.5″ screen laptop with best keyboard layout on the world. As the series will progress I will also show the differences to other laptop – Lenovo ThinkPad T420s – another great machine. Besides being one of the best laptops ever made they also today have another advantage – they are dirt cheap. You can get any of them in a really good condition for about $150-180.


First we need to setup our machine, I mean the BIOS settings in the laptop. We will disable unused (Express Card/Bluetooth/Camera/Fingerprint Reader/…) and unwanted options (Intel AMT/Security Chip/UEFI/…). Below are screens with these settings.



















The install is very similar to the HardenedBSD install made in earlier post – Introduction to HardenedBSD World.

You will need:
* 8GB or larger USB pendrive for the installation (or install directly to hard disk)
* 1GB or larger USB pendrive or 700MB CD-R(W) disk for the FreeBSD installer to boot/install from

Besides all Lenovo ThinkPad XY20 (X220/T420/T420s/T520/W520) laptops being one of the best ever made they have one amusing problem – the broken GPT boot πŸ™‚ The installer – on these Lenovo laptops – will ask You if You want to apply that fix – answer ‘yes’ there. Later in the setup process this option is called GPT + Lenovo Fix (BIOS) as a Partition Scheme option. You can read more about GPT issue on this FreeBSD Mailing Lists post – using GPT / EFI booting on Lenovo BIOSeshttps://lists.freebsd.org/pipermail/freebsd-i386/2013-March/010437.html.

One more thing to mention, this GPT BUG is present only when You want to boot FreeBSD from GPT partition in BIOS/Legacy mode. If You make UEFI install (which we will do in one of the next articles in the series) this problem is not present and FreeBSD boots properly on Lenovo ThinkPad X220 (and other from XY20 series) from GPT partition in UEFI mode.

Now the install process. First You need the FreeBSD 11.1-RELEASE install image, download it from here – FreeBSD-11.1-RELEASE-amd64-memstick.imghttp://ftp.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/11.1/FreeBSD-11.1-RELEASE-amd64-memstick.img.

To put the image on the pendrive we will use the dd(1) tool available on almost any Mac OS X (macOS) and Linux system – You can read more about that command on following Wikipedia article on dd command.

For Windows You will have to download it from here – dd for windowshttp://www.chrysocome.net/dd.

On FreeBSD such command will look like that:

# dd if=FreeBSD-11.1-RELEASE-amd64-memstick.img of=/dev/da1

… but for performance reasons its better to add bs=1m (bs=1M on Linux/Windows) to the command.

# dd if=FreeBSD-11.1-RELEASE-amd64-memstick.img of=/dev/da1 bs=1m

Alternatively You may want to burn the ISO image to the CD-R(W) disc and boot from it instead of USB pendrive, in such case here is the ISO image link – FreeBSD-11.1-RELEASE-amd64-disc1.isohttp://ftp.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/11.1/FreeBSD-11.1-RELEASE-amd64-disc1.iso

Now to install. Attach the USB pendrive or CD disc with FreeBSD installer and boot from it, on most laptops You may show the temporary boot list selection with [F11] or [F12] key.

After You have booted to the screen below with Welcome message, leave the ‘focus’ on the Install button and attach the 8GB or larger USB pendrive for installation.


You will see kernel buffer messages messing the screen and showing that new drive has been attached, but as the ‘focus’ is still on the Install button so just hit [ENTER] key and proceed with the installation process as shown on the images below.

You can select your desired keyboard layout, it can also be changed later, your choice.


When we have a new machine there is always a problem with new name for it. The RFC 1178 Choosing a Name for Your Computer from 1990 year tries to address that issue – https://tools.ietf.org/html/rfc1178. For machine hostname we will use Slavic word for the wind which would be vetru – in normalized form – as original as You can imagine is not in ASCII compatible – Π²Ρ£Ρ‚Ρ€ΡŠ (vΔ›trΕ­) πŸ™‚


We do not need any additional components, with all deselected as shown below only the (not shown) base and kernel will be installed.


We will use ZFS because we want to use Boot Environments with sysutils/beadm port.


Hit [ENTER] on the Pool Type/Disks to select target disk to install FreeBSD on.


As we will be using only single disk without redundancy select stripe here.


This may vary, select the pendrive (or disk) that You want to install FreeBSD on.


We will set SWAP size to ‘0‘ (no SWAP) as it will not be needed. If we will need SWAP in the future, then we will create ZVOL on ZFS and use it as a SWAP device.



As we are installing it on a Lenovo ThnikPad X220 with GPT BUG then we need to select GPT + Lenovo FIX (BIOS) here.


Now move ‘focus’ to Install and hit [ENTER] to proceed with installation.


This is the last chance to not overwrite your precious data.


Then You will see the install progress.


Fill in your root user password.


Select any interface here as we will not be making any configuration here.


Leave the interface unconfigured for now, we will take care about that later.



Now we will configure the time zone, I have configured Europe/Poland as shown below.



Now you may correct the date and time.



Select services as shown below.


Enable all security hardening features as shown below.


We want to create new ‘regular’ user so answer Yes here.


For the username we will use Slavic word for wolf which is Vuk.



Our job is done here, hit [ENTER] key with ‘focus’ on Exit name,


Installer will ask You if You want to modify the installed system before rebooting into it. We do not have any needs now so hit [ENTER] key on No option.


As we finished hit [ENTER] on Reboot button.



After the boot process of the newly installed FreeBSD 11.1-RELEASE USB pendrive You will see an image similar to below one.



What to do next? Lets make some basic network connectivity. Later in the FreeBSD Desktop series we will switch to network.sh for networking – FreeBSD Network Management with network.sh Script but now lets see how its done the raw way. If You will have attached LAN cable and your interface is em0 (check ifconfig(8) command output) then dhclient em0 command should grant You the working connection to the Internet – assuming that You have DHCP server on that network. Here are the commands.

# ifconfig em0 up

# dhclient em0
DHCPREQUEST on em0 to port 67
bound to -- renewal in 2147483647 seconds.

To test the network connectivity use the ping(8) command.

# ping -c 3 freebsd.org
PING freebsd.org ( 56 data bytes
64 bytes from icmp_seq=0 ttl=52 time=242.421 ms
64 bytes from icmp_seq=1 ttl=52 time=234.535 ms
64 bytes from icmp_seq=2 ttl=52 time=245.120 ms

--- freebsd.org ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 234.535/240.692/245.120/4.491 ms

Also check LAN network chapter in the FreeBSD Handbookhttps://freebsd.org/handbook/config-network-setup.html

If You would like to connect to the World with wireless connection then here are the needed commands.

First lets check what wireless card You have.

# sysctl net.wlan.devices
net.wlan.devices: iwn0

We will now create wlan(4) virtual device on top of our iwn0 device and bring it up.

# ifconfig wlan0 create wlandev iwn0

# ifconfig wlan0 up

We can scan for existing nearby WiFi access points if needed.

# ifconfig wlan0 scan
SSID/MESH ID    BSSID              CHAN RATE    S:N     INT CAPS
xxxxxxx         xx:xx:xx:xx:xx:xx    7   54M  -85:-95   100 EPS  HTCAP RSN WME BSSLOAD WPS
WIFI-NETWOR...  xx:xx:xx:xx:xx:xx    8   54M  -71:-95   100 EPS  HTCAP APCHANREP WME ATH RSN WPA
xxxxxxx         xx:xx:xx:xx:xx:xx    1   54M  -90:-95   100 EPS  RSN HTCAP WME ATH WPS
xxxxxxx         xx:xx:xx:xx:xx:xx    1   54M  -90:-95   100 EP   RSN WME WPS

In case the name of the network does not fit into the first column, then use -v flag for verbose (and wider) output.

# ifconfig -v wlan0 scan

Now we need to add the desired WiFi network to the /etc/wpa_supplicant.conf file as shown below.

# cat > /etc/wpa_supplicant.conf << __EOF

The You may connect to it using the wpa_supplicant(8) daemon. We will connect to the WiFi hot spot, and as the message ‘CTRL-EVENT-CONNECTED‘ will be displayed we hit the [CTRL]+[Z] key combination to put the process into suspended state (SIGTSTP signal). Then we type the bg(1) command to put it back into running state, but in the background (SIGCONT signal) so we can continue to type next commands.

# wpa_supplicant -i wlan0 -c /etc/wpa_supplicant.conf
Successfully initialized wpa_supplicant
wlan0: Trying to associate with xx:xx:xx:xx:xx:xx (SSID='WIFI-NETWORK-NAME' freq=2447 MHz)
wlan0: Associated with xx:xx:xx:xx:xx:xx
wlan0: WPA: Key negotiation completed with xx:xx:xx:xx:xx:xx [PTK=CCMP GTK=TKIP]
wlan0: CTRL-EVENT-CONNECTED - Connection to xx:xx:xx:xx:xx:xx completed [id=17 id_str=]
[1]  + Suspended  sudo wpa_supplicant -i wlan0 -c /etc/wpa_supplicant.conf
# bg
[1]    sudo wpa_supplicant -i wlan0 -c /etc/wpa_supplicant.conf &

Now we will request for the IP address from the access point DHCP server.

# dhclient wlan0
DHCPREQUEST on wlan0 to port 67
bound to -- renewal in 2147483647 seconds.

To test the network connectivity use the ping(8) command.

# ping -c 3 freebsd.org
PING freebsd.org ( 56 data bytes
64 bytes from icmp_seq=0 ttl=52 time=242.421 ms
64 bytes from icmp_seq=1 ttl=52 time=234.535 ms
64 bytes from icmp_seq=2 ttl=52 time=245.120 ms

--- freebsd.org ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 234.535/240.692/245.120/4.491 ms

Also check WLAN chapter in the FreeBSD Handbookhttps://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-wireless.html


In case You want to learn more about FreeBSD the FreeBSD Handbook and FreeBSD FAQ are good place to start.


In case the installer would not made its job properly You can make the fix by yourself, you just need a FreeBSD system for it (You already have it on the USB pendrive or CD disk). Boot into the first question and move the ‘focus’ to the Live CD button on the right but do not hit the [ENTER] yet. Now, attach the USB pendrive with FreeBSD installed. Screen will be flooded with kernel buffer about attaching new da device, note the da device number (for example da1) and now hit [ENTER] key.

You will be welcomed with login: prompt, type root and hit [ENTER] (no password is required).

Remember the kernel buffer messages screen earlier? They started with the device name (like da0 or da1), we will use that device name to apply the fix. I will assume its da0. First, lets dump partition table to FDISK file.

# fdisk -p /dev/da0 > FDISK

# cat FDISK
# /dev/da0
g c1886 h255 s63
p 1 0xee 63 30298527

Now we need to make the fix, after the 'p 1 (...)' line add 'a 1' an below that line copy the line that starts with 'p 1 (...)' and name it 'p 2 (...)'. Now in the ‘first’ line with 'p 1 (...)' change the 0xee into 0x00. Final result is shown below.

# vi FDISK
# /dev/da0
g c1886 h255 s63
p 1 0x00 63 30298527
a 1
p 2 0xee 63 30298527

After writing the file, apply this new partition table into the da0 device with fdisk(8) command.

# fdisk -f FDISK /dev/da0

Verify that fix is applied.

# fdisk -p /dev/da0
# /dev/da0
g c1886 h255 s63
p 2 0xee 63 30298527

Indeed it is. Now You have Lenovo GPT fix applied. Important to mention that this ‘fix’ does not break the USB pendrive for computers that do not have GPT problem, so with GPT FIX applied you may use it on computers other then Lenovo.


In case You may want to start after the installation I have uploaded the installed image here – http://www.mediafire.com/file/ywcnw99ghqezd6u/usb-freebsd-11.1-lenovo.raw.xz – keep in mind that its compressed by xz(1) so in order to apply it to USB pendrive You must first unpack it. You may do that on the fly with following command assuming that we will be writing that image to da1 device:

# xz -c -d usb-freebsd-11.1-lenovo.raw.xz | dd > /dev/da1 bs=1m

For the record, this image contains the Lenovo GPT FIX. The passwords are set to ‘asd‘ for convenience.

Enough for one post πŸ˜‰


FreeBSD Network Management with network.sh Script

When You use only one connection on FreeBSD, then the best practice is to just put its whole configuration into the /etc/rc.conf file, for example typical server redundant connection would look like that one below.

ifconfig_igb0="-lro -tso -vlanhwtag mtu 9000 up"
ifconfig_igb1="-lro -tso -vlanhwtag mtu 9000 up"
ifconfig_lagg0="laggproto lacp laggport igb0 laggport igb1 up"

If You must use more then one connection and You often switch between them, sometimes several times a day, then using the main FreeBSD’s config file is not the most convenient way for such operations.

For laptops where You often switch between WWAN (usually 3G connection) and WLAN (typical WiFi connection) and even LAN cable.

You can of course use graphical NetworkMgr from GhostBSD project which is described as “Python GTK3 network manager for FreeBSD, GhostBSD, TrueOS and DragonFlyBSD. NetworkMgr support both netif and OpenRC network” citing the project site – https://github.com/GhostBSD/networkmgr – it is also available in FreeBSD Ports and as package – net-mgmt/networkmgr.


What I miss in NetworkMgr is the WWAN connection management, DNS management, optional random MAC generation and network shares unmount at disconnect from network. With my solution – network.sh – you still need to edit /etc/wpa_supplicant.conf and /etc/ppp/ppp.conf files by hand so it’s also not a perfect solution for typical desktop usage, but you do not edit these files every day.

As I use WWAN, WLAN and LAN connections on my laptop depends on the location I wrote a script to automate this connection management in a deterministic and convenient way, at least for me.

It can also set DNS to some safe/nologging providers or even a random safe DNS and generate legitimate MAC address for both LAN and WLAN if needed, even with real OUI first three octets if You also have additional network.sh.oui.txt file with them inside.

Here is the network.sh script help message.

% network.sh help
 network.sh TYPE [OPTIONS]



 network.sh lan start
 network.sh lan restart
 network.sh wlan start
 network.sh wlan start HOME-NETWORK-SSID
 network.sh wwan example
 network.sh dns onic
 network.sh dns udns
 network.sh dns random
 network.sh doas
 network.sh sudo

If You run network.sh with appreciate arguments to start network connection it will display on the screen what commands it would run to achieve that. It also makes use of sudo(8) or doas(1) assuming that You are in the network group. To add yourself into the network group type this command below.

# pw groupmod network -m yourself

The network.sh doas command will print what rights it needs to work without root privileges, same for network.sh sudo command, an example below.

% network.sh doas
 # pw groupmod network -m YOURUSERNAME
 # cat /usr/local/etc/doas.conf
 permit nopass :network as root cmd /bin/cat args /etc/ppp/ppp.conf
 permit nopass :network as root cmd /etc/rc.d/netif args onerestart
 permit nopass :network as root cmd dhclient
 permit nopass :network as root cmd ifconfig
 permit nopass :network as root cmd killall args -9 dhclient
 permit nopass :network as root cmd killall args -9 ppp
 permit nopass :network as root cmd killall args -9 wpa_supplicant
 permit nopass :network as root cmd ppp
 permit nopass :network as root cmd tee args -a /etc/resolv.conf
 permit nopass :network as root cmd tee args /etc/resolv.conf
 permit nopass :network as root cmd umount
 permit nopass :network as root cmd wpa_supplicant

The network.sh script does not edit /usr/local/etc/doas.conf or /usr/local/etc/sudoers files, You have to put these lines there by yourself. An example doas setup for network.sh script is below.

# pkg install -y doas

# cat >> /usr/local/etc/doas.conf << __EOF
permit nopass :network as root cmd /bin/cat args /etc/ppp/ppp.conf
permit nopass :network as root cmd /etc/rc.d/netif args onerestart
permit nopass :network as root cmd dhclient
permit nopass :network as root cmd ifconfig
permit nopass :network as root cmd killall args -9 dhclient
permit nopass :network as root cmd killall args -9 ppp
permit nopass :network as root cmd killall args -9 wpa_supplicant
permit nopass :network as root cmd ppp
permit nopass :network as root cmd tee args -a /etc/resolv.conf
permit nopass :network as root cmd tee args /etc/resolv.conf
permit nopass :network as root cmd umount
permit nopass :network as root cmd wpa_supplicant

# pw groupmod network -m yourself

The network.sh script upon disconnect would also forcefully unmount all network shares.

The idea is that it does only one connection type at a time, When You type network.sh lan start and then type network.sh wlan start, then it will reset entire FreeBSD network stack to defaults (to settings that are in /etc/rc.conf file) and then connect to WiFi in a ‘clean network environment’ as I could say. As I use 3 different methods of connecting to various networks I do not have any network settings in theΒ /etc/rc.conf file, but You may prefer for example to have DHCP for local LAN enabled if that is more convenient for You.

The settings are on the beginning of the network.sh script, You should modify them to your needs and hardware that You own.

NAME=$( basename ${0} )

You can specify other NETFS filesystems that You want to forcefully unmount during network stop or set different physical WLAN adapter (WLAN_PH option), like ath0 for Atheros chips. similar for LAN interface which also defaults to Intel based network card with em0 driver (LAN_IF option).

If you want to disable random MAC address for LAN with LAN_RANDOM_MAC=0 and enable generation of random MAC address for WiFi networks with WLAN_RANDOM_MAC=1 option.

You should also decide if You want to use sudo (SUDO option) or doas (DOAS option).

Here are network.shΒ script and optional network.sh.oui.txt OUI data.

After downloading please rename them accordingly (WordPress limitation).

% mv network-sh.key         network.sh 
% mv network-sh-oui-txt.key network.sh.oui.txt

Here is example of all network connections stop.

% network.sh stop
doas killall -9 wpa_supplicant
doas killall -9 ppp
doas killall -9 dhclient
doas ifconfig wlan0 destroy
doas ifconfig em0 down
echo | doas tee /etc/resolv.conf
doas /etc/rc.d/netif onerestart

Here is example of WWAN network connection start.

% network.sh wwan start
doas killall -9 wpa_supplicant
doas killall -9 ppp
doas killall -9 dhclient
doas ifconfig wlan0 destroy
doas ifconfig em0 down
echo | doas tee /etc/resolv.conf
doas /etc/rc.d/netif onerestart
doas ppp -ddial WWAN

Here is example od DNS change.

% network.sh dns onic
echo | doas tee /etc/resolv.conf
echo 'nameserver' | doas tee -a /etc/resolv.conf
echo 'nameserver' | doas tee -a /etc/resolv.conf

If You have any problems with the network.sh script then let me know, I will try to fix them ASAP.

If You are more into OpenBSD then FreeBSD then Vincent Delft wrote nmctlNetwork Manager Control tool for OpenBSD – available here – http://vincentdelft.be/post/post_20171023.

Ther is also another OpenBSD project by Aaron Poffenberger for network management – netctl –Β cli network-location manager for OpenBSD –Β available here – https://github.com/akpoff/netctl.

UPDATE 1 – Connect to Open/Unsecured WiFi Network

Recently when I was attending the Salt workshop during NLUUG Autumn Conference 2018 at Utrecht, Nederlands I wanted to connect to open unsecured WiFi network called 'Utrecht Hotel'. My phone of course attached to it instantly but on the other hand FreeBSD was not able to connect to it. As it turns out if you want to enable wpa_supplicant(8) to connect to open unsecured network a separate /etc/wpa_supplicant.conf option is needed (on option for all open unsecured
networks – no need to create such rule for each open/unsecured network).

Its these lines in the /etc/wpa_supplicant.conf file:

% grep -C 2 key_mgmt=NONE /etc/wpa_supplicant.conf


I also modified the network.sh to contain that information in the examples section and also made little fix to always reset the previously set/forced SSID during earlier usage.

# ifconfig wlan0 ssid -

Now the network.sh should be even more pleasant to use.