FreeBSD has recently launched version 14 of their operating system. I have personally worked with it for a while and haven’t found any issue or incompatibility with my existing software. However, there are some things worth remarking for from within the long list of changes published by the FreeBSD foundation, as it directly may affect how we use the system. I will keep it short.

• The default shell is now sh and not csh. Personally I have my own csh shell setup so I changed it back to csh.
• There is no /usr/home directory anymore. Instead, /home is created as a real directory rather than a symbolic link to /usr/home. So if something doesn’t work after the upgrade, make sure you don’t have some configuration file pointing to those now unexisting paths.
• The default mail agent is Dragonfly (DMA) instead of Sendmail. This article explains how to get quickly set up with it. Another big change, as Sendmail had been there since the nineties.
• The shiny new VPN protocol that has taken the world by storm, Wireguard, is now part of the kernel, which means if you want to run your own VPN you will get the best performance possible from FreeBSD.
• Big change for those who still rely on compiling ports from source – portsnap is removed; ports can be fetched now by using git instead. As per the changelist: Users are encouraged to fetch the ports tree by using pkg install git and then git clone https://git.FreeBSD.org/ports.git /usr/ports
• OpenSSL is upgraded from v1 to v3 which is 7 years (!) more recent thus it’s something worth noting. If you use keys for ssh access, it’s possible that the cipher, such as for example sha-rsa is not available anymore by default. Check the messages in /var/log/auth if you are unable to login.
• Mergemaster (the tool responsible for merging changes to /etc configuration files during an OS upgrade) is deprecated in favor of etcupdate. This is good news as it will should make upgrades less problematic.
• The pf firewall is now supporting features previously only available in the original OpenBSD version. Specifically – I quote – : The pf(4) packet filter now supports scrubbing with OpenBSD syntax and behaviour. If there are no FreeBSD scrub rules, a global flag set reassemble yes | no [no-df] determines whether packet reassembly is done. Scrubbing, like setting tos, ttl, etc, can be done in match and pass rules, which also makes it stateful. Match rules are now fully supported, as on OpenBSD, not only for dummynet queues.

There are of course many other changes that would be tedious to detail as they are unlikely to concern you directly but it’s safe to say the list looks pretty exciting as we can expect better performance and compatibility all across the board and particularly with newer, faster network cards that are available in OVH. Boot times are also reduced, but who needs to reboot FreeBSD anyway?

Finally it’s Interesting to note is the fact that the german game publisher InnoGames, responsible for mobile games such as Forge of Empires, is now a sponsor of FreeBSD, contributing patches like the packet filter update mentioned above – this should help the viability of FreeBSD as a game server platform, as previously none of the sponsors was involved in the game industry.

Overall an exciting update that I recommend installing to all FreeBSD fans.