September saw a few changes. Most notably, in 14-CURRENT, FreeBSD introduced WITH_LLVM_BINUTILS, which we switched to. This makes it so that we use more llvm compiler toolchain tools, like llvm-objcopy, llvm-size, llvm-cxxfilt, etc. This causes a large number of ports to either fail or be skipped. Most notably, ports that include explicit DTrace support. I'm (slowly) learning how these extra llvm tools work to try to figure out how to fix these issues.

I hardened TCP and UDP blackholing (the `net.inet.tcp.blackhole` and `net.inet.udp.blackhole` sysctl nodes) such that connection attempts to unbound ports are ignored; that is, no TCP RST packet or ICMP unreach packets are sent on unbound ports.

I worked a bit on documentation, too. So the main project wiki is more up-to-date with regards to our features and changes. There's still more work to be done, but our documentation is indeed improving.

Loic troubleshooted some kernel panics and worked with FreeBSD to get those fixed. I still need to review a few patches he has submitted. I hope to get to that in the first week in October.

We received a new server donation. The server will be dedicated for Cross-DSO CFI development. We're grateful for any and all contributions. Your support keeps HardenedBSD alive. Thank you for giving the HardenedBSD team the opportunity to serve you.

Looking forward into October, I'm hoping to fix the llvm toolchain issues. I need to put my administrative hat on and take care of financials. I plan to reach out to recent donors, asking if they want their name added to the donor's page. I plan to perform a rather major overhaul of our perimeter firewall towards the end of the month.