by Peter N.M. Hansteen
December 2007, 184 pp.
There's a newer edition of this book available!
OpenBSD's stateful packet filter, PF, offers an amazing feature set and support across the major BSD platforms. Like most firewall software though, unlocking PF's full potential takes a good teacher. Peter N.M. Hansteen's PF website and conference tutorials have helped thousands of users build the networks they need using PF. The Book of PF is the product of Hansteen's knowledge and experience, teaching good practices as well as bare facts and software options. Throughout the book, Hansteen emphasizes the importance of staying in control by having a written network specification, using macros to make rule sets more readable, and performing rigid testing when loading in new rules.
Today's system administrators face increasing challenges in the quest for network quality, and The Book of PF can help by demystifying the tools of modern *BSD network defense. But, perhaps more importantly, because we know you like to tinker, The Book of PF tackles a broad range of topics that will stimulate your mind and pad your resume, including how to:
The Book of PF is written for BSD enthusiasts and network admins at any level of expertise. With more and more services placing high demands on bandwidth and increasing hostility coming from the Internet at-large, you can never be too skilled with PF.
About the Author
Peter N.M. Hansteen is a consultant, writer, and sysadmin based in Bergen, Norway. A longtime Freenix advocate, Hansteen is a frequent lecturer on FreeBSD and OpenBSD topics. The Book of PF, Hansteen's first book, is an expanded follow-up to his very popular online PF tutorial.
Table of Contents
Foreword by Bob Beck
To view the detailed Table of Contents (PDF) click here.
To view the Index (PDF) click here.(top)
"This book is for everyone who uses PF. Regardless of operating system and skill level, this book will teach you something new and interesting."
"With Mr. Hansteen paying close attention to important topics like state inspection, SPAM, black/grey listing, and many others, this must have reference for BSD users can go a long way to helping you fine tune the who/what/where/when/how of access control on your BSD box."
"A must-have resource for anyone who deals with firewall configurations. If you've heard good things about PF and have been thinking of giving it a go, this book is definitely for you. Start at the beginning and before you know it you'll be through the book and quite the PF guru. Even if you're already a PF guru, this is still a good book to keep on the shelf to refer to in thorny situations or to lend to colleagues."
"The book is a great resource and has me eager to rewrite my aging rulesets."
"This book is a super-easy read. I loved it! This book easily makes my Top 5 Book list"