Book of PF, 3rd Edition

A No-Nonsense Guide to the OpenBSD Firewall
by Peter N. M. Hansteen

October 2014, 248 pp.
ISBN: 978-1-59327-589-1
Contents | Reviews | Updates

OpenBSD’s stateful packet filter, PF, is the heart of the OpenBSD firewall. With more and more services placing high demands on bandwidth and an increasingly hostile Internet environment, no sysadmin can afford to be without PF expertise.

The third edition of The Book of PF covers the most up-to-date developments in PF, including new content on IPv6, dual stack configurations, the “queues and priorities” traffic-shaping system, NAT and redirection, wireless networking, spam fighting, failover provision ing, logging, and more.

You’ll also learn how to:

  • Create rule sets for all kinds of network traffic, whether crossing a simple LAN, hiding behind NAT, traversing DMZs, or spanning bridges or wider networks
  • Set up wireless networks with access points, and lock them down using authpf and special access restrictions
  • Maximize flexibility and service availability via CARP, relayd, and redirection
  • Build adaptive firewalls to proactively defend against attackers and spammers
  • Harness OpenBSD’s latest traffic-shaping system to keep your network responsive, and convert your existing ALTQ configurations to the new system
  • Stay in control of your traffic with monitoring and visualization tools (including NetFlow)

The Book of PF is the essential guide to building a secure network with PF. With a little effort and this book, you’ll be well prepared to unlock PF’s full potential.


About the Author

Peter N. M. Hansteen is a consultant, writer, and sysadmin based in Bergen, Norway. A longtime Freenix advocate, Hansteen is a frequent lecturer on OpenBSD and FreeBSD topics, an occasional contributor to BSD Magazine, and the author of an often-slashdotted blog (http://bsdly.blogspot.com/). Hansteen was a participant in the original RFC 1149 implementation team. The Book of PF is an expanded follow-up to his very popular online PF tutorial (http://home.nuug.no/~peter/pf/).


Table of Contents

Introduction
Chapter 1:
Building the Network You Need
Chapter 2: PF Configuration Basics
Chapter 3: Into the Real World
Chapter 4: Wireless Networks Made Easy
Chapter 5: Bigger or Trickier Networks
Chapter 6: Turning the Tables for Proactive Defense
Chapter 7: Traffic Shaping with Queues and Priorities
Chapter 8: Redundancy and Resource Availability
Chapter 9: Logging, Monitoring, and Statistics
Chapter 10: Getting Your Setup Just Right

Appendix A: Resources
Appendix B: A Note on Hardware Support

(top)