The Book of PF: A No-Nonsense Guide to the OpenBSD Firewall
Search in google:
A solid understanding of the BSD Packet Filter (PF) subsystem is a necessity for any network administrator working in a BSD environment. This current, no-nonsense guidebook shows how to harness the power of PF to confidently build the high-performance, low-maintenance network one needs.
THE BOOK OF PF; FOREWORD; PREFACE; About the Book and Thanks; If You Came from Elsewhere; A Little Encouragement: A PF Haiku; Chapter 1: WHAT PF IS; 1.1 Packet Filter? Firewall? A Few Important Terms Explained; 1.2 Network Address Translation; 1.3 PF Today; Chapter 2: LET'S GET ON WITH IT; 2.1 Simplest Possible PF Setup on OpenBSD; 2.2 Simplest Possible PF Setup on FreeBSD; 2.3 Simplest Possible PF Setup on NetBSD; 2.4 First Rule Set—A Single, Stand-Alone Machine; 2.5 Slightly Stricter, with Lists and Macros; 2.6 Statistics from pfctl; Chapter 3: INTO THE REAL WORLD; 3.1 A Simple Gateway, NAT If You Need It; 3.2 That Sad Old FTP Thing; 3.3 FTP Through NAT: ftp-proxy; 3.4 Making Your Network Troubleshooting Friendly; 3.5 Tables Make Your Life Easier; Chapter 4: WIRELESS NETWORKS MADE EASY; 4.1 A Little IEEE 802.11 Background; 4.2 Setting Up a Simple Wireless Network; 4.3 Guarding Your Wireless Network with authpf; Chapter 5: BIGGER OR TRICKIER NETWORKS; 5.1 When Others Need Something in Your Network: Filtering Services; 5.2 Back to the Single NATed Network; 5.3 The Power of Tags; 5.4 The Bridging Firewall; 5.5 Handling Nonroutable Addresses from Elsewhere; Chapter 6: TURNING THE TABLES FOR PROACTIVE DEFENSE; 6.1 Turning Away the Brutes; 6.2 Giving Spammers a Hard Time with spamd; Chapter 7: QUEUES, SHAPING, AND REDUNDANCY; 7.1 Directing Traffic with ALTQ; 7.2 Redundancy and Failover: CARP and pfsync; Chapter 8: LOGGING, MONITORING, AND STATISTICS; 8.1 PF Logs: The Basics; 8.2 Some Additional Tools for PF Logs and Statistics; 8.3 Remember, Useful Log Data Is the Basis for Effective Debugging; Chapter 9: GETTING YOUR SETUP JUST RIGHT; 9.1 The Things You Can Tweak and What You Probably Should Leave Alone; 9.2 Cleaning Up Your Traffic: scrub and antispoof; 9.3 Testing Your Setup; 9.4 Debugging Your Rule Set; 9.5 Know Your Network, Stay in Control; RESOURCES; General Networking and BSD Resources on the Internet; Sample Configurations and Related Musings; PF on Other BSD Systems; BSD and Networking Books; Wireless Networking Resources; spamd and Greylisting-Related Resources; Book-Related Web Resources; If You Enjoyed This Book, Buy OpenBSD CDs and Donate!; A NOTE ON HARDWARE SUPPORT; A Case in Point: The Story of a Small Wireless Network; Getting the Right Hardware; Issues Facing Hardware-Support Developers; How to Help the Hardware-Support Efforts; COLOPHON;Peter N. M. Hansteen is a consultant, writer and sysadmin based in Bergen, Norway. A longtime Freenix advocate, Hansteen is a frequent lecturer on FreeBSD and OpenBSD topics. His expertise as a documentation consultant (and humorous work with the RFC 1149 implementation team) have helped him gain regard in Norwegian IT publications. The Book of PF, Hansteen's first book, is an expanded follow-up to his very popular online PF tutorial.
