Mastering pfSense
Second Edition
Manage, secure, and monitor your on-premise and cloud network with pfSense 2.4
David Zientara
BIRMINGHAM - MUMBAI
Mastering pfSenseSecond Edition
Copyright 2018 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
Commissioning Editor: Vijin Boricha
Acquisition Editor: Shrilekha Inani
Content Development Editor: Priyanka Deshpande
Technical Editor: Mohit Hassija
Copy Editor: Safis Editing
Project Coordinator: Virginia Dias
Proofreader: Safis Editing
Indexer: Mariammal Chettiyar
Graphics: Tom Scaria
Production Coordinator: Shantanu Zagade
First published: August 2016
Second edition: May 2018
Production reference: 1040518
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham
B3 2PB, UK.
ISBN 978-1-78899-317-3
www.packtpub.com
To my mother, Isabel Zientara, and to the memory of my father, Francis, for their constant encouragement and support, and for always keeping me focused on what is important. To my siblings, who have always been there when needed.
mapt.io
Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.
Why subscribe?
Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals
Improve your learning with Skill Plans built especially for you
Get a free eBook or video every month
Mapt is fully searchable
Copy and paste, print, and bookmark content
PacktPub.com
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at service@packtpub.com for more details.
At www.PacktPub.com , you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks.
Contributors
About the author
David Zientara is a software engineer and IT professional living in northern New Jersey. He has 20 years of experience in IT, and he has been the lead software engineer for Oxberry since the mid-1990s. His interest in pfSense prompted him to create a pfSense website in June 2013, and eventually to author this book.
I wish to thank my editors for helping ensure that the final product is the best that it can be. I also wish to thank my parents for their constant support in my endeavors.
About the reviewer
Shiva V.N. Parasram is a professional cyber security trainer and the owner of the Computer Forensics and Security Institute (CFSI). He is also a Certified EC-Council Instructor (CEI), and his qualifications include an M.Sc. in network security (Distinction), CEH, CHFI, ECSA, CCNA, NSE, and more. He has successfully executed and delivered forensic investigations, penetration tests, and security training for large enterprises, and he is also the author of Digital Forensics with Kali Linux, Packt Publishing.
"If you have to be anything, be brave." Indra J. Parasram.
"Always be patient, son." Harry G. Parasram.
To my parents and best friends. The love that stayed, the love I know. Thank you.
Packt is searching for authors like you
If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.
Preface
pfSense is open source firewall/router software based on the FreeBSD packet filtering program PF that can be used as a perimeter firewall, router, wireless access point, DHCP server, DNS server, or VPN endpoint. Mastering pfSense, Second Edition, is a comprehensive guide to installing, configuring, and customizing pfSense.
Who this book is for
The target audience for this book should have at least an intermediate level of knowledge of computer networking. Some knowledge of pfSense is a plus, although it is not required.
The book should appeal to a wide range of technophiles; anyone interested in pfSense who has an aptitude for understanding networking and the resources to follow along with the examples will benefit from this book.
What this book covers
, Revisiting pfSense Basics , covers deployment scenarios for pfSense, hardware requirements, sizing and installation options, and it guides the user through the initial installation and configuration.
, Advanced pfSense Configuration , covers some of the commonly used pfSense services, such as DHCP, DNS, Dynamic DNS (DDNS), captive portal, Network Time Protocol (NTP), and Simple Network Management Protocol (SNMP).
, VLANs , covers how to set up a virtual LAN in pfSense, both from the command line and the web GUI, and provides examples showing how to configure some commercially available managed switches.
, Using pfSense as a Firewall , covers how to implement rules to block, pass, or divert network traffic, as well as virtual IPs, aliases, and scheduling.
, Network Address Translation , covers Network Address Translation (NAT) in depth, including outbound NAT, port forwarding, 1:1 NAT, and Network Prefix Translation (NPt).
Next page