• Complain

Peter N. M. Hansteen - The Book of PF: A No-Nonsense Guide to the OpenBSD Firewall

Here you can read online Peter N. M. Hansteen - The Book of PF: A No-Nonsense Guide to the OpenBSD Firewall full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2010, publisher: No Starch Press, genre: Home and family. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

No cover
  • Book:
    The Book of PF: A No-Nonsense Guide to the OpenBSD Firewall
  • Author:
  • Publisher:
    No Starch Press
  • Genre:
  • Year:
    2010
  • Rating:
    3 / 5
  • Favourites:
    Add to favourites
  • Your mark:
    • 60
    • 1
    • 2
    • 3
    • 4
    • 5

The Book of PF: A No-Nonsense Guide to the OpenBSD Firewall: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "The Book of PF: A No-Nonsense Guide to the OpenBSD Firewall" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

OpenBSDs stateful packet filter, PF, is the heart of the OpenBSD firewall and a necessity for any admin working in a BSD environment. With a little effort and this book, youll gain the insight needed to unlock PFs full potential.

This second edition of The Book of PF has been completely updated and revised. Based on Peter N.M. Hansteens popular PF website and conference tutorials, this no-nonsense guide covers NAT and redirection, wireless networking, spam fighting, failover provisioning, logging, and more. Throughout the book, Hansteen emphasizes the importance of staying in control with a written network specification, keeping rule sets readable using macros, and performing rigid testing when loading new rules.

The Book of PF tackles a broad range of topics that will stimulate your mind and pad your resume, including how to:

  • Create rule sets for all kinds of network traffic, whether its crossing a simple LAN, hiding behind NAT, traversing DMZs, or spanning bridges or wider networks
  • Create wireless networks with access points, and lock them down with authpf and special access restrictions
  • Maximize flexibility and service availability via CARP, relayd, and redirection
  • Create adaptive firewalls to proactively defend against would-be attackers and spammers
  • Implement traffic shaping and queues with ALTQ (priq, cbq, or hfsc) to keep your network responsive
  • Master your logs with monitoring and visualization tools (including NetFlow)

The Book of PF is for BSD enthusiasts and network administrators at any skill level. With more and more services placing high demands on bandwidth and an increasingly hostile Internet environment, you cant afford to be without PF expertise.

Peter N. M. Hansteen: author's other books


Who wrote The Book of PF: A No-Nonsense Guide to the OpenBSD Firewall? Find out the surname, the name of the author of the book and a list of all author's works by series.

The Book of PF: A No-Nonsense Guide to the OpenBSD Firewall — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "The Book of PF: A No-Nonsense Guide to the OpenBSD Firewall" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make
The Book of PF
Peter N.M. Hansteen

Copyright 2010

All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright owner and the publisher.

No Starch Press and the No Starch Press logo are registered trademarks of No Starch Press, Inc. Other product and company names mentioned herein may be the trademarks of their respective owners. Rather than use a trademark symbol with every occurrence of a trademarked name, we are using the names only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark.

The information in this book is distributed on an As Is basis, without warranty. While every precaution has been taken in the preparation of this work, neither the author nor No Starch Press, Inc. shall have any liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the information contained in it.


Dedication

To Gene Scharmann, who all those years ago nudged me in the direction of free software

PRAISE FOR THE FIRST EDITION OF THE BOOK OF PF

This book is for everyone who uses PF. Regardless of operating system and skill level, this book will teach you something new and interesting.

BSD Magazine

With Mr. Hansteen paying close attention to important topics like state inspection, SPAM, black/grey listing, and many others, this must-have reference for BSD users can go a long way to helping you fine tune the who/what/where/when/how of access control on your BSD box.

InfoWorld

A must-have resource for anyone who deals with firewall configurations. If youve heard good things about PF and have been thinking of giving it a go, this book is definitely for you. Start at the beginning and before you know it youll be through the book and quite the PF guru. Even if youre already a PF guru, this is still a good book to keep on the shelf to refer to in thorny situations or to lend to colleagues.

Dru Lavigne , Tech Writer

The book is a great resource and has me eager to rewrite my aging rulesets.

;login:

This book is a super-easy read. I loved it! This book easily makes my Top 5 Book list.

Daemon News

Foreword
from the first edition

OpenBSDs PF packet filter has enjoyed a lot of success and attention since it was first released in OpenBSD 3.0 in late 2001. While youll find out more about PFs history in this book, in a nutshell, PF happened because it was needed by the developers and users of OpenBSD. Since the original release, PF has evolved greatly and has become the most powerful free tool available for firewalling, load balancing, and traffic managing. When PF is combined with CARP and pfsync, PF lets system administrators not only protect their services from attack, but it makes those services more reliable by allowing for redundancy, and it makes them faster by scaling them using pools of servers managed through PF and relayd.

While I have been involved with PFs development, I am first and foremost a large-scale user of PF. I use PF for security, to manage threats both internal and external, and to help me run large pieces of critical infrastructure in a redundant and scalable manner. This saves my employer (the University of Alberta, where I wear the head sysadmin hat by day) money, both in terms of downtime and in terms of hardware and software. You can use PF to do the same.

With these features comes the necessary evil of complexity. For someone well versed in TCP/IP and OpenBSD, PFs system documentation is quite extensive and usable all on its own. But in spite of extensive examples in the system documentation, it is never quite possible to put all the things you can do with PF and its related set of tools front and center without making the system documentation so large that it ceases to be useful for those experienced people who need to use it as a reference.

This book bridges the gap. If you are a relative newcomer, it can get you up to speed on OpenBSD and PF. If you are a more experienced user, this book can show you some examples of the more complex applications that help people with problems beyond the scope of the typical. For several years, Peter N.M. Hansteen has been an excellent resource for people learning how to apply PF in more than just the How do I make a firewall? sense, and this book extends his tradition of sharing that knowledge with others. Firewalls are now ubiquitous enough that most people have one, or several. But this book is not simply about building a firewall, it is about learning techniques for manipulating your network traffic and understanding those techniques enough to make your life as a system and network administrator a lot easier. A simple firewall is easy to build or buy off the shelf, but a firewall you can live with and manage yourself is somewhat more complex. This book goes a long way toward flattening out the learning curve and getting you thinking not only about how to build a firewall, but how PF works and where its strengths can help you. This book is an investment to save you time. It will get you up and running the right wayfaster, with fewer false starts and less time experimenting.

Bob Beck

Director, The OpenBSD Foundation

http://www.openbsdfoundation.org

Edmonton, Alberta, Canada

Acknowledgments

This manuscript started out as a user group lecture, first presented at the January 27, 2005 meeting of the Bergen [BSD and] Linux User Group (BLUG). After I had translated the manuscript into English and expanded it slightly, Greg Lehey suggested that I should stretch it a little further and present it as a half day tutorial for the AUUG 2005 conference. After a series of tutorial revisions, I finally started working on what was to become the book version in early 2007.

The next two paragraphs are salvaged from the tutorial manuscript and still apply to this book:

This manuscript is a slightly further developed version of a manuscript prepared for a lecture which was announced as (translated from Norwegian):

This lecture is about firewalls and related functions, with examples from real life with the OpenBSD projects PF (Packet Filter). PF offers firewalling, NAT, traffic control, and bandwidth management in a single, flexible, and sysadmin-friendly system. Peter hopes that the lecture will give you some ideas about how to control your network traffic the way you wantkeeping some things outside your network, directing traffic to specified hosts or services, and of course, giving spammers a hard time.

Some portions of content from the tutorial (and certainly all the really useful topics) made it into this book in some form. During the process of turning it into a useful book, a number of people have offered insights and suggestions.

People who have offered significant and useful input regarding early versions of this manuscript include Eystein Roll Aarseth, David Snyder, Peter Postma, Henrik Kramshj, Vegard Engen, Greg Lehey, Ian Darwin, Daniel Hartmeier, Mark Uemura, Hallvor Engen, and probably a few who will remain lost in my mail archive until I can grep them out of there.

I would like to thank the following organizations for their kind support: the NUUG Foundation for a travel grant, which partly financed my AUUG 2005 appearance; the AUUG, UKUUG, SANE, BSDCan, and AsiaBSDCon organizations for inviting me to their conferences; and the FreeBSD Foundation for sponsoring my trips to BSDCan 2006 and EuroBSDCon 2006.

Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «The Book of PF: A No-Nonsense Guide to the OpenBSD Firewall»

Look at similar books to The Book of PF: A No-Nonsense Guide to the OpenBSD Firewall. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «The Book of PF: A No-Nonsense Guide to the OpenBSD Firewall»

Discussion, reviews of the book The Book of PF: A No-Nonsense Guide to the OpenBSD Firewall and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.