What do you think?
Rate this book
The Book of PF: A No-Nonsense Guide to the OpenBSD Firewall
OpenBSD's stateful packet filter, PF, offers an amazing feature set and support across the major BSD platforms. Like most firewall software though, unlocking PF's full potential takes a good teacher.Peter N.M. Hansteen's PF website and conference tutorials have helped thousands of users build the networks they need using PF. The Book of PF is the product of Hansteen's knowledge and experience, teaching good practices as well as bare facts and software options. Throughout the book, Hansteen emphasizes the importance of staying in control by having a written network specification, using macros to make rule sets more readable, and performing rigid testing when loading in new rules. Today's system administrators face increasing challenges in the quest for network quality, and The Book of PF can help by demystifying the tools of modern *BSD network defense. But, perhaps more importantly, because we know you like to tinker, The Book of PF tackles a broad range of topics that will stimulate your mind and pad your resume, including how The Book of PF is written for BSD enthusiasts and network admins at any level of expertise. With more and more services placing high demands on bandwidth and increasing hostility coming from the Internet at-large, you can never be too skilled with PF.
184 pages, Paperback
First published January 11, 2007
30 people are currently reading
150 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 6 of 6 reviews
February 23, 2008
This was a good book to read as I design my first multi-site, multi-hundred host network. I'll refer back to it often as I fine tune my pf.conf.
The author touches on many things a network admin can do with *bsd+pf, some of which I was familiar with, and a plenty of new features that'll be fun to incorporate in my network over the years. While this book feels like a big step beyond the PF FAQ, you'll still need to delve into the man pages frequently to do anything that isn't trivial (and then you'll have to google for examples to explain the terse man pages).
He insists that this book isn't a glorified PF HOWTO, but too often I was made to accept unsubstantiated motherly best practices instead of well-reasoned theory. Which is too bad, because as a glorified HOWTO, he glazes over too many essential fine points. I'm happier if I think of it more as a primer/survey of the topic.
The author touches on many things a network admin can do with *bsd+pf, some of which I was familiar with, and a plenty of new features that'll be fun to incorporate in my network over the years. While this book feels like a big step beyond the PF FAQ, you'll still need to delve into the man pages frequently to do anything that isn't trivial (and then you'll have to google for examples to explain the terse man pages).
He insists that this book isn't a glorified PF HOWTO, but too often I was made to accept unsubstantiated motherly best practices instead of well-reasoned theory. Which is too bad, because as a glorified HOWTO, he glazes over too many essential fine points. I'm happier if I think of it more as a primer/survey of the topic.
January 29, 2018
Good resource for large scale enterprise deployments of pfSense. Complete overkill and challenging for a home or SOHO deployment. I wound up using pfSense Community Edition with a GUI configuration interface, even though I prefer the command line for almost everything else. By utilizing the GUI, I could get better explanations of setup configurations. There was no mention in this book about pfBlockerNG plugin configuration, one of the most handy add-ons I found for pfSense.
What I'd love to find is a straightforward book for setting up pfSense in a home or home office with secure options and managing parental controls of kid's devices. Something that doesn't assume that everyone is a IT Network Guru. This book is well suited for these Gurus, but not for my needs.
What I'd love to find is a straightforward book for setting up pfSense in a home or home office with secure options and managing parental controls of kid's devices. Something that doesn't assume that everyone is a IT Network Guru. This book is well suited for these Gurus, but not for my needs.
May 18, 2020
Peter N.M. Hansteen is the authority on pf. Read the latest edition of this book, maybe read some of his articles, and set up your network!
To the newcomers, don't confuse this with pf from the FreeBSD world. This is specifically for OpenBSD.
To the newcomers, don't confuse this with pf from the FreeBSD world. This is specifically for OpenBSD.
April 18, 2020
A No-Nonsense guide to the OpenBSD firewall, is my new geeky book. It took 2 months to arrive, but it is finally here! Yuppie! :)
July 15, 2020
Clear and full of useful examples. A must for any network admin. I thought it might only be a book about PF tool, but it is also a book about understanding networks.
June 1, 2022
Fantastic book. All you need to master PF.
Displaying 1 - 6 of 6 reviews