What do you think?
Rate this book
The Book of PF: A No-Nonsense Guide to the OpenBSD Firewall
OpenBSD's stateful packet filter, PF, is the heart of the OpenBSD firewall. With more and more services placing high demands on bandwidth and an increasingly hostile Internet environment, no sysadmin can afford to be without PF expertise.
The third edition of The Book of PF covers the most up-to-date developments in PF, including new content on IPv6, dual stack configurations, the "queues and priorities" traffic-shaping system, NAT and redirection, wireless networking, spam fighting, failover provision ing, logging, and more.
You'll also learn how to:
Create rule sets for all kinds of network traffic, whether crossing a simple LAN, hiding behind NAT, traversing DMZs, or spanning bridges or wider networks
Set up wireless networks with access points, and lock them down using authpf and special access restrictions
Maximize flexibility and service availability via CARP, relayd, and redirection
Build adaptive firewalls to proactively defend against attackers and spammers
Harness OpenBSD's latest traffic-shaping system to keep your network responsive, and convert your existing ALTQ configurations to the new system
Stay in control of your traffic with monitoring and visualization tools (including NetFlow)
The Book of PF is the essential guide to building a secure network with PF. With a little effort and this book, you'll be well prepared to unlock PF's full potential.
The third edition of The Book of PF covers the most up-to-date developments in PF, including new content on IPv6, dual stack configurations, the "queues and priorities" traffic-shaping system, NAT and redirection, wireless networking, spam fighting, failover provision ing, logging, and more.
You'll also learn how to:
Create rule sets for all kinds of network traffic, whether crossing a simple LAN, hiding behind NAT, traversing DMZs, or spanning bridges or wider networks
Set up wireless networks with access points, and lock them down using authpf and special access restrictions
Maximize flexibility and service availability via CARP, relayd, and redirection
Build adaptive firewalls to proactively defend against attackers and spammers
Harness OpenBSD's latest traffic-shaping system to keep your network responsive, and convert your existing ALTQ configurations to the new system
Stay in control of your traffic with monitoring and visualization tools (including NetFlow)
The Book of PF is the essential guide to building a secure network with PF. With a little effort and this book, you'll be well prepared to unlock PF's full potential.
221 pages, Paperback
First published January 11, 2007
30 people are currently reading
149 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 6 of 6 reviews
February 23, 2008
This was a good book to read as I design my first multi-site, multi-hundred host network. I'll refer back to it often as I fine tune my pf.conf.
The author touches on many things a network admin can do with *bsd+pf, some of which I was familiar with, and a plenty of new features that'll be fun to incorporate in my network over the years. While this book feels like a big step beyond the PF FAQ, you'll still need to delve into the man pages frequently to do anything that isn't trivial (and then you'll have to google for examples to explain the terse man pages).
He insists that this book isn't a glorified PF HOWTO, but too often I was made to accept unsubstantiated motherly best practices instead of well-reasoned theory. Which is too bad, because as a glorified HOWTO, he glazes over too many essential fine points. I'm happier if I think of it more as a primer/survey of the topic.
The author touches on many things a network admin can do with *bsd+pf, some of which I was familiar with, and a plenty of new features that'll be fun to incorporate in my network over the years. While this book feels like a big step beyond the PF FAQ, you'll still need to delve into the man pages frequently to do anything that isn't trivial (and then you'll have to google for examples to explain the terse man pages).
He insists that this book isn't a glorified PF HOWTO, but too often I was made to accept unsubstantiated motherly best practices instead of well-reasoned theory. Which is too bad, because as a glorified HOWTO, he glazes over too many essential fine points. I'm happier if I think of it more as a primer/survey of the topic.
January 29, 2018
Good resource for large scale enterprise deployments of pfSense. Complete overkill and challenging for a home or SOHO deployment. I wound up using pfSense Community Edition with a GUI configuration interface, even though I prefer the command line for almost everything else. By utilizing the GUI, I could get better explanations of setup configurations. There was no mention in this book about pfBlockerNG plugin configuration, one of the most handy add-ons I found for pfSense.
What I'd love to find is a straightforward book for setting up pfSense in a home or home office with secure options and managing parental controls of kid's devices. Something that doesn't assume that everyone is a IT Network Guru. This book is well suited for these Gurus, but not for my needs.
What I'd love to find is a straightforward book for setting up pfSense in a home or home office with secure options and managing parental controls of kid's devices. Something that doesn't assume that everyone is a IT Network Guru. This book is well suited for these Gurus, but not for my needs.
May 18, 2020
Peter N.M. Hansteen is the authority on pf. Read the latest edition of this book, maybe read some of his articles, and set up your network!
To the newcomers, don't confuse this with pf from the FreeBSD world. This is specifically for OpenBSD.
To the newcomers, don't confuse this with pf from the FreeBSD world. This is specifically for OpenBSD.
April 18, 2020
A No-Nonsense guide to the OpenBSD firewall, is my new geeky book. It took 2 months to arrive, but it is finally here! Yuppie! :)
July 15, 2020
Clear and full of useful examples. A must for any network admin. I thought it might only be a book about PF tool, but it is also a book about understanding networks.
June 1, 2022
Fantastic book. All you need to master PF.
Displaying 1 - 6 of 6 reviews