San Francisco, CA—Today’s system administrators face increasing challenges in their quest for network security. PF is the OpenBSD project’s answer to this challenge, offering *BSD system administrators a system for filtering TCP/IP traffic and Network Address Translation support. However, like most professional firewall software, it takes a bit of know-how to unlock PF’s full potential.
Peter N.M. Hansteen’s “Firewalling with PF” tutorial and conference sessions have helped thousands of users build more secure networks with PF. The Book of PF (No Starch Press, December 2007, 9781593271657) is the product of Hansteen’s extensive knowledge and his experience teaching best practices. Throughout the book, Hansteen emphasizes the importance of staying in control by having a written network specification, using macros to make rule sets more readable, and performing rigid testing.
The Book of PF tackles a broad range of topics, including how to:
- Create rule sets for all kinds of network traffic, whether it is crossing a simple home LAN, hiding behind NAT, traversing DMZs, or spanning bridges
- Use PF to create a wireless access point, and lock it down tight with authpf and special access restrictions
- Maximize availability by using redirection rules for load balancing and CARP for failover
- Use tables for proactive defense against would-be attackers and spammers
- Set up queues and traffic shaping with ALTQ, so the network stays responsive
- Master PF logs with monitoring and visualization, because you can never be too paranoid
The Book of PF is for BSD enthusiasts and network admins at any level of expertise. With more and more services placing high demands on bandwidth and increasing hostility coming from the Internet at-large, you can never be too skilled with PF.
About the Author
Peter N.M. Hansteen is a consultant, writer, and sysadmin based in Bergen, Norway. A longtime Freenix advocate, Hansteen is a frequent lecturer on FreeBSD and OpenBSD topics. The Book of PF, Hansteen’s first book, is an expanded follow-up to his very popular online PF tutorial.
- Peter N.M. Hansteen’s PF tutorial--http://home.nuug.no/~peter/pf/
- Table of contents overview--http://www.nostarch.com/pf_toc.htm
- Detailed table of contents (PDF)--http://www.tinker.tv/download/pf_toc.pdf
- Chapter 4: Wireless Networks Made Easy (PDF)-- http://www.tinker.tv/download/pf_ch4.pdf
- Large cover image--http://www.nostarch.com/pf_big.htm
The Book of PF
A No-Nonsense Guide to the OpenBSD Firewall
Peter N.M. Hansteen
ISBN 9781593271657, 184 pages, $29.95 USD
About No Starch Press
Founded in 1994, No Starch Press is one of the few remaining independent computer book publishers. We publish the finest in geek entertainment—unique books on technology, with a focus on Open Source, security, hacking, programming, alternative operating systems, and LEGO. Our titles have personality, our authors are passionate, and our books tackle topics that people care about. See www.nostarch.com for more information and our complete online catalog. (And most No Starch Press books use RepKover, a lay-flat binding that won’t snap shut.)
O’Reilly Media spreads the knowledge of innovators through its books, online services, magazines, and conferences. Since 1978, O’Reilly Media has been a chronicler and catalyst of cutting-edge development, homing in on the technology trends that really matter and spurring their adoption by amplifying “faint signals” from the alpha geeks who are creating the future. An active participant in the technology community, the company has a long history of advocacy, meme-making, and evangelism.