| OpenBSD's stateful packet filter, PF, offers an amazing
feature set and support across the major BSD platforms. Like
most firewall software though, unlocking PF's full potential
takes a good teacher.
Peter N.M. Hansteen's PF website and conference tutorials
have helped thousands of users build the networks they need
using PF. The Book of PF is the product of Hansteen's
knowledge and experience, teaching good practices as well as
bare facts and software options. Throughout the book,
Hansteen emphasizes the importance of staying in control by
having a written network specification, using macros to make
rule sets more readable, and performing rigid testing when
loading in new rules.
Today's system administrators face increasing challenges in
the quest for network quality, and The Book of PF can help
by demystifying the tools of modern *BSD network defense.
But, perhaps more importantly, because we know you like to
tinker, The Book of PF tackles a broad range of topics that
will stimulate your mind and pad your resume, including how
to:
Create rule sets for all kinds of network traffic, whether
it is crossing a simple home LAN, hiding behind NAT,
traversing DMZs, or spanning bridges
Use PF to create a wireless access point, and lock it down
tight with authpf and special access restrictions
Maximize availability by using redirection rules for load
balancing and CARP for failover
Use tables for proactive defense against would-be attackers
and spammers
Set up queues and traffic shaping with ALTQ, so your network
stays responsive
Master your logs with monitoring and visualization, because
you can never be too paranoid
The Book of PF is written for BSD enthusiasts and network
admins at any level of expertise. With more and more
services placing high demands on bandwidth and increasing
hostility coming from the Internet at-large, you can never
be too skilled with PF.
|
Biting the hand that feeds IT 
Published by: NO STARCH PRESS