- Paperback: 248 pages
- Publisher: No Starch Press; 3 edition (October 18, 2014)
- Language: English
- ISBN-10: 1593275897
- ISBN-13: 978-1593275891
- Product Dimensions: 7 x 0.5 x 9.2 inches
- Shipping Weight: 1 pounds (View shipping rates and policies)
- Average Customer Review: 13 customer reviews
- Amazon Best Sellers Rank: #123,702 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
The Book of PF: A No-Nonsense Guide to the OpenBSD Firewall 3rd Edition
Use the Amazon App to scan ISBNs and compare prices.
There is a newer edition of this item:
"Children of Blood and Bone"
Tomi Adeyemi conjures a stunning world of dark magic and danger in her West African-inspired fantasy debut. Pre-order today
Frequently bought together
Customers who bought this item also bought
Customers who viewed this item also viewed
About the Author
Peter N. M. Hansteen is a consultant, writer, and sysadmin based in Bergen, Norway. A longtime Freenix advocate, Hansteen is a frequent lecturer on OpenBSD and FreeBSD topics, an occasional contributor to BSD Magazine, and the author of an often-slashdotted blog (http://bsdly.blogspot.com/). Hansteen was a participant in the original RFC 1149 implementation team. The Book of PF is an expanded follow-up to his very popular online PF tutorial (http://home.nuug.no/~peter/pf/).
Top customer reviews
There was a problem filtering reviews right now. Please try again later.
The only part of the book that I thought could have been done better was chapter 5 (DMZs). The author jumped between a DMZ on the same RFC 1918 subnet (via NAT/port forwarding) and a DMZ on a separate RFC 1918 subnet (still port-forwarded). Perhaps forking the running rule set in that chapter to illustrate both approaches would have been clearer and easier to follow than cutting the rule set over in a back and forth fashion as the DMZ approach changed in the discussion. I also would have liked to have seen a more developed example rule set of a DMZ that uses public IPs and a LAN that uses NAT/RFC 1918 addresses complete with rules for accessing the DMZ public IP servers from the LAN network. Some flipping between the examples in chapter 5 and the PF man page got me where I wanted to be though.
Its a great book overall that vastly improved my knowledge of PF. I'm so happy to now have a solid and secure OpenBSD network appliance that I can understand in detail how it works.
But here, the book is needed. Clear, with good explanations of why, so that you can use the ideas not just the examles
just name a network service. All of this in OpenBSD is connected to the the well designed and well
documented PF (Packet Filter).
This book is a good companion to the man pages, highly reccomended to all system managers
who build network services using OpenBSD.