DaemonForums  

Go Back   DaemonForums > FreeBSD > FreeBSD Security

FreeBSD Security Securing FreeBSD.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 13th October 2008
neurosis neurosis is offline
Fdisk Soldier
 
Join Date: Jul 2008
Posts: 69
Thanked 0 Times in 0 Posts
Default pf simplified for the not so bright?

Im gearing up to start learning pf. I have "The book of PF" and have read through it and its very good but it still assumes that you understand or know some things that it leaves a little vague to the uninformed. Is there any documentation that anyone knows of that can get someone started and able to understand pf?
Reply With Quote
  #2   (View Single Post)  
Old 13th October 2008
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Helpful companion
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Thanked 193 Times in 184 Posts
Default

How about going strait to the people who wrote it? http://www.openbsd.org/faq/pf/
Reply With Quote
  #3   (View Single Post)  
Old 13th October 2008
ephemera's Avatar
ephemera ephemera is offline
Knuth's homeboy
 
Join Date: Apr 2008
Posts: 537
Thanked 49 Times in 43 Posts
Default

howto's and faq's might make it look easy, but effective implementation of a firewall requires good knowledge of tcp/ip.
if you are more than casually interested in firewalls then thats where you should start.

cheers.
Reply With Quote
  #4   (View Single Post)  
Old 13th October 2008
anomie's Avatar
anomie anomie is offline
Local
 
Join Date: Apr 2008
Location: Texas
Posts: 446
Thanked 69 Times in 46 Posts
Default

Quote:
Originally Posted by ephemera
effective implementation of a firewall requires good knowledge of tcp/ip.
Exactly. IMO, that's 95% of the battle. Once your tcp / udp / icmp / ip knowledge is cemented, it is only a matter of figuring out how to implement the ruleset you want using <packet_filtering_facility_here>.

And that's where documentation (e.g. the FAQ cited above) come into play.
__________________
Kill your t.v.
Reply With Quote
  #5   (View Single Post)  
Old 14th October 2008
chill's Avatar
chill chill is offline
Fdisk Soldier
 
Join Date: Jun 2008
Location: Federal Republic of the US
Posts: 74
Thanked 6 Times in 6 Posts
Default

Daryl's TCP/IP primer is really nice
http://www.ipprimer.com/section.cfm

Also The TCP/IP Guide from No Starch Press is outstanding, its mammoth but good to have for reference if nothing else
http://www.amazon.com/TCP-Guide-Comp...3958797&sr=8-1

Last edited by chill; 14th October 2008 at 04:37 AM.
Reply With Quote
  #6   (View Single Post)  
Old 14th October 2008
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Old man from scene 24
 
Join Date: Apr 2008
Location: Eindhoven, Netherlands
Posts: 2,074
Thanked 198 Times in 156 Posts
Default

Absolute OpenBSD contains a rather good section on pf, it doesn't assume any knowledge about TCP/IP or other networking topics, and the writing style it pretty good IMO.
I would consider it very suitable for beginners.

Not sure if Absolute FreeBSD also contains a section on pf and/or if it's equally good, I don't have this book.

I don't have The book of PF so I can't compare.
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
  #7   (View Single Post)  
Old 15th October 2008
tanked tanked is offline
Fdisk Soldier
 
Join Date: May 2008
Posts: 56
Thanked 1 Time in 1 Post
Default

I was a little disappointed when I bought 'The Book of PF' - its more a 'booklet' than a book, its too short.
Reply With Quote
  #8   (View Single Post)  
Old 15th October 2008
neurosis neurosis is offline
Fdisk Soldier
 
Join Date: Jul 2008
Posts: 69
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by tanked View Post
I was a little disappointed when I bought 'The Book of PF' - its more a 'booklet' than a book, its too short.
I agree. I think there are some things that have to be understood prior to owning this book for it to really be useful. Also I think you need some further reading. It does help to start to understand though.
Reply With Quote
  #9   (View Single Post)  
Old 24th October 2008
neurosis neurosis is offline
Fdisk Soldier
 
Join Date: Jul 2008
Posts: 69
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by Carpetsmoker View Post
Absolute OpenBSD contains a rather good section on pf, it doesn't assume any knowledge about TCP/IP or other networking topics, and the writing style it pretty good IMO.
I would consider it very suitable for beginners.

Not sure if Absolute FreeBSD also contains a section on pf and/or if it's equally good, I don't have this book.

I don't have The book of PF so I can't compare.

I got both books that you mentioned above. Well worth the $$$ Just for the PF section alone the Absolute OPenBSD is worth it. The Absolute FreeBSD doesnt have a very good section on PF. The book of PF doesnt compare at all.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 01:21 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick