Some of you may have heard that I gave a Firewalling with PF tutorial (aka Packet Filtering for Fun and Profit) at the UKUUG Spring 2006 conference in Durham, UK this week. The updated manuscript is now available for reading and downloading from the usual place, see below.
This is essentially what I presented in Durham with a few obvious typos corrected. The useful suggestions from a few delegates there have not yet been integrated, however. Highlights: * A more thorough and hopefully useful discussion of icmp handling in your rule sets * The public services on local net section (rdr tricks) updated * A little info on the new (3.9) ftp-proxy * A little more background for the wireless examples * Expanded logging discussion * A bit more on spamd fun * The source files are now fetchable even by non-psychics If you spot any errors or feel something is in need of improvement, please let me know. Comments of all kinds are welcome. And yes, the manuscript is set to evolve a bit further for BSDCan and SANE, those updates will appear on-line, BSD licensed, after the conferences too. The files are at http://www.bgnett.no/~peter/pf/, or can be accessed directly as http://www.bgnett.no/~peter/pf/en/ - full text, html, English http://www.bgnett.no/~peter/pf/en/long-firewall.html - full text, one html file, English http://www.bgnett.no/~peter/pf/en/pf-firewall.pdf - full text, pdf, English http://www.bgnett.no/~peter/pf/en/pf-firewall_en.tar.gz - source files, for the above, nicely archived http://www.bgnett.no/~peter/pf/en/foils/ - foils, html, English Please note what it says at http://www.bgnett.no/~peter/pf/en/webhome.html#SUPPPORTTHEPROJECT Note: the Norwegian files at http://www.bgnett.no/~peter/pf/ are not yet in sync. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" 20:11:56 delilah spamd[26905]: 146.151.48.74: disconnected after 36099 seconds.
