Re: PF references
On 2006-05-12 14:37:07 -0700, News Collector wrote: > Nick Holland wrote: > > Thanks Nick I should have said I checked all the "usual suspects". Sorry. > >News Collector wrote: > >>Hello: > >> > >>Where (what) is the canonical site (or book) for PF. > > > >documentation-wise? > Yeah > >that would be the OpenBSD man pages. They are authoritative. When > >things change, they get updated, or people get beaten. In particular, > >see pf.conf(5), pfct.(8), pf(4) and the SEE ALSOs in each. > > > >Beyond that, there are several websites and books. My personal favorite > >website is the OpenBSD website itself, but I may be biased. :) > > > OK what book? I'm a PF users and I used it for non-trivial tasks. So I > all (take with gain of salt) most at the level of many docs. > Also PF is a moving target. I wished (wish is the correct word) all > authoritative document. Give to prefect my PF chops. > > > >>Are there any site where talk about PF is a application (like for OS X). > > > >probably. There's a website for just about everything. > >Talk is cheap. > > OS X has PF, but there's a interface that limits what you can do. They > don't document their interface to it. OS X has lot of fancy way to do > trivial thinks you meant not want done. Mac OS X have ipfw(8) (actually IPFW2) from FreeBSD. Not PF. And you can, mostly, override the GUI configuration stuff: http://www.macdevcenter.com/lpt/a/5719 Have a nice day Morten -- http://m.mongers.org/weblog/ -- http://flickr.com/photos/morten_liebach/
Re: PF references
you used the excellent tools as google and http://marc.theaimsgroup.com I guess... I made some searching for you, here you go http://marc.theaimsgroup.com/?l=openbsd-misc&m=114345514930017&w=2 http://www.countersiege.com/doc/pfsync-carp/ http://www.unix-tutorials.com/go.php?id=280 /bkw On 12/05/06, News Collector <[EMAIL PROTECTED]> wrote: Hello: Where (what) is the canonical site (or book) for PF. Are there any site where talk about PF is a application (like for OS X). One Last, has anyone done any work on using CARP, I know synchronizations depends on similar cpus with similar clocks and constrained clock drift. Just wonder.
Re: PF references
Nick Holland wrote:
Thanks Nick I should have said I checked all the "usual suspects". Sorry.
News Collector wrote:
Hello:
Where (what) is the canonical site (or book) for PF.
documentation-wise?
Yeah
that would be the OpenBSD man pages. They are authoritative. When
things change, they get updated, or people get beaten. In particular,
see pf.conf(5), pfct.(8), pf(4) and the SEE ALSOs in each.
Beyond that, there are several websites and books. My personal favorite
website is the OpenBSD website itself, but I may be biased. :)
OK what book? I'm a PF users and I used it for non-trivial tasks. So I
all (take with gain of salt) most at the level of many docs.
Also PF is a moving target. I wished (wish is the correct word) all
authoritative document. Give to prefect my PF chops.
Are there any site where talk about PF is a application (like for OS X).
probably. There's a website for just about everything.
Talk is cheap.
OS X has PF, but there's a interface that limits what you can do. They
don't document their interface to it. OS X has lot of fancy way to do
trivial thinks you meant not want done.
One Last, has anyone done any work on using CARP,
Quite a few people have, yes. ;)
> I know
synchronizations depends
on similar cpus with similar clocks and constrained clock drift.
read it in a book but I thank you are well within their bounds. The book
makes the statement that given a set of hosts which can communicate. It
is impossible for a given host to tell the difference between a slow
host and a failed host( in the absence of timeouts). So if the timeout
is too fast on a fast host it may think a slow host has failed.
The book doesn't give parameter for this kind of failure.
This answer my question because I was had close matching machine but not
exactly.
oh? News to me. And the Celeron 600 that I CARPed with a PIII-750.
Don't really have to even be the same platform, though it can create
administrative problems ("On this machine, carp0 is on the dc0, on
that machine, it's on hme3").
Nick.
Re: PF references
[Oops, was supposed to go to list] Hi, > Where (what) is the canonical site (or book) for PF. What Nick said. And "Building Firewalls with OpenBSD and PF" by Jacek Artymiak is very nice. See the "Books that help" link on openbsd.org. HTH... Nico
Re: PF references
News Collector wrote:
Hello:
Where (what) is the canonical site (or book) for PF.
documentation-wise?
that would be the OpenBSD man pages. They are authoritative. When
things change, they get updated, or people get beaten. In particular,
see pf.conf(5), pfct.(8), pf(4) and the SEE ALSOs in each.
Beyond that, there are several websites and books. My personal favorite
website is the OpenBSD website itself, but I may be biased. :)
Are there any site where talk about PF is a application (like for OS X).
probably. There's a website for just about everything.
Talk is cheap.
One Last, has anyone done any work on using CARP,
Quite a few people have, yes. ;)
> I know
synchronizations depends
on similar cpus with similar clocks and constrained clock drift.
oh? News to me. And the Celeron 600 that I CARPed with a PIII-750.
Don't really have to even be the same platform, though it can create
administrative problems ("On this machine, carp0 is on the dc0, on
that machine, it's on hme3").
Nick.
