OpenBSD Journal

Guide to OpenBSD Packet Filtering Firewalls

Contributed by jose on from the PF-for-newbies dept.

creining was the first to send us this one:
"There is an article over at kuro5hin that explains how to set up a firewall utilizing OpenBSD. It is geared towards people with little UNIX background. Lots of links in this one! "
I had a look at this last night, and it is a good introduction for people who use OpenBSD and PF as a firewall (which is a lot of people who normally don't use OpenBSD, or even UNIX). Well done!

(Comments are closed)

  1. By dmp () on

    The layout and depth of content stinks, but maybe it's just me...

    1. By Shane J Pearson () on

      The layout and depth of content stinks, but maybe it's just me...

      I've found lots of negative views on Deadly regarding various guides.

      Have you written a good guide? Seriously, if you can see where they're wrong and can do better, then please do.

      You and your guide will be most appreciated.

  2. By Noob () on

    I thought that was very good. I am the type of person who prefers a whole lot of information bunched together. Having the links to all the aspects of the article was nice too I thought.

  3. By Anonymous Coward () on

    Personally I got help from:

    They did a good job helping me out.

  4. By Anonymous Coward () on

    the part where it says To disable pf 'pfctl -e ...' it should read to enable.

  5. By marcbey () on

    im too lazy(maybe stupid) to learn rulesets, but i believe in openBSD security. so i installed an ruleset from which seems also quite good. i modified it for 3.2, but when i do an security check from eg. i only get closed ports. Why?


    1. By Anonymous Coward () on

      You answered your own question in the first 3 words of your sentence.

      Believing in OpenBSD security also means believing in reading, working, learning, working, growing, working, being proactive, working.

      Laziness falls outside of the scope of OpenBSD.

    2. By Anonymous Coward () on

      Your ISP may have everything firewalled off to the outside world.

      (I tried something very similar to what you did.)


Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]