Contributed by jose on from the new-docs dept.
Thanks to Nick Holland (and others) for their effort and the complete covering of all nifty topics, which are now possible in 3.3
http://www.openbsd.org/faq/pf/ " Now you can get answers to all the questions you have about all of those nifty new features. Thanks, guys!
(Comments are closed)
By Nick Holland () nick@holland-consulting.net on http://www.holland-consulting.net
While I did start this project, Joel Knight stepped in and did a fantastic job of making it what it is now. I do believe Joel's work is at least 90% of what is there now, and a little of the remaining 10% came from the old FAQ...
This was probably the most exciting commit I have made after my first when I started with the OpenBSD team, but the excitement was just the quality of the work I was putting in, and the value to the users, not the fact that I did it.
Great work, Joel Knight!
Nick.
By Jason () on
Well done!!
A book from me about pf would have sucked anyway, I'm still a "hobby user". ;-)
Comments
By Anonymous Coward () on
Waiting now for the Absolute OpenBSD book, in June.
By rabbit () rabbit@ulyssis.org on http://ace.ulyssis.org/rabbit
I like it that all of the features are explained in short, so that you can know what something is for, without having to go through dozens of pages of complicated text, which would leave you even more confused :)
Also it's really cool to have a lot of real world, functional examples, to get ideas from.
I'd better get to work rewriting my lousy, badly coded pf ruleset as soon as my 3.3 cd's arrive :-)
By Joy Almacen () on
One wish remains for me, better FTP support ala Cisco PIX 'fixup' flag.
Kudos to the OpenBSD developers. I will definitely buy two more T-shirts and the CD set.
By Michael Anuzis () on
http://www.anuzis.net/pf.conf
It takes advantage of most all of the new PF tricks (outside anchors). Including giving priority to SSH over web/ftp, etc, etc, etc
Comments / critique also appreciated.
Comments
By Michael Anuzis () on
it will give bandwidth priority to the people I put in the "friends" rule and things like that, but i'm sure it's really nothing special compared to the avg ruleset out there.
By Anonymous Coward () on
By Anonymous Coward () on
has this been fixed "out of the box"? does anything special need to be done to use pf with dsl?
Comments
By Anonymous Coward () on
I've never used PPPoE either (thank God) but check this link:
http://www.benzedrine.cx/ackpri.html
He seems to be using DSL with PPPoE so I assume it should work.
By bobo () on
I think it's PF has always had this capability.
Granted, I could be wrong on that. Anyway,
for a long time you can do '(ppp0)'.
#### NAT ####
# Translate so that kreechta can talk to the world.
# Using PPPD with a dynamic dial-up IP assignment...
nat on ppp0 from 192.168.0.3 to ! 192.168.0.0/24 -> (ppp0)
rdr on ppp0 inet proto tcp from any to (ppp0) port auth -> 192.168.0.3
By Anonymous Coward () on
Anyway it is great job. Thanks.