OpenBSD Journal

Building Firewalls with OpenBSD and PF, 2nd ed.

Contributed by jose on from the just-released dept.

Jacek has a new version of his book, Building Firewalls with OpenBSD and PF, released. You can see about it on the book's website . Lots of useful stuff in this book, and some sample PDFs online, too.

Well done, Jacek!

(Comments are closed)


Comments
  1. By Anonymous Coward () on

    I could have sworn there used to be a VPN book too. Was I just imagining things or was/will there [be] one? I'd be very interested in it if so.

    So far I've bought and read the 1st edition of this book when it first came out and I thought it was an excellent read! Very intersting and enjoyable reading...

    Once I can get some money in my empty pockets, I'll be sure to by the 2nd edition and the Gazeteer for sure!

  2. By Anonymous Coward () on

    ...that bought the first edition, any info on differences between the two editions?

  3. By Boludo () on

    This reply sure is off-topic -- as it is not about firewalls at all, but instead about one of the sample chapters: I wouldn't mind if config file management with CVS didn't propagate.

    No plan to start trolling, but RCS does the job ways better, at least in the environment I'm living in: managed files are read-only unless someone else is modifying them, and policy is that you don't touch rw files you did not lock.

    This selection of sample chapter is a bit unfortunate, esp for marketing.

    Comments
    1. By Loop () on

      How about making a brief howto on RCS available yourself? I'd certainly appreciate it, as would others I'm sure.

      Comments
      1. By Boludo () on

        co(1), ci(1), rcsdiff(1) and rlog(1) document things well.

        Make a RCS directory, use "ci -u $file" to import/commit files, and "co -l $file" to check out and lock.

        One hardly need an howto for this, or maybe only to discover the sanity RCS gives for config files management. You may want to check google.com, there are 6000 hits for "rcs howto".

  4. By petruha () petruha at inbox dot lv on http://petruha.bsd.lv/

    yeah.. great book.. though it has so many spelling errors.. bah.. even in examples.. :) btw, it's been available for a while. and it's quite fresh, covers openbsd 3.4. 'must have' book for firewall administrators!

    Comments
    1. By Ken () on

      Somebody I won't name said that they didn't have time to check the spelling in their book. In their own words, they were concerned about the technical aspects, they didn't want to deal with a grammar monkey. Well, put such a mentality in practice and buyers end up with books that contain so much typos they're almost useless (Sam's Publishing, are you reading this ?).

      Comments
      1. By click46 () click46@genmay.net on mailto:click46@genmay.net

        thats stupid. there are plenty of bored OpenBSD users out there who would be more than happy to proof read something like this.

        regardless, I'll be picking up a copy in a few weeks.

  5. By Dan () on

    By the Table of Contents I think there is 2 big issues missing:

    1. Carp and ifstated or vrrp
    2. Routing protocol.

    For the enterprise routing protocol and availablity is a _must_

    Comments
    1. By Brad () brad at comstyle dot com on mailto:brad at comstyle dot com

      The book is about 3.4 not -current, for routing protocols that really count OpenBSD doesn't ship with such daemons. So then it's up to third party software and there really isn't much out there that is truely free AND good. Hopefully the bgpd in-tree shapes up quickly and someone makes a decent OSPF daemon too.

    2. By Brad () brad at comstyle dot com on mailto:brad at comstyle dot com

      The book is about 3.4 not -current, for routing protocols that really count OpenBSD doesn't ship with such daemons. So then it's up to third party software and there really isn't much out there that is truely free AND good. Hopefully the bgpd in-tree shapes up quickly and someone makes a decent OSPF daemon too.

  6. By Ken () on

    Last december, Jose talked about the book he co-authored with his friend. I wonder if we'll be able to buy it through the OpenBSD store, like Jacek's book ? It would be nice to get all the OpenBSD material from the same place.

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]