BSDCan2012 - Slide Update J

BSDCan 2012
The Technical BSD Conference

Speakers
Peter Hansteen
Schedule
Day Tutorials - 1 - 2012-05-09
Room DMS 3105
Start time 13:00
Duration 03:00
Info
ID 293
Event type Workshop
Track Tutorial
Language used for presentation English

Building the network you need with PF, the OpenBSD packet filter

This session is aimed at experienced or aspiring network administrators who want to expand their knowledge of PF, the OpenBSD packet filter, and related tools. A basic knowledge of Unix and TCP/IP network configuration is expected and required. A no nonsense session to get you started with PF or refresh your knowledge with the latest updates.

This (one day or half day) session is aimed at experienced or aspiring network administrators who want to expand their knowledge of PF, the OpenBSD packet filter, and related tools. A basic knowledge of Unix and TCP/IP network configuration is expected and required. Topics covered include

  • Configuration on OpenBSD, FreeBSD and NetBSD
  • PF ruleset basics and rule interactions: block, pass, match
  • Writing maintainable rulesets
  • Address families: IPv4 NAT vs IPv6
  • Redirections and services with odd dependencies (ftp-proxy, spamd)
  • Adaptive rulesets (state tracking tricks)
  • ALTQ traffic shaping
  • Per user filtering with authpf
  • High availability with CARP, relayd
  • Wireless vs wired networks
  • Filtering bridges
  • Logging and monitoring - pflog, pflow and others
  • Testing, debugging, and optimizing your configuration

The session will provide updates on the new PF syntax and features introduced in OpenBSD 4.7 (with samples presented in the old and new syntax where appropriate), with newer updates and previews of relevant new features in the just-released OpenBSD 5.1 version (release date May 1st, 2012).

The tutorial is loosely based on Hansteen's book, <a href="http://nostarch.com/pf2.htm">The Book of PF</a> (No Starch Press, second edition November 2010).

Slides matching the EuroBSDCon 2011 version of the tutorial can be found at <a href="http://home.nuug.no/~peter/pf/eurobsdcon2011/">http://home.nuug.no/~peter/pf/eurobsdcon2011/</a>; updated slides will be made available to the general public after the present session has concluded.