UKUUG/O’Reilly Tutorial: ‘Building the network you need with OpenBSD’s PF’ – London 22/09/11


Book now: online or booking PDF.

This one day session is aimed at experienced or aspiring network administrators who want to expand their knowledge of PF, the OpenBSD packet filter, and related tools. A basic knowledge of Unix and TCP/IP network configuration is expected and required. Topics covered include

  • Configuration on OpenBSD, FreeBSD and NetBSD
  • PF ruleset basics and rule interactions: block, pass, match
  • Writing maintainable rulesets
  • Address families: IPv4 NAT vs IPv6
  • Redirections and services with odd dependencies (ftp-proxy, spamd)
  • Adaptive rulesets (state tracking tricks)
  • ALTQ traffic shaping
  • Per user filtering with authpf
  • High availability with CARP, relayd
  • Wireless vs wired networks
  • Filtering bridges
  • Logging and monitoring – pflog, pflow and others
  • Testing, debugging, and optimizing your configuration

The session will provide updates on the new PF syntax and features introduced in OpenBSD 4.7 (with samples presented in the old and new syntax where appropriate), with newer updates and reviews of relevant new features in the upcoming OpenBSD 5.0 release.

The tutorial is loosely based on Hansteen’s book, The Book of PF (No Starch Press, second edition November 2010).

Who should attend? Those who use or are considering using PF on any BSD. It goes from the basics to advanced usage of the latest versions of PF, including traffic shaping using altq, and the supporting features for higher level services such as trapping spam via greylisting and http filtering, SSL proxying, and load balancing. PFs simplicity and ease allows those new to PF to understand it quickly, while refreshing the best practices in filtering for those who have used PF for years.

Tutor Biography: Peter N. M. Hansteen is a consultant, writer and sysadmin from Bergen, Norway. A long time freenix advocate and during recent years a frequent lecturer and tutor with emphasis on OpenBSD and FreeBSD, author of several articles and The Book of PF (No Starch Press 2007, 2nd edition November 2010). He writes a frequently slashdotted blog at http://bsdly.blogspot.com/

Please note places are limited and early booking is essential.

Early-Bird rate (before 1st June)

  • Individual & Academic members: £240.00 inc VAT
  • Corporate members: £300.00 inc VAT
  • Non- members: £400.00 inc VAT

The above prices include FULL day tutorial, refreshments, lunch and a set of tutorial notes. For full details and terms and conditions, see the booking form

Book now: online or booking PDF.

Leave a comment