Welcome to the resources page for the The Book of PF, published by No Starch Press in late December 2007.

The Book of PF is a current, practical and readable guide to building the fundamentals of the network you need using the best-of-breed free tools.

The book is written from an OpenBSD 4.2 command-line perspective, with occasional detours and notes to cover PF and related tools on FreeBSD and NetBSD where they differ from the OpenBSD 4.2 baseline.

At the heart of the network you need is a packet filter (aka firewall) that lets you stay in control of your network traffic. Depending on your specific needs, you can extend your configuration to include traffic shaping, boost your network's reliability with redundant systems and transparent failover, load balancing, and SSL acceleration. For good measure, you can set up your system to mitigate various attack attempts including DOSing and bruteforcing, and of course there are good, behavior based spam avoidance tools.

All this and more you will find in The Book of PF, available now in good bookstores or directly via the clickable links on this page.

It started as a user group lecture intended for a circle of friends in Bergen, Norway. The circle of friends expanded incrementally via sessions at NUUG in Oslo, Norway, and later as a half day tutorial at AUUG 2005, UKUUG Spring 2006, BSDCan 2006 and 2007, EuroBSDCon 2006 and 2007, SANE 2006, AsiaBSDCon 2007, and when the book was finally released in December 2007, I held a PF tutorial session based on the book at OpenCON 2007.

Reviews
Dru Lavigne's blog: Review of The Book of PF,

All in all, this book is very readable and a must-have resource for anyone who deals with firewall configurations. If you've heard good things about PF and have been thinking of giving it a go, this book is definitely for you.

Grunix.de (in German): Book Of PF: Eine Rezension,

Alle die privat oder auch beruflich PF einsetzen wird dieses Buch eine Hilfe sein. Sicherlich, die ganz harten Jungs werden es nicht brauchen, für alle anderen ist das Buch aber ausnahmslos empfehlenswert.

Translated versions
In early 2009 I was delighted to hear that Eyrolles had bought the rights to do a French version. The finished product Le livre de Packet Filter was published in July 2009.

Updates and errata
Updates and errata will appear here and at the No Starch web site:

2008-01-26: The Book of PF Erratum 01: hoststated Tables and Redirection Targets corrects an error on page 52 of the book that would lead to a non-functional hoststated setup. Note: This has been corrected in the second printing, issued in October 2008.

For occasional updates about my activities, see my blog at bsdly.blogspot.com.

I'm available for various kinds of work, see the Read this first document and my resume if you are interested in working with me.