OpenBSDs web


PF User Guide

Daniel Hartmeier's PF pages,

Daniel Hartmeier: Design and Performance of the OpenBSD Stateful Packet Filter (pf), (presented at Usenix 2002)

Nate Underwood: HOWTO: Transparent Packet Filtering with OpenBSD,

Randal L. Schwartz: Monitoring Net Traffic with OpenBSD's Packet Filter, Brandvägg med OpenBSD,

Randal L. Schwartz: Blog for Thu, Jan 29, 2004,

RFC 1631, "The IP Network Address Translator (NAT)", May 1994

RFC 1918, "Address Allocation for Private Internets", February 1996

The FreeBSD PF home page,

Peter Postma's PF on NetBSD pages,

Marcus Ranum: The Six Dumbest Ideas in Computer Security, September 1, 2005

Kjell Jørgen Hole WiFi courseware,, also see; also The Unofficial 802.11 Security Web Page comes highly recommended. is the home of all things greylisting, with links to numerous articles and other useful information.

Evan Harris: The Next Step in the Spam Control War: Greylisting (the original greylisting paper)

Mark Uemura: What's New in 4.3: authpf-noip

Henning Brauer: Carp and STP meet switch security

Michael W. Lucas: Network Flow Analysis, No Starch Press 2010

Peter N. M. Hansteen: The silent network: Denying the spam and malware chatter using free tools - paper presented at BSDCan 2007 which puts spamd into a slightly wider spam and malware fighting context along with some data on spammer behavior

Peter N. M. Hansteen: The Book of PF, No Starch Press 2007 (second edition in November 2010), is an expanded and extensively rewritten followup to the tutorial, and covers a range of advanced topics in addition to those covered here.