OpenBSDs web


PF User Guide

Daniel Hartmeier's PF pages,

Daniel Hartmeier: Design and Performance of the OpenBSD Stateful Packet Filter (pf), (presented at Usenix 2002) Brandvägg med OpenBSD,

RFC 1631, "The IP Network Address Translator (NAT)", May 1994

RFC 1918, "Address Allocation for Private Internets", February 1996

The FreeBSD PF home page,

Marcus Ranum: The Six Dumbest Ideas in Computer Security, September 1, 2005 is the home of all things greylisting, with links to numerous articles and other useful information.

Evan Harris: The Next Step in the Spam Control War: Greylisting (the original greylisting paper)

Mark Uemura: What's New in 4.3: authpf-noip

Henning Brauer: Carp and STP meet switch security

Michael W. Lucas: Network Flow Analysis, No Starch Press 2010

Peter N. M. Hansteen: Effective Spam and Malware Countermeasures - Network Noise Reduction Using Free Tools - originally a paper presented at BSDCan 2007 which puts spamd into a slightly wider spam and malware fighting context along with some data on spammer behavior, this 2013 update contains some updates relevant to present conditions.

Peter N. M. Hansteen: The Book of PF, No Starch Press 2014 (second edition in November 2010, first published 2007), is an expanded and extensively rewritten followup to the tutorial, and covers a range of advanced topics in addition to those covered here.