All, as some of you know, pf is now part of the FreeBSD tree as contributed software. This, however, is not documented in any non-manpage way, yet. Hence I write this, to initiate such documentation and hope for your help in creating such. For a start, it'd be great to have an article to explain about pf and give pointers how to get started with it. A tutorial which explains how to setup a simple dial-up ppp + NAT firewall would also be great (as I believe that the pf in-kernel NAT is more than an alternative to the existing options). There are such documents available for OpenBSD already, most noteable the PF FAQ on the OpenBSD homepage. The copyright for this document have been clarified by a recent commit: http://marc.theaimsgroup.com/?l=openbsd-cvs&m=108389500216473&w=2 which makes it a prime candidate for reference. Thanks to Nick Holland and Joel Knight for this! They asked for permission to use FreeBSD changes to the documentation, which is common sense imo and should not be a problem. More links to (OpenBSD) documentation are available from: http://pf4freebsd.love2party.net/ http://www.benzedrine.cx/pf.html http://www.openbsd.org/ Questions: Q: What version to document? A: At the moment we are still level with OpenBSD 3.4, but an update to OpenBSD 3.5 will happen in a bit. As it should take some time to get documentation ready I think documenting 3.5 would be best. There will be some quirks with the interface handling, which I will explain in detail once we have patches ready. Q: While writting I found that XYZ is strange, can you change it? A: By all means, yes! Writting documentation helps to find bugs and strange stuff in the implementation (rc.d e.g.). If you find such things please take them to me, or the lists (see CC list). Q: What about ALTQ? A: Work is in progress ... but nothing final yet. I consider documenting the ability of pf in that area helpful to advocate an ALTQ import ;) And even if it does not get imported into the base system, there will always be external patches to support the releases. Q: ??? A: Bring additional question to me, or follow-up to this thread. I am not subscribed to -doc so please CC me on what is going on there. I did choose not to write the doc myself, as I am not a native speaker and neither much of an admin, so I have a somewhat limited view on pf. Also this is a good way to get more eyes on pf and to improof the general infrastructure. With *your* help!!! Looking forward to hearing from you! Thanks in advance! (BCC'ed -current, thread is supposed to life in -doc or the pf4freebsd list). -- Best regards, | mlaier_at_freebsd.org Max Laier | ICQ #67774661 http://pf4freebsd.love2party.net/ | mlaier_at_EFnet
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:53 UTC