The book of pf...

Peter N. M. Hansteen peter at
Wed Jan 19 19:33:22 UTC 2011

Modulok <modulok at> writes:

> This book comes in two editions. The first was published in December
> 2007, the second, November, 2010. Does anyone have this? And if so
> would I be correct to get the first edition instead? I know FreeBSD's
> pf lags being openBSD's, so I'm not sure which version of the book to
> get, if either are applicable to the version of pf that FreeBSD runs?
> (FreeBSD 8.1)

I started updating the text for the 2nd edition due to the changes
introduced in OpenBSD 4.7, (aka "Henning's monster diff") plus a few
other goodies such as pflow(4) that had turned up since the first
edition's late 2007 release, but I took some care to keep samples in
the older syntax where it's relevant.

That means that for the FreeBSD parts, the second edition is up to
date per roughly early October 2010 (FreeBSD 8.1-stable), with a not
that for FreeBSD, we assume the 8 series.  If you're running an older
release (ie a close descendant of whatever was -stable in late 2007),
the first edition is likely better suited.  

For other differences between the two, you could probably get an idea
by comparing the TOCs from the two editions' web pages (at and
respectively).  The second edition turned into a more thorough rewrite
than I'd originally planned with some bits moving around. But if in
doubt, why not get both? ;)

But yes, for FreeBSD 8.1, you'll be happier with the second edition.
FreeBSD's PF syntax is old-style, but some other relevant network
config details changed between 2007 and 2010, and the second edition
reflects this.

- Peter

Peter N. M. Hansteen, member of the first RFC 1149 implementation team
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: disconnected after 42673 seconds.

More information about the freebsd-questions mailing list