OpenBSD’s packet filter has really grown up. Since its introduction in OpenBSD 3.0, it has become an advanced tool for networking and security. In the first of four articles, Jacek Artymiak examines recent updates to pf. This week, he looks at Network Address Translation. The whole series of OpenBSD articles can be found here.
Securing Small Networks with OpenBSD: NAT with pf
About The Author
Eugenia Loli
Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
Any chance?
I follow frequently http://www.deadly.org and I think, “pf” is what I want.
But I don’t want OpenBSD, because lack of other drivers for my hardware…
I doubt there’s a pf port for linux. I also think it’s non-trivial to port it over, though I may be wrong on that one
What hardware problems are you having? In my experience, OpenBSD has supported just about any piece of hardware I’ve ever thrown at it, including a funky behaving pcmcia controller (though that one needed some tweaking).
Especially since a firewall only needs a couple of NIC’s, I can hardly imagine what’s causing the problem, unless you have some really weird NIC’s in that machine of yours
.. that OpenBSD doesn’t have any sane upgrade path for older, remote systems. You mean “Home Networks” in the title, right?
Even the project leader admitted at one time that upgrading over previous versions wasn’t really supported or advised. I purchased three versions of OpenBSD (2.{6,7,8}) until I eventually got tired of the upgrade debacle.
That’s why I’m using Debian and netfilter/iptables with Owl patches.