<p/>Chapter 17: Basic Packet Filtering - Absolute Openbsd Unix For The Practical Paranoid [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا

➟

جستجو در لغت نامه

بیشتر

کتابخانه شخصی پرسش از کتابدار ارسال منبع

Absolute Openbsd Unix For The Practical Paranoid [Electronic resources] - نسخه متنی

Michael W. Lucas

| ،

افزودن به کتابخانه شخصی

میخواهم بخوانم

درحال خواندن

خوانده شده

ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال

جستجو در متن کتاب

بیشتر

تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب

➟

جستجو در لغت نامه

بیشتر

لیست موضوعات

Sitemap

Table of Contents

Absolute OpenBSD - UNIX for the Practical Paranoid

Chapter 0: Introduction

BSD Goes Public

What Is OpenBSD?

OpenBSD Developers

OpenBSD''s Strengths

OpenBSD Security

OpenBSD''s Uses

Who Should Read This Book?

Contents Overview

Chapter 1: Additional Help

OpenBSD Community Support

" The Code Is Fine; What''s Wrong with You? "

www.OpenBSD.org

Using OpenBSD Problem-Solving Resources

Mailing for Help

Chapter 2: Installation Preparations

OpenBSD Hardware

Getting OpenBSD

The OpenBSD Release

Choosing Your Install Method

Distribution Sets

Standalone OpenBSD Partitioning

Multiple OS Partitioning

Decisions Complete!

Chapter 3: Dedicated Installation

Making a Boot Floppy

The Install Program

Creating OpenBSD Partitions

Subsequent Disks

Other Disklabel Operations

Final Disk Configuration

Installation Media

Distribution Sets

Custom Installation Sets and Scripts

Final Installation Steps

Chapter 4: Multiboot Installation

Dual-Boot Install Overview

Dual-Boot Installation Restrictions

Hard Disk Geometry

Using fdisk During an Install

Other fdisk Options

Disklabel on Multiboot Systems

Installing from a Foreign File System Partition

Chapter 5: Post-Install Setup

Basic Configuration

Integrated Program Configuration

Common /etc/rc.conf Assignments

Installing the Source Code

Installing the Ports Collection

Chapter 6: Startup and Booting

Boot Configuration

Serial Consoles

Multiuser Startup

Editing /etc/rc Scripts

Chapter 7: Managing Users

Single-User Systems

Removing User Accounts

Groups of Users

The Root Password

Using Groups to Avoid Using Root

Hiding Root with Sudo

Chapter 8: Networking

The Life and Times of a Network Request

Networking Basics

Configuring Interfaces

Chapter 9: Internet Connections

Chapter 10: Additional Security Features

Who Is the Enemy?

OpenBSD Security Announcements

Creating Systrace Policies

Real-Time Systrace Monitoring

Software Security Features

Chapter 11: Basic Kernel Configuration

What Is the Kernel?

Startup Messages

Kernel Alteration with config(8)

Boot-Time Kernel Configuration

Chapter 12: Building Custom Kernels

Configuration File Format

Configuration Files

Busses and Attachments

Stripping Down the Kernel

Building a Kernel

Installing Your Kernel

Chapter 13: Add-On Software

Making Software

The Ports and Packages System

Uninstalling and Reinstalling

Customizing Download Sources

Running Foreign Software

Chapter 14: /ETC

/etc/adduser.conf

/etc/changelist

/etc/daily.local

/etc/dhclient.conf

/etc/dhcpd.conf

/etc/disklabels/

/etc/hosts.equiv

/etc/inetd.conf

/etc/kerberosIV

/etc/login.conf

/etc/mailer.conf

/etc/master.passwd

/etc/monthly.local

/etc/newsyslog.conf

/etc/portal.conf

/etc/rbootd.conf

/etc/resolv.conf

/etc/sysctl.conf

/etc/syslog.conf

/etc/weekly.local

/etc/wsconsctl.conf

Chapter 15: Disk and File System Management

The File System Table: /etc/fstab

The Fast File System

Corrupt FFS Partitions

Mount(8) and FFS

Mounting Foreign File Systems

Removable Media

Adding New Hard Disks

Memory File Systems

Mounting Disk Images

Encrypted Partitions

Chapter 16: Upgrading OpenBSD

Versions of OpenBSD

Upgrading OpenBSD

Upgrading Base Software

Updating Ports and Packages

Upgrades from Source

Standard Source Build Process

Chapter 17: Basic Packet Filtering

What Is Packet Filtering?

Packet Filter Control Program

Packet Normalization

Packet Filtering

Rules, Interfaces, and DHCP

Using Stateful Inspection

Filtering Spoofed Packets

Chapter 18: More Packet Filtering

Network Address Translation

Connection Redirection

FTP and Firewalls

Bandwidth Management

ALTQ Parent Queue Setup

Defining Priority Queues

Defining Class-Based Queues

Assigning Traffic to Queues

Queuing by Type of Service

Rule Optimization

Chapter 19: Managing PF

Managing Tables

Managing State Tables

Authenticating PF

Appendix A: i386 Kernel Configuration Choices

CPU Configuration

Miscellaneous Options

Common Device Drivers

i386 Kernel Options

Appendix B: PF Example Configurations

Small Office Usage

3-Tier Architecture

توضیحات

افزودن یادداشت جدید

Chapter 17: Basic Packet Filtering

Overview

The name's Pond, James Pond.

Alpha PPK loaded, licensed to filter.

Packet filtering and manipulation are among the most basic tools in network security. OpenBSD includes a very powerful in-kernel packet filter, pf(4), that not only performs standard stateless and stateful packet filtering, but can also inspect and reassemble packet fragments in several ways, redirect connections, translate addresses in several different directions simultaneously, authenticate users, and manage bandwidth.

PF is one of the high points of OpenBSD, and we're going to spend a few chapters discussing it. PF allows you to do some things that commercial firewall vendors still cannot manage reliably.

PF is still undergoing very active development, and new features are added almost weekly. We are only going to discuss those features that are mature and stable. By the time you read this, PF will have features that aren't covered here. Be sure to read the pf.conf(5) man page for details on the nifty features available in your version of OpenBSD.