From owner-freebsd-questions@FreeBSD.ORG Wed Jan 19 19:33:22 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 65AA0106566B for ; Wed, 19 Jan 2011 19:33:22 +0000 (UTC) (envelope-from peter@bsdly.net) Received: from skapet.bsdly.net (cl-426.sto-01.se.sixxs.net [IPv6:2001:16d8:ff00:1a9::2]) by mx1.freebsd.org (Postfix) with ESMTP id 196F18FC15 for ; Wed, 19 Jan 2011 19:33:21 +0000 (UTC) Received: from [10.168.103.15] (helo=deeperthought.bsdly.net.bsdly.net ident=peter) by skapet.bsdly.net with esmtp (Exim 4.72) (envelope-from ) id 1PfdmS-0008FO-7b for freebsd-questions@freebsd.org; Wed, 19 Jan 2011 20:33:20 +0100 To: freebsd-questions@freebsd.org References: From: peter@bsdly.net (Peter N. M. Hansteen) Date: Wed, 19 Jan 2011 20:33:19 +0100 In-Reply-To: (modulok@gmail.com's message of "Mon, 17 Jan 2011 21:37:33 -0700") Message-ID: <87y66g7kow.fsf@deeperthought.bsdly.net> User-Agent: Gnus/5.1008 (Gnus v5.10.8) XEmacs/21.4.22 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: Re: The book of pf... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Jan 2011 19:33:22 -0000 Modulok writes: > This book comes in two editions. The first was published in December > 2007, the second, November, 2010. Does anyone have this? And if so > would I be correct to get the first edition instead? I know FreeBSD's > pf lags being openBSD's, so I'm not sure which version of the book to > get, if either are applicable to the version of pf that FreeBSD runs? > (FreeBSD 8.1) I started updating the text for the 2nd edition due to the changes introduced in OpenBSD 4.7, (aka "Henning's monster diff") plus a few other goodies such as pflow(4) that had turned up since the first edition's late 2007 release, but I took some care to keep samples in the older syntax where it's relevant. That means that for the FreeBSD parts, the second edition is up to date per roughly early October 2010 (FreeBSD 8.1-stable), with a not that for FreeBSD, we assume the 8 series. If you're running an older release (ie a close descendant of whatever was -stable in late 2007), the first edition is likely better suited. For other differences between the two, you could probably get an idea by comparing the TOCs from the two editions' web pages (at http://nostarch.com/pf.htm and http://nostarch.com/pf2.htm respectively). The second edition turned into a more thorough rewrite than I'd originally planned with some bits moving around. But if in doubt, why not get both? ;) But yes, for FreeBSD 8.1, you'll be happier with the second edition. FreeBSD's PF syntax is old-style, but some other relevant network config details changed between 2007 and 2010, and the second edition reflects this. - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.