On 12/15/17 15:11, Steve Litt wrote:
> a pretty good job of it, but is very lacking in explanations. Tutorials
> are for people who currently know nothing, so a word by word
> explanation should be given for both of these lines:
>
> * match out on egress inet nat-to ($ext_if)
> * pass proto tcp from { self, $int_if:network }
>
> There are many other places needing explanations. If you could include
> a few diagrams to make the point, that would help immensely.
Keep in mind that those are the slides only, those participating in the
session will hear a fuller explanation and have the option to interrupt
us with questions or even start discussions.
I do know of a PF presentation that was by increments turned into a
book, but this presentation is not quite at that stage yet (though you
never know what might happen at some point in the future). The book is
still reasonably useful, I hear ;)
- P
--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
