The <k...@have.it> address bounces (domain exists, user does not), which
brings back the less fond memories of the 1990s when such asshattery was
to some extent tolerated and even condoned in some circles due to the
then-emerging (oh, so intolerable) spam problem.
But even without the bouncing address, the messate is a textbook example
of how *not* to ask questions.
> The FAQ at OpenSUSE is a fine document.
That's possible, but OpenSUSE is a Linux distribution, irrelevant here,
so the reader is likely to stop reading after the first sentence
But then you do manage to dig up some relevancy, unfortunately too
jubled to actually make much sense:
> On the page www.openbsd.org/faq/pf/tables.html I found this "or the
> self keyword". On the page www.openbsd.org/faq/pf/filter.html I found
> this "table <firewall> const { self }". And finally, I think, at
> www.openbsd.org/faq/pf/nat.html there's this "The word self will
> appear if the state is floating". All of which are nice. What
> exactly is "self"? The computer has two NICs, which one is "self"?
> Is it context dependent? Along that same line, where can I find a
> list, with a definition, of "keywords" for IP Filter? They're
> mentioned a lot.
For good measure, here you end up with asking for documentation on "IP
Filter", which is one of the several names for Darren Reed's ipf (which
lives on in among others Oracle's Solaris, NetBSD, and FreeBSD), the
subsystem that PF was specifically created to replace in OpenBSD, mainly
for licensing reasons.
But that's enough for now, and I suppose some level of ignorance is
excusable. Read on for the helpful part.
> Any and all help would be appreciated.
First, in contast to at least some Unix-like systems, you can expect
OpenBSD's man pages to be up to date, correct and relevant. The list of
keywords for *PF* (not "IP Filter"), is most easily accessible by typing
man pf.conf on a PF-equipped system or if you're still in a web-only
exploring phase, go to http://www.openbsd.org, click the "Manuals" link,
and then type pf.conf into the search field and click the "Submit" button.
That will land you on
http://www.openbsd.org/cgi-bin/man.cgi?query=pf.conf&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html
All OpenBSD man pages are accessible in this way.
If you find the man pages too terse or you want more examples, the PF
FAQ which you've already found is a useful resource. It's also likely
you can find useful material via the mailing list archives (both for
this one and openbsd-misc, or for that matter openbsd-newbies).
And finally, for PF examples there is one more oft-cited resource, my
own The Book of PF (http://nostarch.com/pf2.htm) or the PF tutorial that
it grew out of (http://home.nuug.no/~peter/pf/, which links to full text
versions plus recent slides from conferences that cover more than the
BSD-licensed tutorial text).
- Peter
--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
