BSD Magazine (May 2013): Jails Firewall with PF

BSD Magazine (May 2013): Jails Firewall with PFApril’s issue of the BSD Magazine is now available: Jails Firewall with PF (free PDF download).

You’ll find the following subjects inside:

  • SpiderFoot 2.0: The Open Source Footprinting Tool
  • FreeBSD Jails Firewall with PF
  • Improvements to Jail Management via the Warden
  • msearch: MidnightBSD Search
  • Useful Utilities for PF
  • FreeBSD Programming Primer: Write HTML, CSS, PHP, and SQL Code
  • DTrace: A Deeper Approach

 Whose Idea is it Anyway?

With Apple fallen from grace as the world’s most valuable company, how can large technology-based companies succeed? The current trend for Intellectual Property laws can only increase the speed at which the race is towards the bottom…

SpiderFoot 2.0: The Open Source Footprinting Tool

The original version of SpiderFoot was created in 2005 with the goal of being a freely available open source tool for footprinting an Internet domain name. Version 2.0 was released May 2013 and is completely re-written in Python with loads of new functionality and is now highly extensible. The target user-base is penetration testers, system administrators and security enthusiasts who wish to gain a better understanding of what a domain name’s Internet footprint looks like.

FreeBSD Jails Firewall with PF

Features are available for fully virtualizing FreeBSD jail networking (as of FreeBSD 8.x). The code has improved in the current 9.x code base but to get a jail up and running with the current install, pf provides the necessary functionality to firewall off multiple jailed services. This article will cover basic jails configuration to highlight how to configure the firewall to only allow specific traffic to the service jails.

Improvements to Jail Management via the Warden

Over the past few months, several exciting new features have been added to the Warden which greatly improve jail management on FreeBSD & PC-BSD systems.Now the Warden will be able to create jails via Hostname / Nickname, and change and assign IP addresses on the fly. This greatly simplifies jail creation via the command-line, allowing you to create the jail and then set addresses as needed later.

msearch: MidnightBSD Search

MidnightBSD search, or msearch, is a full text search tool. It offers the user the ability to search against filenames or contents of text files. msearch is not meant to replace other tools like find, locate, or whereis. From this article you will learn the basic usage of the msearch tool and the reason why it was written.

Useful Utilities for PF

PF is a stateful firewall, meaning that it tracks the state of existing connections in a state table, allowing the firewall to quickly determine if packets are part of an established connection. PF also provides a logging facility and the firewall administrator controls which packets get logged by including the log keyword in only the firewall rules which should be logged when matched. This article explores some of the third-party utilities which are available to help you analyze the log and state table of a PF firewall.

FreeBSD Programming Primer – Part 4

In the fourth part of our series on programming, we will continue to develop our CMS. Here we will examine how a modern CMS dynamically generates and controls content and implement a similar model in our PHP code. From this article you will learn how to configure a development environment and write HTML, CSS, PHP, and SQL code.

DTrace: A Deeper Approach

The author of the article “Intro to DTrace”, published in May 2012 in BSD Magazine, has described DTrace all the way from configuring your system to enabling DTrace probes to the point of executing some D scripts to show you some DTrace features. This article will take a deeper approach on DTrace.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>