**The contents of this page must be treated with a grain of salt, as in without any degree of seriousness. Some of the links may contain controversial topics/discussions which requires one's own judgement to see what suits best for their purposes.**

vedetta project:
  * [[https://github.com/vedetta-com/vedetta/]]
pf vs iptables:
  * [[https://www.osnews.com/story/4612/pf-for-beginners/]]
    * [[https://web.archive.org/web/20071012221637/http://www.benzedrine.cx/pf-paper.html]]
  
  * [[https://www.usenix.org/legacy/publications/library/proceedings/usenix02/tech/freenix/full_papers/hartmeier/hartmeier_html/index.html]]

benzedrine's pf.conf
  * [[https://web.archive.org/web/20070608071341/http://www.benzedrine.cx/pf.conf]]
  * [[https://web.archive.org/web/20090609235323/http://www.benzedrine.cx/gif.txt]]
  * [[https://web.archive.org/web/20071003063347/http://www.benzedrine.cx:80/ackpri.html]]

a newbie's guide to setting up pf on openbsd 4.x:
  * [[https://web.archive.org/web/20161218192245/http://www.thedeepsky.com/howto/newbie_pf_guide.php]]

building a pf firewall walkthrough:
  * [[https://www.undeadly.org/cgi?action=article;sid=20030919231901]]

pf-repository:
  * [[https://undeadly.org/cgi?action=article;sid=20030524102206]]

openbsd packet filter:
  * [[https://my-cellar-door.blogspot.com/2005/07/openbsd-packet-filter.html]]

pf + os detection -> How to block a Host if it does a nmap scan?! (has stuff on rate limiting on various daemons)
  * [[http://openbsd-archive.7691.n7.nabble.com/pf-os-detection-gt-How-to-block-a-Host-if-it-does-a-nmap-scan-td22609.html]]

why not move ssh (or other services) to another port?
  * [[https://www.bsdhowto.ch/moveservices.html]]

hardening OpenBSD Internet Servers Packet Filter and IP Filter on Non Firewalls
  * [[http://geodsoft.com/howto/harden/OpenBSD/firewall.htm]]

port scan detection with pf
  * [[https://misc.openbsd.narkive.com/n6Ubdbzu/port-scan-detection-with-pf]]

blocking nmap scans
  * [[https://pf.benzedrine.narkive.com/3XzbYNls/blocking-nmap-scans]]

How To Configure Packet Filter (PF) on FreeBSD 12.1
  * [[https://www.digitalocean.com/community/tutorials/how-to-configure-packet-filter-pf-on-freebsd-12-1]]

a dummy's sample pf.conf
  * [[https://gist.github.com/nathwill/9703175]]

pf: testing your firewall
  * [[https://undeadly.org/cgi?action=article;sid=20060928081238]]

openbsd packet filter (pf): real life example
  * [[https://daemon-notes.com/articles/network/pf]]

how I've turned openbsd to become my house's firewall
  * [[https://vincentdelft.be/post/post_20160714]]

how pf works against nmap?
  * [[https://misc.openbsd.narkive.com/JZp1csUf/how-pf-works-against-nmap]]

using openbsd + pf to block a syn flood
  * [[https://arstechnica.com/civis/viewtopic.php?f=16&t=668350]]

Ramifications of blocking SYN+FIN TCP packets
  * [[http://openbsd-archive.7691.n7.nabble.com/Ramifications-of-blocking-SYN-FIN-TCP-packets-td83833.html]]
    * [[https://web.archive.org/web/20150513020131/http://www.derkeiler.com/Mailing-Lists/FreeBSD-Security/2005-07/0011.html]]
    * [[https://web.archive.org/web/20081208214519/http://www.sean.de/Solaris/ttcp.html]]