p command, 53
package-handling tools, 250
packages, 244–51
architectures, 248
contents, 248–50
depending on other packages, 339
directory, 37, 246
downloading, 248
files, 244–45
finding obsolete, 338–39
installing, 245–48
problems with, 251
system, 240
uninstalling, 250–51
updating, 337–39
PACKAGES file, 34
Packet Filter Control program, 353
packet flag, 373
packet forwarding, 206
packet normalization, 364–66, 410
packet pattern matching, 370–76
packets
blocks, 363
spoofed, 381–82
parent queue setup, 397–98
partitions
See also names of specific types of partitions
active, 79–80
choosing layout for, 40–45
creating, 53–58, 311–12, 316
deleting, 60
encrypted, 316–19
MBR, 72–73, 77–79
modifying, 60
mounting, 305–6
moving data to, 313
reasons for creating, 40–45
"pass in" keyword, 372
pass keyword, 367–68
pass number, 300
pass out keyword, 372
passive mode FTP, 67
passwd authentication method, 129
passwd file, 283–84
password system, S/Key, 288
passwordcheck option, 129
passwords, 278–80
and batch mode, 119–20
damaged, 122
and loging option, controlling, 128–29
pre-generate hashed, 120
root, 65
and sudo, 142
passwordtime option, 129
patch directory, 257
.patch_done file, 258
patches directory, 36, 252
path environment setting, 128
path setting, 118
PCI bus, 229, 230
PCI-ISA bridge, 230
penetration specialists, 181
permanent connection, 174
permissions mode, 282
permissions schemes, 308–9
permissions, sudo, 142
persist keyword, 360
PF (packet filtering), 93, 349–82, 366–78, 383–404
additional actions in rules, 369–70
ALTQ parent queue setup, 397–98
anchors and named rulesets, 377– 78
assigning traffic to queues, 401–2
authentication, 266
bandwidth management, 395–97
blocks packets, 363
configuration file, 351
connection redirection, 387–89
defining class-based queues, 399–401
defining priority queues, 398–99
definition of, 351–53
enabling, 351
/etc/pf.conf, 353–57
features of, 353
filtering spoofed packets, 381–82
firewall, 350
firewalls, 389–91
FTP, 389–91
information, 408–11
interfaces and DHCP, 378
labels, 376–77
load balancing, 392–95
logging, 419–21
macros, 357–59
memory limits, 363
Network Address Translation (NAT), 384–86
options, 361–64
packet normalization, 364–66
packet pattern matching, 370–76
queuing by type of service, 402–3
rules, 378, 408–9
design, 367–69
FTP proxy rules, 391
"in" and "out" keywords, 354
optimization, 403–4
rule design, 367–70
viewing current, 408–9
stateful inspection, 378–81
statistics, 412
tables, 359–61
what doesn't do, 366–67
PF system, managing, 405–21
authenticating PF, 416–19
managing tables, 412–16
PF logging, 419–21
pfctl(8), 406–12
clearing PF statistics, 412
flushing rules, 407–8
general commands, 406
loading rules, 406–7
viewing PF information, 408–11
pf_rules variable, 93, 351
pf.conf file, 284
pfctl -s info command, 410
pfctl -s labels command, 410
pfctl -s nat command, 409
pfctl -s state command, 414–15
pfctl -s timeouts command, 381
pfctl(8) program, 353, 406–12
clearing PF statistics, 412
flushing rules, 407–8
general commands, 406
loading rules, 406–7
viewing PF information, 408–11
pflogd_flags variable, 93
pflogd(8) program, 369, 419
pflogX network interface, 161
PFS (Portal File System), 284
phones file, 284
physical layer, 146
physical location, 67
physical protocol, Ethernet, 175
physical protocol layer, 146–47
PID file, 283
ping, interrupting, 64
pkg directory, 252
pkg_add package, 246–47
pkg_delete(1) program, 250–51, 252
pkgdep keyword, 249
platters, 75
PLIST file, 252
PLT shared-library program, 197
plus sign, 249
Point-to-Point Protocol. See PPP (Point-to-Point Protocol)
policies, systrace, 193–95
policy, description of system calls, 189–90
policy file, systrace, 192
policy-generation tool, 193–94
port line, 243
port name, 106
port scanners, filtering on, 375
portability of OpenBSD, 7
Portal File System (PFS), 284
portal.conf file, 284
port-based software, 109
port-building information, tracking, 258
portmap, 96
ports
See also ports collection, ports tree
building, 280
building packages with make package command, 258
customization of, 259–60
flavors, 259–60
function of port install, 253–55
identifying source, 371–72
installing, 98, 253, 253–55
listening on, 159–60
network, 156–57, 287
numbers for, 356
open, 157–59
port build stages, 255–59
redirecting, 388
updating, 337–39
ports collection, 98, 239–40
PORTS file, 35
ports repository, 340, 345
ports tree, 240–44, 337, 339
ports.tar.gz file, 37
POSIX specification, 196
POSIX-style time zones, 88
post-install setup, 87–98
basic configuration, 88–91
common /etc/rc.conf assignments, 92–98
AFS configuration, 97
daemons, 94–95
diskless clients, 93
IPv6 features, 96
Kerberos Setup, 97
miscellaneous variables, 97–98
NFS, 96
packet filtering, 93
routing options, 92–93
time management, 94
further setup, 98
installing ports collection, 98
installing source code, 98
integrated program configuration, 91–92
power of OpenBSD, 7
ppp directory, 284
PPP (Point-to-Point Protocol)
configuring, 169
functions, 171
running, 172
ppp.conf file, 169
pppX network interface, 161
precompiled packages, 245
prefix, default, 345
pre-generate hashed passwords, 120
primary group, 124
printcap file, 284
priority, assigning, 400
priority environment setting, 128
priority queues, 398–99
PRIQ (Priority Queuing), 396
problem-solving resources, 25, 25–27, 224
processor, 33
program name, logging by, 291
propolice checks function, 197
proprietary hardware, 32–33
PROT_ purity option, 196
PROT_WRITE XOR PROT_EXEC option, 197
proto keyword, 371
protocol numbers, 287
protocol statement, 387
protocols, 156, 273
protocols file, 284–85
proxies, 350, 391
proxy services, 388–89
pserver, 343
pseudo-device drivers, 211, 226
pseudo-terminals, 292
public, BSD going, 2–3
public systrace policies, 193
pwd.db file, 285