Packet Filter (from here on referred to as PF) is OpenBSD's system for filtering TCP/IP traffic and doing Network Address Translation. PF is also capable of normalizing and conditioning TCP/IP traffic, as well as providing bandwidth control and packet prioritization. PF has been a part of the GENERIC kernel since OpenBSD 3.0.
PF was originally developed by Daniel Hartmeier and is now maintained and developed by the entire OpenBSD team.
This set of documents is intended as a general introduction to the PF system as used in OpenBSD. Even if it covers all of PF's major features, it is only intended to be used as a supplement to the man pages, not as a replacement for them.
For a complete and in-depth view of what PF can do, please start by reading the pf(4) man page.
As with the rest of the FAQ, this set of documents is focused on users of the most current release of OpenBSD.