EuroBSDCon 2026

Peter N. M. Hansteen

Peter N. M. Hansteen is a devops and network security consultant, writer, and sysadmin based in
Bergen, Norway. In addition to writing The Book of PF (4th ed forthcoming), Hansteen is longtime free unixlikes advocate, a frequent lecturer on OpenBSD and FreeBSD topics, an occasional contributor tech magazines and websites and co-organizer of Unix user groups and BSD-themed conferences. Fun fact: Before setting out to write about PF and BSDs in general, Hansteen was a participant in the original RFC 1149 implementation team.


Sessions

09-10
10:30
420min
The night before CRAmas - why EU regulations are a gift to open source
Alice Sowerby, Peter N. M. Hansteen, Pierre Pronchery

Learn what the EU Cyber Resilience Act is and what it means for you. Then, deep dive into SBOMs and discover how to choose the right tools for dependency management.

The European Union Cyber Resilience Act (CRA), along with similar international legislation, will come into force during 2026 and 2027. These regulations introduce new legal obligations requiring software to be secure by design and by default, while also imposing strict deadlines for reporting exploited vulnerabilities.

This session will explain the obligations introduced by the new legislation and explore how they affect open source developers and companies that market “products with digital elements” (PDEs).

While some view these changes as risky or burdensome - particularly for open source developers - this session takes a different perspective, focusing on the opportunities this new legal framework creates.

This session combines an overview of the CRA with practical guidance on the tools and processes that can help developers and organisations adapt. More importantly, it frames the legislation as an opportunity: a chance for the free software community to strengthen supply chain transparency, improve dependency management, and bring established software engineering practices more fully into everyday development.

Misc
D.0.07
09-11
10:30
420min
Network Management with the PF Packet Filter Toolset on OpenBSD and FreeBSD
Peter N. M. Hansteen

The OpenBSD Packet Filter (PF) is at the core of the network management toolset available to professionals working with the BSD family of operating systems.

Understanding the networking toolset is essential to building and maintaining a functional envirionment. The present session will both teach principles and provide opportunity for hands-on operation of the extensive network tools available on OpenBSD and sister operating systems in a lab environment. Participants will be performing practical excercises in their choice of OpenBSD and FreeBSD environments. Basic to intermediate understanding of TCP/IP networking and basic Unix command line skills are expected and required for this session.

Topics covered include

The basics of and network design and taking it a bit further

Building rulesets

Keeping your configurations readable and maintainable

Seeing what your traffic is really about with your friend tcpdump(8)

Filtering, diversion, redirection, Network Address Translation

Handling services that require proxying (ftp-proxy and others)

Address tables and daemons that interact with your setup through them

The whys and hows of network segmentation, DMZs and other separation techniques

Tackling noisy attacks and other pattern recognition and learning tricks

Annoying spammers with spamd

Basics of and not-so basic traffic shaping

Monitoring your traffic

Resilience, High Availability with CARP and pfsync

Troubleshooting: Discovering and correcting errors and faults

Your network and its interactions with the Internet at large

Common mistakes in internetworking and peering

Keeping the old IPv4 world in touch with the new of IPv6

The tutorial is lab centered and fast paced. Time allowing and to the extent necessary, we will cover recent developments in the networking tools and variations between the implementations in the OpenBSD and FreeBSD operating systems.

Participants should bring a laptop for the hands on labs part and for note taking. The format of the session will be compact lectures interspersed with hands-on lab excercises based directly on the theory covered in the lecture parts.

This session is an evolutionary successor to previous sessions. Slides for the most recent version of the PF tutorial session are up at https://nxdomain.no/~peter/pf_fullday.pdf, to be updated with the present version when the session opens.

OpenBSD
D.2.12
09-12
10:30
45min
What has (can) the EU Cyber Resilience Act done (do) for you?
Peter N. M. Hansteen

The European Union Cyber Resilience Act (CRA) and its various international analogs are entering fully into force during 2026 and 2027, with new legal requirements that some have found to be perilous or challenging to software developers and possibly for open source developers in particular.

This session takes the approach that the challenging legal requirements provide a wealth of opportunities for software engineers in the free software space to, finally, be allowed to perform proper software engineering. We offer practical advice on what to do and how to navigate the choppy seas of legalisms, and to position yourself with best practices and proper tooling integrated in your development workflow.

This talk is based on the article with the same name, https://nxdomain.no/~peter/what_hascan_eu_cra_donedo_for_you.html which was also the base for my presentation at BSDCan 2026. This talk will come with any relevant updates that happen by the time of the EuroBSDCon 2026 conference.

Keynote
D.0.02