Date: Wed, 31 Aug 2005 22:58:05 +1000 From: Norberto Meijome <freebsd@meijome.net> To: Norberto Meijome <freebsd@meijome.net> Cc: freebsd-questions@freebsd.org Subject: Re: Application layer firewall on FreeBSD, is it possible ? Message-ID: <4315A95D.6030101@meijome.net> In-Reply-To: <4315A60A.40002@meijome.net> References: <20050830234717.3D5E14E704@pipa.profix.cz> <4315A60A.40002@meijome.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Norberto Meijome wrote: after reading my own post i realised it wasn't too clear > I havent seen any way to control traffic for P2P apps reliably @ the > protocol layer, 'I havent seen any way to reliably control traffic for P2P apps by simply looking @ ports + IP protocol' > u need to inspect it. you need to analyse the packets. > Something like snort attached to > your firewall, i guess ... though it'd be a reverse IDS (or a reverse > IPS, intrusion prevention system, I've seen it called...) > ... which would update/feed rules to the firewall / packet filter. aka proxy...maybe SOCKS would achieve this? (mind you, most p2p apps have settings for socks B
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4315A95D.6030101>