From owner-freebsd-pf@FreeBSD.ORG Tue Aug 30 23:47:13 2005 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9C06016A41F; Tue, 30 Aug 2005 23:47:13 +0000 (GMT) (envelope-from dandee@hellteam.net) Received: from pipa.profix.cz (pipa.profix.cz [82.208.25.137]) by mx1.FreeBSD.org (Postfix) with ESMTP id DC35543D45; Tue, 30 Aug 2005 23:47:12 +0000 (GMT) (envelope-from dandee@hellteam.net) Received: from localhost (localhost [127.0.0.1]) by pipa.profix.cz (Postfix) with ESMTP id 9719D4E706; Wed, 31 Aug 2005 01:47:18 +0200 (CEST) Received: from pipa.profix.cz ([127.0.0.1]) by localhost (pipa [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 05812-08; Wed, 31 Aug 2005 01:47:18 +0200 (CEST) Received: from gandalf (unknown [80.95.121.105]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by pipa.profix.cz (Postfix) with ESMTP id 3D5E14E704; Wed, 31 Aug 2005 01:47:17 +0200 (CEST) From: =?iso-8859-2?Q?Daniel_Dvo=F8=E1k?= To: , , Date: Wed, 31 Aug 2005 01:47:09 +0200 MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook, Build 11.0.6353 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527 Thread-Index: AcWtvSK61OuDttUMQUioxjDpS/tELg== Message-Id: <20050830234717.3D5E14E704@pipa.profix.cz> X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at profix.cz Content-Type: text/plain; charset="iso-8859-2" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Subject: Application layer firewall on FreeBSD, is it possible ? X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dandee@volny.cz List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Aug 2005 23:47:13 -0000 Hi all, let me ask you for task "how to control p2p applications and their = traffic with dynamic ports from user=B4s commputers on gateway". We are small wireless community and have shared access to internet for = all members. Core members decided to control p2p traffic by default and to = allow each person in individual way, after showing their knowledge of = authorial low. :) But since many dc hubs, edonkey servers, bittorents web trackers and so = on use dynamic not standard ports, how to control it ? Linux use l7-filter sourceforge.net/projects/l7-filter sourceforge freeware and , it is = based on iptables, defination application protocols like ethereal project do. So, is there any way to do same application layer osi model firewall = with FreeBSD gateway ? Of course, I tried to find on web, I have not been successful in = searching so far. If my question is not right in this mailing list, if my question is = annoying here, so I am sorry. Dan