Date: Mon, 27 Jun 2005 09:19:30 +0200 From: Phil Regnauld <regnauld@catpipe.net> To: Donatas <donatas@lrtc.net> Cc: freebsd-net@freebsd.org Subject: Re: layer7 filtering Message-ID: <20050627071929.GA77236@catpipe.net> In-Reply-To: <013701c57ae6$2f79b7e0$9f90a8c0@DONATAS> References: <013701c57ae6$2f79b7e0$9f90a8c0@DONATAS>
next in thread | previous in thread | raw e-mail | index | archive | help
Donatas (donatas) writes: > I wonder if there's any person who did some scripting like > application layer analysis with network sniffer (like tcpdump) + apropriate firewall rule generation(like statefull ipfw rules) ? You mean this ? http://www.hsc.fr/ressources/outils/nstreams/ Nstreams is a program which analyzes the streams that occur on a network. It displays which streams are generated by the users between several networks, and between the networks and the outside. It can optionally generate the ipchains or ipfw rules that will match these streams, thus only allowing what is required for the users, and nothing more. Nstreams can parse the tcpdump output, or the files generated with the -w option of tcpdump. It can also directly sniff the data that occurs on the network. This product was designed by HSC and coded by Renaud Deraison (deraison@cvs.nessus.org), author of the Nessus software. It is available for free under GNU license.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050627071929.GA77236>