From owner-freebsd-net@FreeBSD.ORG Mon Jun 27 07:28:59 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 41A0D16A41C for ; Mon, 27 Jun 2005 07:28:59 +0000 (GMT) (envelope-from donatas@lrtc.net) Received: from mail.lrtc.lt (pegasus.lrtc.lt [217.9.240.100]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8BD3A43D1D for ; Mon, 27 Jun 2005 07:28:58 +0000 (GMT) (envelope-from donatas@lrtc.net) Received: (qmail 15647 invoked from network); 27 Jun 2005 07:28:30 -0000 Received: from unknown (HELO donatas) (d.gendvilas@[192.168.144.159]) (envelope-sender ) by mail.lrtc.lt (qmail-ldap-1.03) with SMTP for ; 27 Jun 2005 07:28:30 -0000 Message-ID: <016701c57ae9$df6abc50$9f90a8c0@DONATAS> From: "Donatas" To: References: <013701c57ae6$2f79b7e0$9f90a8c0@DONATAS> <20050627071929.GA77236@catpipe.net> Date: Mon, 27 Jun 2005 10:28:54 +0300 Organization: AB Lietuvos Radijo ir Televizijos Centras MIME-Version: 1.0 Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: quoted-printable X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2180 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 Subject: Re: layer7 filtering X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Donatas List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jun 2005 07:28:59 -0000 thnx, that's what i've been looking for.... From: "Phil Regnauld" To: "Donatas" Cc: Sent: Monday, June 27, 2005 10:19 AM Subject: Re: layer7 filtering > Donatas (donatas) writes: >> I wonder if there's any person who did some scripting like=20 >> application layer analysis with network sniffer (like tcpdump) + = apropriate firewall rule generation(like statefull ipfw rules) ? >=20 > You mean this ? >=20 > http://www.hsc.fr/ressources/outils/nstreams/ >=20 > Nstreams is a program which analyzes the streams that occur on a > network. It displays which streams are generated by the users between > several networks, and between the networks and the outside. It can > optionally generate the ipchains or ipfw rules that will match these > streams, thus only allowing what is required for the users, and = nothing > more. >=20 > Nstreams can parse the tcpdump output, or the files generated > with the -w option of tcpdump. It can also directly sniff > the data that occurs on the network. >=20 > This product was designed by HSC and coded by Renaud Deraison > (deraison@cvs.nessus.org), author of the Nessus software. > It is available for free under GNU license. >=20 >=20 >=20 > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >