Date: Mon, 27 Jun 2005 10:28:54 +0300 From: "Donatas" <donatas@lrtc.net> To: <freebsd-net@freebsd.org> Subject: Re: layer7 filtering Message-ID: <016701c57ae9$df6abc50$9f90a8c0@DONATAS> References: <013701c57ae6$2f79b7e0$9f90a8c0@DONATAS> <20050627071929.GA77236@catpipe.net>
next in thread | previous in thread | raw e-mail | index | archive | help
thnx, that's what i've been looking for.... From: "Phil Regnauld" <regnauld@catpipe.net> To: "Donatas" <donatas@lrtc.net> Cc: <freebsd-net@freebsd.org> Sent: Monday, June 27, 2005 10:19 AM Subject: Re: layer7 filtering > Donatas (donatas) writes: >> I wonder if there's any person who did some scripting like=20 >> application layer analysis with network sniffer (like tcpdump) + = apropriate firewall rule generation(like statefull ipfw rules) ? >=20 > You mean this ? >=20 > http://www.hsc.fr/ressources/outils/nstreams/ >=20 > Nstreams is a program which analyzes the streams that occur on a > network. It displays which streams are generated by the users between > several networks, and between the networks and the outside. It can > optionally generate the ipchains or ipfw rules that will match these > streams, thus only allowing what is required for the users, and = nothing > more. >=20 > Nstreams can parse the tcpdump output, or the files generated > with the -w option of tcpdump. It can also directly sniff > the data that occurs on the network. >=20 > This product was designed by HSC and coded by Renaud Deraison > (deraison@cvs.nessus.org), author of the Nessus software. > It is available for free under GNU license. >=20 >=20 >=20 > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?016701c57ae9$df6abc50$9f90a8c0>