Date: Thu, 27 Nov 2008 12:53:30 +1100 From: Norberto Meijome <numardbsd@gmail.com> To: freebsd-questions@freebsd.org Subject: Re: firewall rules for bitlord, yahoo, limewire Message-ID: <20081127125330.74268ddc@ayiin> In-Reply-To: <492D51CB.9000201@a1poweruser.com> References: <492D51CB.9000201@a1poweruser.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 26 Nov 2008 21:40:27 +0800
Fbsd1 <fbsd1@a1poweruser.com> wrote:
> I have inclusive firewall rule set which means only packets matching
> the rules are passed through. The inbound hight port numbers are
> blocked by design.
>
> How do other firewall users code rules to allow limewire to work?
Hi,
i think there are a few interesting posts in this thread (and several corrections about p2p 'evilness', which is good :P ).
A thread that may be of interest was started on net@ earlier in the year - look for :
From: Mike Makonnen <mtm@wubethiopia.com>
To: freebsd-net@freebsd.org
Subject: Application layer classifier for ipfw
Date: Thu, 31 Jul 2008 13:02:29 +0300
- it refers to ipfw, not pf.
- I think there was at least another thread following up on this with working code,etc.
of course, DPI-style checks won't work (at all, or in a scalable fashion) as soon as users start encrypting their packets :P
b
_________________________
{Beto|Norberto|Numard} Meijome
"I didn't attend the funeral, but I sent a nice letter saying I approved of it."
Mark Twain
I speak for myself, not my employer. Contents may be hot. Slippery when wet. Reading disclaimers makes you go blind. Writing them is worse. You have been Warned.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081127125330.74268ddc>