Date: Wed, 31 Aug 2005 03:08:26 +0300 From: "Chris Dionissopoulos" <dionch@freemail.gr> To: <dandee@volny.cz>, <freebsd-ipfw@freebsd.org>, <freebsd-pf@freebsd.org> Subject: Re: Application layer firewall on FreeBSD, is it possible ? Message-ID: <000f01c5adc0$1d0d1590$0100000a@R3B> References: <20050830234717.3D5E14E704@pipa.profix.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, How about to use snort (/usr/ports/security/snort) to create alerts based on snort p2p rules, and snortsams (i)pf(w) plugin (www.snortsam.net) to make (i)pf(w) deny (or delay) such p2p sessions ? Chris. ----- Original Message ----- From: "Daniel Dvoψαk" <dandee@hellteam.net> To: <freebsd-questions@freebsd.org>; <freebsd-ipfw@freebsd.org>; <freebsd-pf@freebsd.org> Sent: Wednesday, August 31, 2005 2:47 AM Subject: Application layer firewall on FreeBSD, is it possible ? Hi all, let me ask you for task "how to control p2p applications and their traffic with dynamic ports from user΄s commputers on gateway". We are small wireless community and have shared access to internet for all members. Core members decided to control p2p traffic by default and to allow each person in individual way, after showing their knowledge of authorial low. :) But since many dc hubs, edonkey servers, bittorents web trackers and so on use dynamic not standard ports, how to control it ? Linux use l7-filter <http://sourceforge.net/projects/l7-filter>; sourceforge.net/projects/l7-filter sourceforge freeware and , it is based on iptables, defination application protocols like ethereal project do. So, is there any way to do same application layer osi model firewall with FreeBSD gateway ? Of course, I tried to find on web, I have not been successful in searching so far. If my question is not right in this mailing list, if my question is annoying here, so I am sorry. Dan ____________________________________________________________________ http://www.freemail.gr - δωρεάν υπηρεσία ηλεκτρονικού ταχυδρομείου. http://www.freemail.gr - free email service for the Greek-speaking.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000f01c5adc0$1d0d1590$0100000a>