Date: Mon, 11 Sep 2000 18:01:04 -0400 (EDT) From: mi@aldan.algebra.com To: freebsd-stable@freebsd.org Subject: firewall rules for applications Message-ID: <200009112201.SAA26880@misha.privatelabs.com>
next in thread | raw e-mail | index | archive | help
I wonder how feasible would it be to implement firewall rules that would take into consideration the program (on the local machine) sending/receiving the packets. I know, I can now base the rules on the user/group id, but I may want to go further. Identifying a program to the kernel may not be simple -- perhaps a regexp of the executable's name or an md5 of the /proc/file? Or the executable's (or script's) inode-filesystem? I just read a description of a Windows product, that attempts to fight software offered by sneaky vendors, that tries to contact the vendor over the Internet to send back user's data. The blocking software, supposedly, blocks applications from accessing certain sites. This is not an immediate problem for FreeBSD, but... Just a thought... -mi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200009112201.SAA26880>