Application layer firewall on FreeBSD, is it possible ?

Jeremie Le Hen jeremie at le-hen.org
Wed Aug 31 13:12:21 GMT 2005


Hi,

[ this is not the correct list ask this kind of question, please use -net@ ]

> let me ask you for task "how to control p2p applications and their traffic
> with dynamic ports from user?s commputers on gateway".
>  
> We are small wireless community and have shared access to internet for all
> members. Core members decided to control p2p traffic by default and to allow
> each person in individual way,
> after showing their knowledge of authorial low. :)
>  
> But since many dc hubs, edonkey servers, bittorents web trackers and so on
> use dynamic not standard ports, how to control it ?
>  
> Linux use l7-filter http://sourceforge.net/projects/l7-filter sourceforge
> freeware and , it is based on iptables, defination application protocols
> like ethereal project do.
>  
> So, is there any way to do same application layer osi model firewall with
> FreeBSD gateway ?
>  
> Of course, I tried to find on web, I have not been successful in searching
> so far.

No this is not possible and not indented to be someday.  See this
these messages for answers :

http://lists.freebsd.org/pipermail/freebsd-pf/2005-July/001227.html
http://lists.freebsd.org/pipermail/freebsd-pf/2005-July/001262.html
http://lists.freebsd.org/pipermail/freebsd-pf/2005-July/001287.html
http://lists.freebsd.org/pipermail/freebsd-pf/2005-July/001288.html

And this thread :
http://lists.freebsd.org/pipermail/freebsd-ipfw/2004-March/thread.html#996

Regards,
-- 
Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >


More information about the freebsd-current mailing list