Application layer firewall on FreeBSD, is it possible ?

[Chris Dionissopoulos]

Hi,

How about to use snort (/usr/ports/security/snort)  to create alerts based on snort
p2p rules, and snortsams (i)pf(w) plugin (www.snortsam.net) to make (i)pf(w) deny (or
delay) such p2p sessions ?

Chris.


----- Original Message ----- 
From: "Daniel Dvořák" <dandee at hellteam.net>
To: <freebsd-questions at freebsd.org>; <freebsd-ipfw at freebsd.org>; <freebsd-pf at freebsd.org>
Sent: Wednesday, August 31, 2005 2:47 AM
Subject: Application layer firewall on FreeBSD, is it possible ?


Hi all,

let me ask you for task "how to control p2p applications and their traffic
with dynamic ports from user´s commputers on gateway".

We are small wireless community and have shared access to internet for all
members. Core members decided to control p2p traffic by default and to allow
each person in individual way, after showing their knowledge of authorial
low. :)

But since many dc hubs, edonkey servers, bittorents web trackers and so on
use dynamic not standard ports, how to control it ?

Linux use l7-filter  <http://sourceforge.net/projects/l7-filter>
sourceforge.net/projects/l7-filter sourceforge freeware and , it is based on
iptables, defination application protocols like ethereal project do.

So, is there any way to do same application layer osi model firewall with
FreeBSD gateway ?

Of course, I tried to find on web, I have not been successful in searching
so far.

If my question is not right in this mailing list, if my question is annoying
here, so I am sorry.

Dan



____________________________________________________________________
http://www.freemail.gr - äůńĺÜí őđçńĺóßá çëĺęôńďíéęďý ôá÷őäńďěĺßďő.
http://www.freemail.gr - free email service for the Greek-speaking.