Application layer firewall on FreeBSD, is it possible ?

Norberto Meijome freebsd at
Wed Aug 31 12:58:15 GMT 2005

Norberto Meijome wrote:

after reading my own post i realised it wasn't too clear

> I havent seen any way to control traffic for P2P apps reliably @ the 
> protocol layer,

'I havent seen any way to reliably control traffic for P2P apps by 
simply looking @ ports + IP protocol'

> u need to inspect it. 

you need to analyse the packets.

> Something like snort attached to 
> your firewall, i guess ... though it'd be a reverse IDS (or a reverse 
> IPS, intrusion prevention system, I've seen it called...)
... which would update/feed rules to the firewall / packet filter. aka 
proxy...maybe SOCKS would achieve this? (mind you, most p2p apps have 
settings for socks

More information about the freebsd-questions mailing list