vwf írta:
On Fri, Oct 27, 2006 at 10:27:00AM +0200, Gáspár Lajos wrote:
vwf írta:
On Thu, Oct 26, 2006 at 03:25:22PM -0400, Mike wrote:
vwf wrote:
Hello,
I want to filter outgoing traffic based on the originating application.
How do I do this? Please tell me iptables can do this. If not, how can I
lock down my system?
http://l7-filter.sourceforge.net/
This filters on protocol, not on application.
Yes! Because APPLICATIONS use PROTOCOLS to communicate with....
What do you do not understand?
My question was how to filter on application. Filtering on protocol does
not suffice.
Okay... You want to filter on APPLICATION...
Let me assume that you have a firewall and some clients.
You want to block some traffic originated from your clients depending on
the application.
If an application talks to an other party then it uses a "language" that
both understands.
This is the PROTOCOL.
In netfilter/iptables you can analyse the packets. Where from do they
coming and where do they go...
If you want to know the content of this pipe then you have to use some
layer 7 filtering mechanism...
http://en.wikipedia.org/wiki/OSI_model
BUT if I did not understood you correctly then please send me an exact
question...
Thanx
Swifty
