Query: Can Netfilter inspect xml soap traffic

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dear Netfilter Experts,

Can Netfilter/iptables inspect xml/soap messages as xml based firewalls do?

Does the Layer-7 module have enough "smarts" to inspect web service messages.

I am asking in regard to the role of Network Access Control firewalls such as iptables within a dedicated enterprise web service SOA environment.

I have seen some posts that suggest that firewalls are now obsolete, particularly NACs, in regard to web services (everything is over http hence less effect restrictions).

However, my opinion is that its not as simple as opening ports 80 and 443 to tunnel SOAP messages.

For example, I may want to restrict IP ranges, maybe I have some business partners and I only want them accessing the web service. Or maybe I need to control DoS attacks to web services.

I think if iptables has also the ability to deep packet inspect xml messages it then demonstrates that there is still an importance for NAC based firewalls.

All pointers to documentation and your comments are welcome.

I look forward to your support,
regards,
Will.

--
William M. Fitzgerald,
PhD Student,
Telecommunications Software & Systems Group,
ArcLabs Research and Innovation Centre,
Waterford Institute of Technology,
WIT West Campus,
Carriganore,
Waterford.
Office Ph: +353 51 302937
Mobile Ph: +353 87 9527083
Web: www.williamfitzgerald.org
     www.linkedin.com/in/williamfitzgerald
     www.ryze.com/go/wfitzgerald



--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux