how to filter on applications?
vwf
vwf at vulkor.net
Fri Oct 27 13:04:42 CEST 2006
On Fri, Oct 27, 2006 at 12:37:00PM +0200, Gabor Szokoli wrote:
> On 10/27/06, Gáspár Lajos <swifty at freemail.hu> wrote:
> >BUT if I did not understood you correctly then please send me an exact
> >question...
>
> I might be able to mediate before this escalates...
> I think vwf assumes the firewall is on the same host as the
> applications, no forwarding takes place.
> In this case it is not an unreasonable expectation to be able to write
> iptables rules matching the name of the executable whose process
> instance owns the socket: so called "personal firewall" applications
> on some other operating system do this all the time.
>
> Google-lee-goo:
> http://www.netfilter.org/projects/patch-o-matic/pom-submitted.html#pom-submitted-ownercmd
Thank you. Your assumptions are right. I filter on application on the
workstation, and on port/destination on the router.
Iptables lost --cmd-owner, so new kernels were pretty useless to me,
but they seem to be reintroduced for ip6tables. Is there a "howto" to
rewrite a iptables firewall-ruleset to ip6tables (or a good
introduction for ip6tables)?
More information about the netfilter
mailing list