hi, someones know if exis a dynamic firewall for linux? i mean, a firewall (or tool) that ask me if an application can come out (or in) from my pc. in other words a firewall that act like zone alarm for windows.
There are rate limit extensions for netfilter/iptables. Some combine netfilter/iptables with an IDS.
Why would someone want such a crap?
That concept is useless crap and therefore not availiable for Linux.
Wolfgang
Thanks, for your answer.
So, is not possible to have a list of applications that can access to the net? For exaxmple, i want that only "firefox" go to internet through the port 80, "myApplication.bin" go to internet through the port 5500, and so on... and ther other all programs that are not listed in the list, can not access to the net. How can i do this?
User
Yes you can do what you describe using an optional add-in for iptables called "owner". It probably needs adding to the kernel, but once added you can say something like
iptables -A ChainName \\ -p tcp --syn \\ -m owner --owner-cmd ProgramName \\ -j JumpTarget
Chris
--
Thank You for your answer,
User
Thank You for your answer,
User
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.