Re: Desktop Firewall or Application-Packetfilter

From: Robert Harris <robert.f.harris@xxxxxxxxxxxxxxxx>
Date: Wed, 25 Jan 2006 20:07:18 GMT

Ralf Näke wrote:

Robert Harris schrieb:
Ralf Näke wrote:
Hi,
i am looking for a way to control which application gets access to the internet under linux. the solution should be very similar to desktop firewalls under windows. i dont want to close specific ports to the internet. i want to filter the packets depending on the application name or the applications process id.
But there is nothing in a packet that says which application it belongs to.
Could you give an example of what you really need.
Robert
and by the way, i dont want to talk about the sense of desktop firewalls. i am only looking for a solution under linux (if there is one).
thanks!
Ralf Näke
Hi Robert,
thanks for yor response. i want to take control over the rights of applications for internet access. i hope i can describe it clearly with the following example:

imagine you have two internet browsers installed under linux. the first browser should have the rights to connect to the internet and the second browser should not have this rights. in reality i want to test this with ohter applications but i think this is a beautiful example. this is for the case that i only want to test one application without let them connect to the internet. but at the same time i want to stay online with other applications so that i dont want to cut my internet connection. also i dont want to close specific ports because i dont know what ports the test-application uses.
i hope this example is a little bit more useful. thank you for your help!
greetings ralf

Well, if you have two browsers, there is no filter that will allow one to reach the internet but not the other: they both generate the same types of packet. You must build the internet access permissions into the applications themselves.

Or you could discover what ports your test application uses.

Robert
.

References:
- Desktop Firewall or Application-Packetfilter
  - From: Ralf Näke
- Re: Desktop Firewall or Application-Packetfilter
  - From: Robert Harris
- Re: Desktop Firewall or Application-Packetfilter
  - From: Ralf Näke

Prev by Date: Re: Neighbor table overflow. Virus?
Next by Date: Re: Desktop Firewall or Application-Packetfilter
Previous by thread: Re: Desktop Firewall or Application-Packetfilter
Next by thread: Re: Desktop Firewall or Application-Packetfilter
Index(es):
- Date
- Thread

Relevant Pages

Re: Are real companies using/supporting Linux?
... >> Home Depot - thousands of LINUX licenses ... > * Vigilant Internet services Ltd. ... > * Netscape Communications Corp. ... > * Pitrich Information Technologies ...
(comp.os.linux.security)
Re: Are real companies using/supporting Linux?
... linux systems to implement its search & display capability. ... > * Vigilant Internet services Ltd. ... > * Netscape Communications Corp. ... > * Neuron Consultants Pvt. ...
(comp.os.linux.security)
Re: Are real companies using/supporting Linux?
... >use of Linux to support their day-to-day business function. ... >Vigilant Internet services Ltd. ... >New Age Consulting Service, Inc. ... >Pitrich Information Technologies ...
(comp.os.linux.security)
Re: setting up LAN with linux
... i dont have to reenter Windows to access internet. ... > machine that allows me to access the internet through a gateway. ... > Now within Linux there's trouble configuring an ipv4 connection. ... Tried to install Webmin but it just dont work when i try to ...
(comp.os.linux.networking)
Re: Viruses
... technically savvy than Windows users, I ... assure you that there are idiots even among Linux geeks. ... and IE to help it propagate. ... but are a very inefficient way to attack the Internet. ...
(rec.photo.digital)