Re: Application layer firewall on FreeBSD, is it possible ?
From: Robert Watson (rwatson_at_FreeBSD.org)
Date: 08/31/05
- Previous message: Robert Watson: "Ctrl-c abort of dhclient during rc.d start aborts all network configuration"
- In reply to: Daniel Dvořák: "Application layer firewall on FreeBSD, is it possible ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 31 Aug 2005 12:19:09 +0100 (BST) To: dandee@volny.cz
On Tue, 30 Aug 2005, [iso-8859-2] Daniel Dvo?ák wrote:
> So, is there any way to do same application layer osi model firewall
> with FreeBSD gateway ?
>
> Of course, I tried to find on web, I have not been successful in
> searching so far.
>
> If my question is not right in this mailing list, if my question is
> annoying here, so I am sorry.
I can't speak to the details of the environment or protocols, but you
might take a look at "ipfw fwd", which allows you to locally intercept
wide area network TCP connections passing through an IP router. This can
be used for things like transparent proxy caching, transparent firewalls,
and so on. ipfw(8) contains some details, but I've not played with it
myself so I can't tell you much more than that it looks like applications
can simply bind a TCP port, and then you can use ipfw fwd to redirect
connections to it. I'm not sure how well ICMP is handled.
Robert N M Watson
_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"
- Previous message: Robert Watson: "Ctrl-c abort of dhclient during rc.d start aborts all network configuration"
- In reply to: Daniel Dvořák: "Application layer firewall on FreeBSD, is it possible ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
