Hi all, Does anyone know of a Linux firewall that offers layer 8 firewall / user level firewalling? Cyberoam (http://www.cyberoam.com/firewall.html) has a layer 8 firewall built into their UTM firewalls, and while it's a great product I find it a bit limited for what I want. I basically want to track which user access what on the internet, from an internal network. Ideally I want to limit access to certain objects (i.e. websites, by URL / keyword / type, FTP, skype, MSN, etc) for certain users as well. -- Kind Regards Rudi Ahlers CEO, SoftDux Hosting Web: http://www.SoftDux.com Office: 087 805 9573 Cell: 082 554 7532
aurfalien at gmail.com
2009-Oct-09 18:48 UTC
[CentOS] layer 8 / user level firewall on linux?
Thats a really good post and a good link. There's the i7 plugin to iptables (netfilter) that you may find useful but its not on the app layer thats above the app layer. For what its worth, when I was a Cisco admin, i used timed access lists to block certain users during work hours. Not at all sophisticated like that l8 stuff you asked about but mebbe useful? On Oct 9, 2009, at 8:25 AM, Rudi Ahlers wrote:> Hi all, > > Does anyone know of a Linux firewall that offers layer 8 firewall / > user level firewalling? Cyberoam > (http://www.cyberoam.com/firewall.html) has a layer 8 firewall built > into their UTM firewalls, and while it's a great product I find it a > bit limited for what I want. > > I basically want to track which user access what on the internet, from > an internal network. Ideally I want to limit access to certain objects > (i.e. websites, by URL / keyword / type, FTP, skype, MSN, etc) for > certain users as well. > > > > -- > Kind Regards > Rudi Ahlers > CEO, SoftDux Hosting > Web: http://www.SoftDux.com > Office: 087 805 9573 > Cell: 082 554 7532 > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos
From: Rudi Ahlers <Rudi at SoftDux.com>> Does anyone know of a Linux firewall that offers layer 8 firewall / > user level firewalling? Cyberoam > (http://www.cyberoam.com/firewall.html) has a layer 8 firewall built > into their UTM firewalls, and while it's a great product I find it a > bit limited for what I want. > > I basically want to track which user access what on the internet, from > an internal network. Ideally I want to limit access to certain objects > (i.e. websites, by URL / keyword / type, FTP, skype, MSN, etc) for > certain users as well.Maybe use squid with authentication and acls...? And caching as a bonus... JD