Is it possible to filter HTTP signatures/headers with
SHOREWALL ? or is there addon for it ?
take care
*º¤., ¸¸,.¤º*¨¨¨*¤ Stingray *º¤., ¸¸,.¤º*¨¨*¤
              
__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
S t i n g r a y schrieb:> Is it possible to filter HTTP signatures/headers with > SHOREWALL ? or is there addon for it ? > >iptables/netfilter is a layer3/4 packet filter. And shorewall is "just" a frontend for iptables. What you are trying to do is filtering in the application layer. You''ll need a filtering proxy for that, e.g. squid. There is a string match module available where you could filter for such pakets containing string XY. But trust me: you *don''t want* to do that! HTH, Alex ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
Alexander Wilms wrote:> What you are trying to do is filtering in the application layer. You''ll > need a filtering proxy for that, e.g. squid. > >Besides which, squid does it so easily. However, Shorewall works well to redirect the http packets to the squid port and ensure everyone goes through squid. The two are a very powerful combination together. -- Chris Mason NetConcepts (264) 497-5670 Fax: (264) 497-8463 Int: (305) 704-7249 Fax: (815)301-9759 UK 44.207.183.0271 Cell: 264-235-5670 Yahoo IM: netconcepts_anguilla@yahoo.com -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
Why does then Microsoft publisize so much when its ISA 2004 firewall come out, while open source softwares are doing it since early .. :) --- "Chris Mason (Lists)" <lists@masonc.com> wrote:> Alexander Wilms wrote: > > What you are trying to do is filtering in the > application layer. You''ll > > need a filtering proxy for that, e.g. squid. > > > > > Besides which, squid does it so easily. However, > Shorewall works well to > redirect the http packets to the squid port and > ensure everyone goes > through squid. The two are a very powerful > combination together. > > -- > Chris Mason > NetConcepts > (264) 497-5670 Fax: (264) 497-8463 > Int: (305) 704-7249 Fax: (815)301-9759 UK > 44.207.183.0271 > Cell: 264-235-5670 > Yahoo IM: netconcepts_anguilla@yahoo.com > > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > > > >-------------------------------------------------------> This SF.Net email is sponsored by xPML, a > groundbreaking scripting language > that extends applications into web and mobile media. > Attend the live webcast > and join the prime developer group breaking into > this new coding territory! >http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642> _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net >https://lists.sourceforge.net/lists/listinfo/shorewall-users>*º¤., ¸¸,.¤º*¨¨¨*¤ Stingray *º¤., ¸¸,.¤º*¨¨*¤ __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
Alexander Wilms wrote:> There is a string match module available where you could filter for such > pakets containing string XY. But trust me: you *don''t want* to do that! >Im sure he don''t want to do that ;) in fact... I hope shorewall will never support that ugly thing. ;-) what he needs is Squid with dansguardian probably.