packet filtering technology in Iptables
This is a discussion on packet filtering technology in Iptables within the Linux Security forums, part of the System Security and Security Related category; Hi, As far as I known, FW-1 does only keep track of state in the TCP and UDP level. ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-22-2004
|
|||
|
|||
Re: packet filtering technology in Iptables
On Thu, 22 Apr 2004 14:41:52 +0800
sam <samwun@hgcbroadband.com> wrote: > Hi, > > As far as I known, FW-1 does only keep track of state in the TCP > and UDP level. Can Iptables inspect packet up to application > header of payload? > > sam AFAIK there is a patch for iptables to search for a regex in the whole packet, but you rather use a proxy to filter depending on application level headers and funnel with iptables the packet transparently through the proxy. Greets Chris 
|
|
04-23-2004
|
|||
|
|||
|
Re: packet filtering technology in Iptables
I am sure fw1 does keep track the body of packet also, if not how can it
handle ftp, sqlnet, ... packet? "sam" <samwun@hgcbroadband.com> ??? news:c67qoj$2hfg$1@news.hgc.com.hk ???... > Hi, > > As far as I known, FW-1 does only keep track of state in the TCP and UDP > level. Can Iptables inspect packet up to application header of payload? > > sam ~ Let us linux ~ -----= Posted via Newsfeeds.Com, Uncensored Usenet News =----- http://www.newsfeeds.com - The #1 Newsgroup Service in the World! -----== Over 100,000 Newsgroups - 19 Different Servers! =-----
|
Linear Mode
