Home » Mailing list archives » openbsd-misc » 2008 » May » 9

Re: How to filter based on application protocol being used

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: Reyk Floeter <reyk@...>
To: Srikant Tangirala <srikant.bsd@...>
Cc: <misc@...>
Subject: Re: How to filter based on application protocol being used
Date: Friday, May 9, 2008 - 1:58 am

On Fri, May 09, 2008 at 10:40:18AM +0530, Srikant Tangirala wrote:


you can redirect the outgoing traffic through a pf proxy which

understands and enforces the common parts of the protocol.  this does

not prevent anyone to tunnel something else in the well-defined

protocol, like SSH over DNS, but it at least allows to make it a

little bit stricter. 


examples are ftp-proxy(8), tftp-proxy(8), relayd(8) (DNS, HTTP, and

more), ... some people also like squid with pf patches from ports; but

i'm feeling sorry for them.


reyk
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
How to filter based on application protocol being used, Srikant Tangirala, (Fri May 9, 1:10 am)
Re: How to filter based on application protocol being used, jean-philippe luiggi, (Fri May 9, 7:40 am)
Re: How to filter based on application protocol being used, Marcus Andree, (Mon May 12, 7:44 am)
Re: How to filter based on application protocol being used, Srikant Tangirala, (Fri May 9, 9:35 am)
Re: How to filter based on application protocol being used, Reyk Floeter, (Fri May 9, 2:25 am)
Re: How to filter based on application protocol being used, Johan Fredin, (Fri May 9, 4:51 am)
Re: How to filter based on application protocol being used, Srikant Tangirala, (Fri May 9, 2:53 am)
Re: How to filter based on application protocol being used, Reyk Floeter, (Fri May 9, 3:06 am)
Re: How to filter based on application protocol being used, Reyk Floeter, (Fri May 9, 1:58 am)