On Tue, Apr 27, 2004 at 07:51:33PM +0300, Shachar Shemesh wrote:
> Noam Meltzer wrote:
>
> >Hi,
> >I was wondering if any1 knows if iptables has the ability to implement
> >"application intelligence"?
>
> The short answer is "no".
>
> A slightly longer answer is that, if you have a proxy softwa
Noam Meltzer wrote:
Hi,
I was wondering if any1 knows if iptables has the ability to implement
"application intelligence"?
My sepcific interest is to implement something like this:
I have a host, connected to the internet, and it runs iptables, while
ssh's tcp port is the only one opened.
Now, I
On Tuesday 27 April 2004 18:55, Noam Meltzer wrote:
> Hi,
> My sepcific interest is to implement something like this:
> I have a host, connected to the internet, and it runs iptables, while
> ssh's tcp port is the only one opened.
> Now, I want that instead of opening this port, every communication
]
On Behalf Of Shachar Shemesh
Sent: Tuesday, April 27, 2004 6:52 PM
To: Noam Meltzer
Cc: Linux-IL mailing list
Subject: Re: iptables AI (application intelligence)
Noam Meltzer wrote:
> Hi,
> I was wondering if any1 knows if iptables has the ability to implement
> "application intel
Noam Meltzer wrote:
Hi,
I was wondering if any1 knows if iptables has the ability to implement
"application intelligence"?
The short answer is "no".
A slightly longer answer is that, if you have a proxy software that can
act as a transparent proxy, you can direct all traffic to it using
IPTables
I don't think its possible... since the TCP layer only brings the data to
ssh program, it doesn't analyze it (e.g. username).
so the drop will have to be by the ssh server (which already does that).
Regards,
Lior Kaplan
[EMAIL PROTECTED]
http://www.Guides.co.il
- Original Message -
From
