Control outbound access on a per-application level

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Gustav Svensson <gurra16@spray.se>
To: netfilter@lists.netfilter.org
Subject: Control outbound access on a per-application level
Date: Wed, 2 Oct 2002 15:46:01 +0000 (UTC)	[thread overview]
Message-ID: <1033569217024171@spray.se> (raw)

[-- Attachment #1: Type: text/plain, Size: 1173 bytes --]

Is it possible to set "outbound" rules based on what binary application it is that
wants to access the Internet?
Just like what I'm used to when I run win32. In every firewall application there, I
get a message when some program is trying to access the internet. Then I can decide
whether to procede the action, or block it. On Linux I see nothing like this.
I'm having a concern with the RealPlayer. I would like to block it to reach any other
addresses but those to my favourite stations.
Sure, I could set up a rule for the port that RealPlayer is supposed to use, but what
guarantee do I have that it isn't capable of using some other port, like 80 for example?
Assume it does use the port 80. Then it would be imposible to stop without a rule like
mentioned here. Because I would want Galeon to have access to any address on port 80,
so I have to leave it wide open. It would be better if I could allow this privilege to
Galeon only, not to any program that uses port 80. Is this feasible, if so how?

Gustav
______________________________________________________
Här börjar internet!
Skaffa gratis e-mail och internet på Spray http://www.spray.se

next             reply	other threads:[~2002-10-02 15:46 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-10-02 15:46 Gustav Svensson [this message]
2002-10-02 15:38 ` Control outbound access on a per-application level Cedric Blancher
2002-10-02 18:51 ` Mitesh P Choksi

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1033569217024171@spray.se \
    --to=gurra16@spray.se \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.