All of lore.kernel.org
 help / color / mirror / Atom feed
From: Joel Newkirk <netfilter@newkirk.us>
To: "Liber Chrétien" <liber.chretien@free.fr>
Cc: "netfilter@lists.netfilter.org" <netfilter@lists.netfilter.org>
Subject: Re: how to filter applications with iptables
Date: 26 Jun 2003 03:25:14 -0400	[thread overview]
Message-ID: <1056612314.1893.5.camel@alpha.newkirk.us> (raw)
In-Reply-To: <20030626070125.065CEC11A@postfix4-2.free.fr>

On Thu, 2003-06-26 at 04:03, Liber Chrétien wrote:
> Hello,
> I've been looking for some information but couldn't find, so here it goes, I'm asking 
> to the list : (excuse my technical english if I'm not clear enough)
> 
> I've a LAN at home with mdk as server and win and mdk on the clients
> 
> My question is : is there a way to block certain applications, such as specific 
> softwares (office suite for example), to access internet with iptables?
>  How to identify the packets emitted from such applications and block them ?
> 
> Thanks 
> 
> Bruno

The only way to accomplish this is blocking by IP and ports.  If there
is a certain type of connection you want to block you can perhaps
accomplish it by port.

If you want to run an iptables firewall and filter out explicitly
traffic from a certain windows application that communicates on
'standard' ports that you otherwise want open, you're out of luck.  That
would be better handled on the Win box itself with something like
ZoneAlarm that lets you grant/deny connection privileges per
application.

j





      parent reply	other threads:[~2003-06-26  7:25 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-06-26  8:03 how to filter applications with iptables Liber =?unknown-8bit?q?Chr=E9tien?=
2003-06-26  7:19 ` Cedric Blancher
2003-06-26  7:21 ` Ray Leach
2003-06-26  7:25 ` Joel Newkirk [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1056612314.1893.5.camel@alpha.newkirk.us \
    --to=netfilter@newkirk.us \
    --cc=liber.chretien@free.fr \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.