From mboxrd@z Thu Jan  1 00:00:00 1970
From: Alexander Samad <alex@samad.com.au>
Subject: Re: filtering packets based on the pathname of the
	sending/receiving application
Date: Tue, 31 Aug 2004 08:05:56 +1000
Sender: netfilter-bounces@lists.netfilter.org
Message-ID: <20040830220556.GR29072@samad.com.au>
References: <013a01c48b8e$77ff1840$7e306980@calli>
	<1093887772.23659.51.camel@nostromo.bgsecm.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="brdEIFGMNIjz5YJG"
Return-path: <netfilter-bounces@lists.netfilter.org>
Content-Disposition: inline
In-Reply-To: <1093887772.23659.51.camel@nostromo.bgsecm.com>
List-Id: <netfilter.vger.kernel.org>
List-Unsubscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>,
	<mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>
List-Archive: </pipermail/netfilter>
List-Post: <mailto:netfilter@lists.netfilter.org>
List-Help: <mailto:netfilter-request@lists.netfilter.org?subject=help>
List-Subscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>,
	<mailto:netfilter-request@lists.netfilter.org?subject=subscribe>
Errors-To: netfilter-bounces@lists.netfilter.org
To: netfilter@lists.netfilter.org


--brdEIFGMNIjz5YJG
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Aug 30, 2004 at 08:54:42PM +0200, Jose Maria Lopez wrote:
> El jue, 26 de 08 de 2004 a las 19:02, Sonny (Sechang) Son escribi??:
> > Hi,
> >=20
> > sorry if this has been answered already.
> >=20
> > Is there any way to block/allow traffic generated by or toward a spcific
> > application. I want to block/allow traffics based on the full pathname =
of
> > the application.
> >=20
> > thank you.

The is a patch in patch o matic called owner, which lets you specify the
application and matches agains that.


>=20
> Wouldn't it be easier to study the ports this application use and use
> them to generate your rules. I think what you want it's not possible,
> you can't discriminate traffic using the path or name of the executable,
> but I think you can do it with the user that runs the program, using a
> patch from patch-o-matic, I don't know if this can suit you.
>=20
> --=20
> Jose Maria Lopez Hernandez
> Director Tecnico de bgSEC
> jkerouac@bgsec.com
> bgSEC Seguridad y Consultoria de Sistemas Informaticos
> http://www.bgsec.com
> ESPA??A
>=20
> The only people for me are the mad ones -- the ones who are mad to live,
> mad to talk, mad to be saved, desirous of everything at the same time,
> the ones who never yawn or say a commonplace thing, but burn, burn, burn
> like fabulous yellow Roman candles.
>                 -- Jack Kerouac, "On the Road"
>=20
>=20
>=20

--brdEIFGMNIjz5YJG
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBM6TEkZz88chpJ2MRAuhgAKDB+OkXovdB8hlbDzkrVCMWtB+bZwCg9qKP
sTmAJwy5uYGpOL3ICs4HY8Q=
=3kSu
-----END PGP SIGNATURE-----

--brdEIFGMNIjz5YJG--