From: paddy joesoap <paddyjoesoap@gmail.com>
To: netfilter@vger.kernel.org
Subject: iptables role in protecting XMPP servers
Date: Fri, 11 Jun 2010 14:32:32 +0100 [thread overview]
Message-ID: <AANLkTilITzuPsH2qbn2SC-GDg8erV6f7mH1bpFvWm5ws@mail.gmail.com> (raw)
Hi all,
Can iptables filter xmpp traffic, even some rudimentary inspection?
I am curious to know what role an iptables firewall can play in
protecting an XMPP server, such as Openfire, in conjunction with the
XMPP server's capabilities.
Apart from opening the correct ports, and providing typical DoS and IP
address spoofing protection, what other treats can iptables prevent
specific to xmpp?
I presume it can use U32, String-match and L-7 filtering to inspect
XML based traffic within client-2-server and server-2-server XMPP
communication.
regards,
Paddy.
reply other threads:[~2010-06-11 13:32 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=AANLkTilITzuPsH2qbn2SC-GDg8erV6f7mH1bpFvWm5ws@mail.gmail.com \
--to=paddyjoesoap@gmail.com \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).