Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
07-17-2006, 01:59 PM
|
#1
|
LQ Newbie
Registered: Mar 2006
Posts: 3
Rep:
|
Application Specific firewall rules, Howto: someone?
Hey everybody!
Does someone know a solution to how to configure a linux firewall to application specific settings? I mean that if I know that the application is safe, I would want to enable him to open any kind of ports regardless of any other firewall settings.
The solution behind all this I think is in some magical kernel module that intercepts the interrupt when the program want's to write to a socket, verifies if this can be done and then grant permission to execute the operation.
So, I know it's a complicated feature but...
Does anyone have any ideas, where can I find such a module or such application?
Respect,
X
|
|
|
07-17-2006, 02:18 PM
|
#2
|
Senior Member
Registered: May 2004
Location: Albuquerque, NM USA
Distribution: Debian-Lenny/Sid 32/64 Desktop: Generic AMD64-EVGA 680i Laptop: Generic Intel SIS-AC97
Posts: 4,250
Rep:
|
Unless your needs are fairly sophisicated, you're probably making more out of this than necessary. Presumably, you want to do something like using a filesharing program, and you want specific ports for it to use.
Number one, if you have a router, you'll need to open ports in it, or disable it's firewall.
Number two, install the firewall gui application best suited to your desktop (Firestarter-Gnome, Guarddog-KDE)
Again, if you have really sophisticated needs, ignore this and try to get help from firewall experts. But I think you'll have to be considerably more specific about your question to attract interest from them.
|
|
|
07-17-2006, 08:50 PM
|
#3
|
Moderator
Registered: May 2001
Posts: 29,415
|
Does someone know a solution to how to configure a linux firewall to application specific settings? I mean that if I know that the application is safe, I would want to enable him to open any kind of ports regardless of any other firewall settings.
Sounds a bit like Systrace though that's prolly more than you want...
|
|
|
07-18-2006, 02:54 AM
|
#4
|
LQ Newbie
Registered: Mar 2006
Posts: 3
Original Poster
Rep:
|
Quote:
Originally Posted by rickh
Unless your needs are fairly sophisicated, you're probably making more out of this than necessary. Presumably, you want to do something like using a filesharing program, and you want specific ports for it to use.
Number one, if you have a router, you'll need to open ports in it, or disable it's firewall.
Number two, install the firewall gui application best suited to your desktop (Firestarter-Gnome, Guarddog-KDE)
Again, if you have really sophisticated needs, ignore this and try to get help from firewall experts. But I think you'll have to be considerably more specific about your question to attract interest from them.
|
I'm not over complicating my self. That's what I really want to do! I've used windows before - aprox. an year ago -, and some commercial firewalls can do this... I can specify some applications as "TRUSTED"; from that moment on, that specific application would have access to all of the ports, and only asking for permission for very specific high risk port operations.
I would want this behavior on linux... Normal (static) firewall rules isn't good for me because the apply a rigid packet filtering, regardless of applications. Packet shaping firewalls are not good either because they: use a lot of resources and they only recognize package types, and I can't assign package type to specific applications.
I think that associating packages with applications It can only be done @ kernel level, and not in the Application layer - as packet shaping does - because only at that level you have full control of interrupts and I/O operations.
So my quest still remain to find a "application/module" that can do the job I'm asking.
Hope that I've been more specific now.
Regards,
X
|
|
|
07-18-2006, 03:27 AM
|
#5
|
LQ Newbie
Registered: Mar 2006
Posts: 3
Original Poster
Rep:
|
Quote:
Originally Posted by unSpawn
Does someone know a solution to how to configure a linux firewall to application specific settings? I mean that if I know that the application is safe, I would want to enable him to open any kind of ports regardless of any other firewall settings.
Sounds a bit like Systrace though that's prolly more than you want...
|
I think that Systrace is the "correct" answer to my question! Thanx!
|
|
|
All times are GMT -5. The time now is 08:57 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|