Hnestly, I would recommend shorewall for ease of configuration. However, since it's based on iptables, I do not think it can sort out file types, so I would recommend squid, which is a proxy server to achieve what you want.
HTH,
Jonathan C.
On Wed, 23 Jul 2003, [EMAIL PROTECTED] wrote:
> On 10:24 Wed 23 Jul , Craig Main wrote:
>
> > Is there a firewall solution that can block traffic based on file type,
> > and I am also looking for a solution to get stats for type of traffic
> > traversing a firewall (ie: smtp, pop, imap, http....etc)
>
> With snort-inline you have a new iptables target "QUEUE" which
> passes packets to the IDS snort. Here you can define rules based on
> the content of the stream and block (and log) unwanted packets. Snort and
> snort-inline are often used in a honeynet environment.
>
> --
> [EMAIL PROTECTED] mailing list
>
>
--
Life would be tolerable but for its amusements.
-- G.B. Shaw
pgp00000.pgp
Description: PGP signature
