[Shorewall-users] RE: Bandwidth management and filtering port 80

Francesca C Smith fsmith at ladylinux.com
Mon Nov 17 18:37:11 PST 2003


Hello,

At 03:00 PM 11/17/2003, you wrote:
>Hi All,
>
>Streams and media services from MS, Apple and RealONE etc can pass through 
>port 80 when you block PNA, MMS and RSTP ports. I also suspect trojans / 
>stealth applications do the same.
>
>I am concerned in the first case about bandwidth management, and in the 
>later case security. Is there a way to block streams or inspect the 
>traffic to ensure that it is really webtraffic that is passing?
>
>Can shorewall do this or is there another way?
>
>Thanks in advance.
>
>Ama

Don't use Shorewall for this ..

Use a proxy .. and block the appropriate file extensions and/or mime types 
.. I use SQUID ..

Francesca


"No Problems Only Solutions"
Francesca C. Smith
Lady Linux Internet Services
fsmith at ladylinux.com




More information about the Shorewall-users mailing list