firewall with user interaction/netlink support
Stefan Strasser
sstrasser at systemhaus-gruppe.de
Mon Dec 6 11:44:32 CET 2004
> I don't think there will be any interest, because there's no reason to
> deny any application access to the internet. I don't know of any Linux
> softwa
well there are other use cases. e.g. having a server running which you
normally don't want to be accessed from outside for security reasons.
but sometimes you do.
> Anyway, if anyone would ever want to have something like this, he/she
> would need to implement it in the Linux kernel. KDE has no control over
> which applications can access the internet and which can not, which is a
> Very Good Thing (tm). Once the kernel has support for application-level
> blocking, KDE might be able to negotiate between kernel, user and
> application about network access.
you're right, but the kernel already has support for this.
there is a special iptables target called QUEUE which lets a userspace
application decide if the packet is to be rejected or accepted.
among other information you can get the pid of the sending process and
the IP packet itself(destination, port etc) to do this.
but up to now there is no userspace application for this I'm aware of.
>
> Cheers,
>
> Dik
> _______________________________________________
> kde-quality mailing list
> kde-quality at kde.org
> https://mail.kde.org/mailman/listinfo/kde-quality
>
>
--
Stefan Strasser
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sstrasser.vcf
Type: text/x-vcard
Size: 217 bytes
Desc: not available
Url : http://mail.kde.org/pipermail/kde-quality/attachments/20041206/3cc3f6aa/sstrasser.bin
More information about the kde-quality
mailing list