On Tue, 28 Nov 1995, Dermot Tynan wrote:
> The Digital Firewall for UNIX, and I believe the TIS Gauntlet and
> others, offer a "generic proxy". That is, one which will listen on a
> TCP port for connections, validate that connection request through the
> ACL, generate the connection, and put an entry in the log. It is
> configurable in terms of the port it listens on, and the connections it
> will allow. The DFWU will also generate events which can further
> generate alarms depending on the configuration, in the case where an
> unauthorized connection is attempted. In the case of TCP, this offers
> most of what a customer would require. The only thing missing is the
> ability to perform per-protocol screening, to further enhance the
Perhaps this is a stupid question, I don't know. Forgive me if it is.
I am wondering if there is a firewall out there (perhaps most of them? I
don't know) that will let me filter (IOW add my own rules) based on
protocol AND specific bits and bit sequences.
Ex. If I want to read a packet and disallow any packets where bits
161-169 are of the sequence 10000011 (loose source routing option) or I
want to read the 8 bits of the "type" field in ICMP messages to filter
out types of "destination unreachable" and "ICMP redirect."
I know that these examples are standard as far as rules or options
already set up, but what if I want to make my OWN custom filters based on
bits and sequences? Which firewalls is this possible with? FWTK? Socks
proxies?
Thanks,
Brain21
References:
|
|
