General :: Software Rec - Firewall With Application-level Filtering?
May 20, 2011
Are there any firewalls for Linux that will allow one to block certain ports for a specific application while allowing other programs to use the same port, or block Internet access altogether for specific applications?
Everything based on IPTables apparently can only block ports globally for all applications. SELinux is the only thing I've found so far that might have application-level Internet blocking capability, but it serves a broader array of security purposes and seems too complex for this task.
I don't need interactive popups like with Windows personal firewalls. I'm OK with having to edit a config file. This is for personal desktop Linux use, not a server.
View 1 Replies
ADVERTISEMENT
Jan 14, 2011
is this possible on 2 Linux boxes will act as a INTERNET Firewall + Filtering: 1st PC = CENTOS 5.5 functions as a firewall using iptables with two NICS 1=ETH0 connected to internet with a public ip and 1=ETH1 with ip address of 10.0.0.1 connected to the 2nd PC Centos 5.5 with squid/dansguardian with ip address of 10.0.0.2
2nd PC = Centos 5.5 functions as a squid + dansguardian internet filtering with 2 NICS 1=ETH0 with ip address of 10.0.0.2 connected to the ETH1 of the 1st PC with ip address of 10.0.0.1 and 2nd ETH1=connected to LAN (172.16.1.0/24)
does this make sense? this might be confusing but I just want to try this, to protect incoming ssh from our previous Sys admins who intended to enter the LAN 172.16.1.0/24 network. And also to confuse them that they have to pass through 10.0.0.1 - 2.
View 3 Replies
View Related
Aug 6, 2010
What application is more "low level" - apt or aptitude?
View 14 Replies
View Related
Aug 16, 2010
We have zabbix Network monitoring tool installed on two servers 172.17.11.6 ( Master ) and 172.17.11.3 ( Slave ) RHEL 5.4 Servers with 172.17.11.4 being Virtual Ipaddress.We are trying to implement High Availability with Red Hat Cluster Suite.OS level Clustering has been implemented with following cluster configuraiton.
But we need to implement Application level clustering for Zabbix_server process which inturn depends on httpd and mysqld deamons to be running.So I have to check the health of mysqld and httpd with a shell script along with the health of zabbix_server process.Any good tutorials for this ? Any guidlines that I have to follow ?Here I may need to take care of following things when any one of the process goes down
1. Shifhting Virtual IP
2. Shifting /dev/sdb1 ( Shared drive to slave )
3. stopping other services on master
4. starting all the services on slave
View 4 Replies
View Related
Mar 27, 2011
Im reading this tutorial that is old(kernel 2.4) for iptables. It states that iptables should not be read at the application level of the TCP model because of packet boundaries. Does this still hold true today?
View 1 Replies
View Related
Jan 15, 2011
hello everyone, im having a problem when my computer enters in the run level 4 as the default when i start slackware. The strange thing is that it not seems that is a X window problem, it looks like more like a configuration problem in some part of the kde script to initialize the log in, because if i manually start the X service it works fine, i dont know what is the source. Thank you in advance for the help.
View 3 Replies
View Related
Oct 17, 2010
I want a video editing software for combining two videos at frame level. I mean, for eg: to show double action at a time in movie. We shoot two characters separately. And then we combine it as a single video with dual role effect. Now, I think you understood my requirement. Plz anyone tell that type of application which suits my needs.
View 3 Replies
View Related
Oct 20, 2010
I need to implement operating system level visualization to isolate a application on RHEL 5.5. Which one tool in following for implementation Linux-VServer, lxc, OpenVZ or anyone else.
View 2 Replies
View Related
Apr 23, 2011
im looking for a good firewall application.
View 2 Replies
View Related
May 27, 2010
I have a directory that has a another directory inside it. The top directory is rather redundant since it only contains the one other one. Is there a way to delete the top level directory and have the contents simply "move up a level"?
View 6 Replies
View Related
Feb 10, 2011
How do i filter the daemoms list for just 1 letter and then turn off certain run levels for that daemon?
View 2 Replies
View Related
Aug 13, 2010
Is there some way to filter output of command by OR condition in Linux? There is filtering by AND condition with grep in way like:
ls -l | grep "^a" | grep "z$"
That says: list all files that beggins with "a" AND ends with "z" (so there is shorter way to write this: grep "^a.*z$", but it is not matter). Is there some way to perform test by OR condition? For example: files that starts exactly with "xen" OR files that ends exactly with ".rpm". But exactly, not something like:
grep "[xen]{0,3}.*[.rpm]{0,4}"
View 2 Replies
View Related
Aug 24, 2010
how I cat to filter out information about Unix Domain Sockets from netstat output without grep? Is there some option for command (I not found it in man of netstat).
View 2 Replies
View Related
Jan 28, 2011
I'm trying to capture traffic between two machines, A and B. I would like to make sure that the traffic I capture with tcpdump is between eth1 on the local machine and eth0 on the remote machine. As I understand it, the -i flag specifies the local machine interface - but how to set the remote one?
View 3 Replies
View Related
Aug 10, 2010
I've been able to kludge a kill script which finds the correct pid for the kdeserver (or gnome server) after my system comes up in run level 5 so I can drop back to run level 3 mode. Lots of experimentation showed me that using telinit 3 and telinit 5 would occasionally leave the video memory in a mess and I would have the black screen of death.
I set the security parameter setting to autologin for me since I am the only user of my machine, but I still have to kludge the default setting under sysconfig (the DEFAULT_WM) under Window Manager to pick a certain window manager, so it takes time to manually switch the desktop.
Right now I can leave the gui and drop back to cli, but painful experimenting showed me that killing the X server is a no no. Right now I kill the kde server, which sends the SIGTERM to the X windows manager, which then figures out that it has to shut down.
Questions: Is there a better way of doing this? Apparently openSUSE figures that we have multiple users logging into the gui desktop, so the gui is always kept running and a login window with the desktop manager option forces the user to login in. With autologin, this never happens, but no choice of desktop is possible on the fly.
Can some type of script be set up to painlessly enable this to happen? And what is the best way of bringing either the Gnome or KDE desktop manager down gracefully? I do get lots of error messages as the system attempts to recover and X shuts down. It appears that apparently the single user with autologin is left out in the cold.
View 4 Replies
View Related
Feb 6, 2010
I want to install a software called TinyOS which is an operating system designed for wireless sensor embedded networks in my account. The problem is it has instructions to install the software as an administrator since i'm not an admin of the department network i can not able to install. Is there any method to install this software as an user level rather than admin level.
View 3 Replies
View Related
May 8, 2010
How can I adjust the levels at which the battery is considered to be critically low?ight now it seems this is set at 5 or 10%. I want to make it 20 or 25%This is for Gnome. I am using Lucid x86
View 1 Replies
View Related
Feb 18, 2011
I've been using an old Fortigate-60 at home for the kids for some time but now the license is expired again. Are there any free or inexpensive alternatives? I'd like something I can run on a linux firewall and share against multiple users, with different profiles. In the past I ran squid and I whitelisted sites each kid was allowed to use but this becomes tedious as the kids get older and need access to more. I'd love something that could check a website rating or category list, let the user through for certain categories, and block bad or unrated sites. I don't really need virus checking or email scanning or the like.
View 1 Replies
View Related
Jan 6, 2009
I want to know what are the advantages and disadvantages for accessing spi(serial peripheral inerface )from kernel level and user level. like methods of doing it, speed ,memeory utilization etc
View 1 Replies
View Related
May 27, 2010
I have created custom rules following: edit > message filters > incoming filter > (custom filter), none work. Also, by right clicking a message and, create rule from message > filter based by subject, sender, and recipients. Accepting all default (auto populated) conditons. None of the filters work at all? Seems this is a popular problem that has not found a solution except to use Thunderbird. not including ThunderbirdWhen I select a message that is supposed to be filtered to a specific folder and go to Message > Apply Filters. message goes to the assigned folder, but I want it to skip the inbox all together.
View 5 Replies
View Related
Mar 22, 2010
I have some big files of logs that contain errors printed by an app. They are most of the time relevant, however most of them are similar. So i figured i could check what happened between a time interval with a find.
Im using this one
Code:
And I get an output similar to this one.
Code:
Is there a way to condensate the output lines to get only one or two, indicating the start and last occurrence of a block? Or I need to create a program to do so?
Because right now I get thousands of similar lines, but when I'm scrolling through them i sometimes miss relevant information that i would've otherwise noted if it wasn't all that spammy.
View 10 Replies
View Related
Jul 21, 2010
[code]...
you can find a cutout of an output generated by "iwlist s" command for a cell. Does anybody know what Quality, Signal level and Noise level mean? What is the definition of them? I searched for it and could not find good information on it. What do these Extra:*** fields for? What does it show in the example above? How were those values computed?
[code]...
View 1 Replies
View Related
May 12, 2009
Hi Guys,
here is my scenario:
I am running F10 x86_64 with Nvidia Quadro FX 3400.
I installed the drivers and it worked just fine. No errors generated according to Nvidia log files.
However, while in run level 5 when I try to switch to run level 3 by typing "telinit 3" or "init 3" the X server goes down and I get a blank screen. Same thing happens when I try to switch to a different tty session by <ctrl>+<alt>+F2 (or any F key for that matter).
I also noticed that when I shut down my system I can't see any more the screen where services are shutting down and their status ([OK] or [failed]).
Would appreciate your help on solving this issue.
View 3 Replies
View Related
Jun 17, 2010
Hey Guys, I'am new here and request your help on this:
After installing emacs and a few dependencies on my RHEL 5, on restarting the system, the keyboard was not able to work. I restarted several times in vein.
However, when I start in single mode, it works perfectly. I have tried looking for a solution from google, but in vein.
Kindly help...
Regards, Andrew
View 1 Replies
View Related
Apr 14, 2010
So, I have this application called Impact, it is an explicit time integration Finite Elements code written in Java...
[url]
I untar the pack, and launch the application calling a script, from within the untarred folder,
Code:
This launches a gui which allows me to setup a case, which needs some setup file, tipically some *.in and a mesh file, tipically some *.msh.
Other mode of executuion consists of calling the setup file as argument to Impact.sh script ( CLI execution mode, for g33k5 )
My problem is : I have packed the whole stuff into a Slackware .tgz, that places it in /usr/local/Impact, and placed a calling script in /usr/local/bin,
Code:
Code:
I decided to hack the ImpactGUI_OGL_linux_amd64.sh script from
Code:
Code:
no avail,
Code:
even after adding /usr/local/Impact/bin to PATH... won't go...
I can run this thing from within its directory... but I do not like messing within the directories of my applications, this is why I sent this to /usr/local, and placed a calling script in /usr/local/bin...
View 4 Replies
View Related
Mar 25, 2011
I suspect this is an initial configuration bug. All firewall logs seem to be going to all
three files. That causes a lot of clutter in the log files, and makes it difficult to see whether there are any serious problems being logged.
View 9 Replies
View Related
May 18, 2010
I am learning to setup firewall in my home for that i have selected four system(sys1,sys2....sys4) for testing .I have configured sys2 to act as a firewall with two NIC. sys3 and sys4 are inside the firewall . sys1 is not connected to firewall for testing purpose.
the IP assignments are follows :
sys1 : ( fedora, not connected to firewall i am thinking, But i am not sure )
IP : 192.168.2.1 ,
gateway : blank
dns1 : blank
dns2 : blank
sys2 firewall ,IPTABLES )
code....
what happened is that sys1(not connected to firewall) can ssh to sys4(connected,inside firewall),since the rules are written not to ssh form sys1 to sys4..
then I came to know whatever the request I give, It directly goes as sys1 --> sys4. Not as sys1-----> sys2(firewall)---> sys4 .and the firewall is not filtering and processing anything for both inbound and outbound (i think it's my mistake some where). the requests are directly going inside without firewall.
View 3 Replies
View Related
May 27, 2011
I'm trying to build firewall on Debian with 'Firewall Builder'. But it won't let me compile and run unless one interface is set as management. There are two interfaces on my computer: 'eth0' and 'lo'
I don't want to be able to configure firewall remotely, so could I use 'lo' as 'management interface'?
View 1 Replies
View Related
May 9, 2011
Can we use iptables as firewall instead of Juniper firewall
View 2 Replies
View Related
May 23, 2010
I just upgraded to the 10.04 and everything works just fine as before (except for skype but that really doesn't matters as it has already been 3 years I'm using ubuntu and I managed to get it to work only once, for miracle I believe ^^). The only real issue I have is this: when I start up my laptop, after the log-in, no sound will be heared as the "speaker" volume level in alsamixer is set to 0; if I raise it from the terminal running alsamixer (as I don't know any other alternative) everything plays just fine, but the next time I boot I do have to do it all over again... So, how can I change the default startup level of the "speaker" in alsamixer?
PS: by the way I do have the very same issue with the screen luminosity but the other way round as is always starts at maximum brightness and I can't manage to get it to start at the minimum, as it did before. At least reducing the backlight if far more quick but a couple of times I forget it and the battery lasted something like half an hour
View 9 Replies
View Related
