NuFW, what about the mentioned per application filtering?
Posted Aug 4, 2005 21:01 UTC (Thu) by Duncan
Parent article: A look at NuFW
From the second paragraph...
> NuFW [...] allows packet filtering and
> quality of service (QoS) rules to be
> assigned by user or application[.]
The article then goes on to explain all about user based rules, but
doesn't mention application again, at all, unless by "application", the
above means "protocol", which /is/ mentioned later, but it /says/
application, /not/ protocol. Where's the description of how it deals with
For some time, since I switched from MSWormOS, I've been wondering when/if
Linux may get application based firewall permissions, similar to what
software firewalls such as Zone Alarm do on MSWormOS. It appears this
idea could go one better, by allowing full user/application based
filtering on a separate firewall, instead of having to be run on the same
machine, to be able to see that information (only the client will have to
be run on the machine with the user/app looking to authenticate).
In fact, I can see this potentially becoming very popular, very fast, with
the consumer level router appliance makers such as Netgear, Linksys/Cisco,
DLink, and the like (altho they'd have to arrange to license the
proprietary MSWormOS client), because this will now allow them to do
application level filtering at the router-appliance, something one had to
run a software firewall to get, before.
That is, of course, /provided/ this actually does application level
filtering as well as user filtering. If it doesn't do so now, I'd expect
the feature to be added, likely within a reasonable time-frame, since it's
GPLed and anyone can have at it, since the same local client that forwards
the user information should be able to pickup and forward the application
information as well.
Seriously looking forward to seeing further developments! This could be
very exciting indeed!
to post comments)