LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Deep packet inspection

Deep packet inspection

Posted Jul 31, 2008 13:33 UTC (Thu) by forthy (guest, #1525)
In reply to: Deep packet inspection by dps
Parent article: Deep packet inspection

Firewalls sometimes have to inspect packet content. That's especially true for "abominations" like FTP, where the packet can contain the port number a client expects to be connected on. Or worse, the portmapper used by NFS and YP (most firewalls don't pass these), or the way Flexlm license servers work. This sort of protocols haven't been designed for firewalls.

The other reason for a firewall to look into the packets is application-level filtering. This sort of firewall consists of (transparent) web and mail proxy, and filters out spam and malware. However, this is a "you want it, you got it" type of man-in-the-middle. Different story.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds