Re: Want to block HTTP(web) access but not filesharing
Re: Want to block HTTP(web) access but not filesharing
- Subject: Re: Want to block HTTP(web) access but not filesharing
- From: Peter Sichel <email@hidden>
- Date: Wed, 27 May 2009 09:03:32 -0400
On May 27, 2009, at 12:41 AM, Rahulkumar Tibdewal wrote:
I want to share my current planning on the topic is as either use
ipfw tables to add rule on http protocol
or create a kernel extension.
Can u guys please vote which is more feasible and better with
appropriate reason?
Writing and installing your own Network Kernel Extension (NKE) is a
large task not to be undertaking lightly. If you're serious about
doing this, you'll want to look at some NKE examples to see what you
are in for. [I've published part of my own NKE as one such example.]
Using ipfw will be much easier, but there is a compatibility risk. As
a shared resource, UNIX ipfw is often configured by multiple programs
with conflicting models including Mac OS X itself under certain
conditions (built-in firewall prior to 10.5, or Internet Sharing). As
long as you have access to the individual machines, you may have
sufficient control to work around other programs that use ipfw, but
ensuring this in the general case can be tricky.
Kind Regards,
- Peter
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden