firewall to accept or drop per program

[nomisunrider]

Does anyone have an easy way to limit traffic per program? I am trying to limit the upload speed in linuxdcpp, as it kills my internet connection if someone downloads from me.

I've tried trickle, but it always crashes (I tried the redhat EL4 rpm). Building trickle from source it also crashes. (seg fault after a while when I run linuxdcpp with trickle)

I cannot get the tuxguardian module to load.

Any help with a way to limit the traffic used by linuxdcpp would be appreciated.

Thanks.

[RJFUatHOME]

Quote:

Originally Posted by nomisunrider

Does anyone have an easy way to limit traffic per program?

Personally I wouldn't mind a solution to that problem as well.

One solution that I find has possibilities is getting the SELinux people to implement a simple on/off net access policy boolean. If an app is net enabled as you install from the repo you could possibly enable or disable net access. OK it would be an on or off solution, but with a default of off, and a check mark OK required it could add a substantial security boost.

Of course enabling this type of control would have to be an additional optional policy, but sometimes simple on/off can be quite effective, especially if the default is off.

[pete_1967]

http://openfacts.berlios.de/index-en...itle=Ldcpp_FAQ

Quote:

How about bandwidth limiting?
This will only get the client banned. There are tools to do bandwidth limiting at a lower level anyway.

[nomisunrider]

Quote:

Originally Posted by pete_1967

http://openfacts.berlios.de/index-en...itle=Ldcpp_FAQ

Thanks for your help...

If I cannot limit my bandwidth, I won't be using it anyways, as it renders my internet connection useless.

[nomisunrider]

Anyone have any suggestions?

Thanks.

[bradchaus]

try this

http://pgrd.sourceforge.net/

[nomisunrider]

Quote:

Originally Posted by bradchaus

try this

http://pgrd.sourceforge.net/

I guess I should have clarified, I'm asking for suggestions in response to my post above.


Does anyone have an easy way to limit traffic per program? I am trying to limit the upload speed in linuxdcpp, as it kills my internet connection if someone downloads from me.

I've tried trickle, but it always crashes (I tried the redhat EL4 rpm). Building trickle from source it also crashes. (seg fault after a while when I run linuxdcpp with trickle)

I cannot get the tuxguardian module to load.

Any help with a way to limit the traffic used by linuxdcpp would be appreciated.

Thanks.

[DennyCrane]

Quote:

Originally Posted by RJFUatHOME

One solution that I find has possibilities is getting the SELinux people to implement a simple on/off net access policy boolean. If an app is net enabled as you install from the repo you could possibly enable or disable net access. OK it would be an on or off solution, but with a default of off, and a check mark OK required it could add a substantial security boost.

Of course enabling this type of control would have to be an additional optional policy, but sometimes simple on/off can be quite effective, especially if the default is off.

I like that idea.

I can't believe there still aren't really any viable options for outgoing firewalls on Linux. Came across this, however:
http://linuxappfinder.com/package/linux-firewall.org

The comments are rather harsh though. I agree that it would be a little hard to justify installing this program from who knows who when it is closed source. However, the argument about checksums doesn't seem like as big of a deal to me. Most binaries are owned by root anyway, right? It is not as if they are especially likely to be compromised (and if they are, you've got bigger problems). Also, the fact that the user can turn it off doesn't completely negate its usefulness (with regards to controlling (or at least observing) Internet access for most applications).

Thoughts?

Has anyone found any other solutions that are open source as well as maintained?