[Wine] Re: creating built-in firewall for Wine

Boriso wineforum-user at winehq.org
Wed Apr 6 14:43:15 CDT 2011


DanKegel wrote:
> Maybe we're talking about different things.  "Firewall" traditinally
> means "a network filtering device that makes decisions purely
> based upon network traffic".    That's the kind of thing I pointed
> you to in my previous message.
> 
> You might be thinking of the expanded definition used by Microsoft:
> "a network filtering device that makes decisions based upon
> what executable is trying to do the networking".
> Is that what you're after?

Yes, I was looking for ability to filter network actions for particular programs.

I'm new to Linux, so from my view network packet filtering is made by hardware router, but additional programs could provide filtering based on filtering. Although on windows firewall was one of the first software type I installed, but under Ubuntu I still did nothing about it...



DanKegel wrote:
> The latter type of filtering is probably possible on Linux by
> using selinux or apparmor, and would be much more secure
> than trying to do it at the wine layer.
> Please give that a try.

SELinux and AppArmor are great, but could they be easily used for specific programs running under Wine? So you can start different programs and they would have different restrictions?


DanKegel wrote:
> Why don't you want to use a native firewall?

In short because native firewall knows almost nothing about the program. (But I could be mistaken.) 

Here is an example. Some windows internet security programs ("firewalls") have a module that could be used for ads filtering. In the simplest form they filter traffic based on keywords and image sizes. The same could be done with AdBlock add-in for Firefox, but the flexibility of the later is greater. Moreover one could use very smart rules, because ads are filtered where they must be presented (in browser).







More information about the wine-users mailing list