Internset Service Database in pfSense
-
Hi there,
dont know if this is the right place or someone got an answer to that but is there a similiar database for the Internet Service identification as in fortigate / fortinet? It would be really nice if there would be such list to maybe allow / traffic shape this traffic accordingly to there service identification instead of ports and manual handling.
Just a thought maybe someone already pointed that out or gave that as an Feature Request, didnt find anything so far.
Kind regards,
-
@sysadminfromhell Are you thinking about something similar to Snort App ID perhaps? Can't find it now, but I think I have seen a long thread about that in the IDS/IPS section.
-
pfSense is the router firewall from heaven.
Nothing is limited or forbidden by default.
If there is a limit, it's the admin .. ;)
More serious : I think I understand what you mean. No such thing exist. but there is this : Firewall > Traffic Shaper > Wizards.
In the good old days, a 'router' could look into the data part of an Ethernet packet and see what a user (device) was doing, and make decisions based on what it found.
These days, all the router sees :
Source and destination IP.
Source and destination port.
A sequence number.
A time stamp.
The size of the payload and packet.
A couple of flags.
And the payload itself.And forget about the payload, it's encrypted with some TLS (that what we wanted, right ;)).
All the other info : pretty random actually.
So, how to draw useful info from noise ? -
Some services are pre-defined in the shaper wizard but it's by no means definitive.
