Firewalls with Deep Packet Inspection (DPI)
Novell Cool Solutions: Question & Answer
Reader Rating 
Q:
Hi Tom, I appreciate your great HowTo's you're contributing to Novell Cool Solutions. I have a dumb question. I know SUSEFirewall2 offers Stateful Packet Inspection (SPI) in its firewall. However, I understand that with today's threats on the Internet, this doesn't suffice anymore. Today's dedicated Firewalls now include so called DPI or Deep Packet Inspection. I haven't seen this included in the SUSEFirewall2. Question: is there a way to add this feature? If so, how can I have this enabled? Any HowTo planned for doing so? I look forward hearing from you, Thanks! And keep up the good writing of your HowTos!
A:
Well, I don't know too much about this technical question as my head is mainly in newbie user space, but with a bit of research on the net I think I can point you to a couple of sites with the real answers. Here is a site with an explanation about DPI or Deep Packet Inspection: http://www.securityfocus.com/infocus/1716
I think this program from sourceforge does what you are asking for: http://l7-filter.sourceforge.net/
- Stomfi
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com