String Match
Oliver Fromme
olli at lurza.secnetix.de
Thu Nov 10 07:55:49 PST 2005
Cesar <listas at itm.net.br> wrote:
>
> Sorry for my bad explanation ...
>
> I want to do with ipfw what the IPP2P (http://www.ipp2p.org) do, it use a
> modification in linux kernel/iptables some kind of "string match" to
> identify P2P traffic.
Which is basically a bad idea, as I have explained in my
previous mail.
> Nowadays I use port based rules to limit P2P traffic, which is not a good
> solution since most of P2P programs are using random ports.
May I ask why do you need to do that? Are you operating
an internet router for untrusted users?
Best regards
Oliver
--
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing
Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd
Any opinions expressed in this message may be personal to the author
and may not necessarily reflect the opinions of secnetix in any way.
"I invented Ctrl-Alt-Delete, but Bill Gates made it famous."
-- David Bradley, original IBM PC design team
More information about the freebsd-ipfw
mailing list