Protocol filter capabilities
Thiago Damas
tdamas at gmail.com
Thu Nov 24 05:47:24 PST 2005
I have a program that implements this, via divert socket with ipfw.
I think the better way to do this is with a program that listens
with bfp/pcap, and inserts/deletes rules using ioctls in /dev/pf
For now, I'm trying to alter a queue, given a state, using /dev/pf,
but it doesnt seen easy. Altering the queue I can limit the bandwidth
of a protocol; if I want to block the protocol, I can just delete the
state of the firewall.
Have you some ideas?
2005/11/23, Alexandre DELAY <alexandre.delay at free.fr>:
> hi guys,
>
> I am looking for an efficient way to filter different protocols, such as
> edonkey or BEEP.
> For the moment, I think that pf doesn't support it.
>
> Don't you think that it would be a nice thing to be able to include such
> "filters" from, for example, ethereal?
> Ethereal support more than 34k different protocols. It woul be nice to be
> able to choose from those filters and to apply some rules according to those
> filters.
>
> Do you know a way to do this?
>
> Cheers
>
> Alex
>
> _______________________________________________
> freebsd-pf at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-pf
> To unsubscribe, send any mail to "freebsd-pf-unsubscribe at freebsd.org"
>
More information about the freebsd-pf
mailing list