Hi,
Use the Application Layer Packet Classifier for Linux
http://l7-filter.sourceforge.net patterns
(http://l7-filter.sourceforge.net/protocols). Off course, for fine
tunning you will may need it to capture some packets for yourself and
analyze it.
Cheers

Hello!
>> In an educational institution I use Solaris 10 on the gateway between
>> internet and internal network. I would like to filter out P2P traffic.
>> But since the P2P clients can use any port which is open for traffic, I
>> would need to do content-based filtering.
>>
>> Is possible to block P2P traffic with the IPFilter included in Solaris
>> 10? I see in the IPFilter FAQ
>> (http://www.phildev.net/ipf/IPFques.html#ques36), that you can do
>> "simple matching of content for TCP session startup" on the first 16
>> bytes. But that means I need to find out what to match for all P2P
>> protocols. Also, I could not find on docs.sun.com if this kind of rules
>> are supported in IPFilter integrated in Solaris 10.
>>
>> I do not want to block anything else except P2P. There are many
>> protocols which I would like to go though like SSH, VNC, RDC etc.
>>
>> What options are there to build such filter on Solaris? Is there any
>> other free/cheap option to do it? If not, is it possible to slow down
>> P2P traffic via IPQoS?
>>
>>
>> Regards,
>> Damjan
>>

--
This message was scanned for spam and viruses by BitDefender.
For more information please visit http://linux.bitdefender.com/

[ reply ]