login
Header Space

 
 

Re: How to filter based on application protocol being used

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
To: Reyk Floeter <reyk@...>
Cc: <misc@...>
Date: Friday, May 9, 2008 - 2:53 am

Thanks for such a prompt reply.

I will not use Linux even if you pay me. It has been OpenBSD
for me for past three years and it will remain so as long as
OpenBSD remains what it stands for.

That aside, see, I have used this tool called ourmon successfully
on OpenBSD to detect P2P traffic and block the users in
conjunction with authpf and pf. The tool can do other detections
as well. It matches packets/traffic-patterns with those observed
by network admins as being related to a specific type of application
protocol. Payload is not inspected, although a grep may be
happening. It works by passively monitoring the packets flowing
by, no kernel stuff involved.

Just want to know if anyone has come up with a good solution to
this problem. If there is none yet, fine, we continue with what we
have or even partial solutions will help a bit.

Thanks for your time.

Srikant Tangirala.

On Fri, May 9, 2008 at 11:55 AM, Reyk Floeter <reyk@openbsd.org> wrote:

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:
How to filter based on application protocol being used, Srikant Tangirala, (Fri May 9, 1:10 am)
Re: How to filter based on application protocol being used, jean-philippe luiggi, (Fri May 9, 7:40 am)
Re: How to filter based on application protocol being used, Srikant Tangirala, (Fri May 9, 9:35 am)
Re: How to filter based on application protocol being used, Srikant Tangirala, (Fri May 9, 2:53 am)
speck-geostationary