Re: How to filter based on application protocol being used

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
To: Srikant Tangirala <srikant.bsd@...>
Cc: <misc@...>, Reyk Floeter <reyk@...>
Date: Friday, May 9, 2008 - 3:06 am

On Fri, May 09, 2008 at 12:23:47PM +0530, Srikant Tangirala wrote:

heh, i like your answer ;)

> That aside, see, I have used this tool called ourmon successfully

we're working on interfaces to speed up the application layer
relaying, the current way requires to rdr the traffic into userspace,
do a nat lookup on the pf socket, and forward the traffic to the
target with a second inspection. this can be done fast, but there is
some overhead. this may improve in the future when we have the ability
to migrate the relayed connections to forwarding in the kernel after
looking into the l7 header.

> Just want to know if anyone has come up with a good solution to

p2p detection is a very difficult but interesting area. but you can
also mitigate the use with other tricks, like delays, special kinds of
traffic shaping, etc.

> Thanks for your time.

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:
How to filter based on application protocol being used, Srikant Tangirala, (Fri May 9, 1:10 am)
Re: How to filter based on application protocol being used, jean-philippe luiggi, (Fri May 9, 7:40 am)
Re: How to filter based on application protocol being used, Srikant Tangirala, (Fri May 9, 9:35 am)
Re: How to filter based on application protocol being used, Srikant Tangirala, (Fri May 9, 2:53 am)
Re: How to filter based on application protocol being used, Reyk Floeter, (Fri May 9, 3:06 am)