Jason Boxman wrote:
On Sunday 07 May 2006 19:43, Andrew Beverley wrote:
After varying degrees of success with p2p detection modules, I would like
to write the following rules using iptables to reliably identify p2p
traffic:
<snip>
On my network all p2p traffic falls into these categories, and I don't mind
overmatching with other traffic.
If you can, you could look into compiling and using ipp2p against your kernel.
I find it works extremely well with my p2p traffic from edonkey protocol(s).
You may have success with L7-Filter, too. You can probably use both at the
same time, but I've never tried as ipp2p works for me.
Thanks - I tried both ipp2p and l7-filter. I found that on the whole
they worked well, but on the network of 50 clients there was always a
couple that it didn't detect. I also wanted to put something in place
that didn't need upgrading - if and when I move on someone will have to
keep updating ipp2p and l7-filter on the server.
Andy
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
