kazaaa is making me crazy!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



im trying to debug how cpu consuming could be the string match.
is it a lineal function? i mean..

1 Mbit -> 1024/8 Kbytes

supossaing mtu payload is 1500 bytes, i have in 1 megabit
[(1024/8)*1000]*1500 = 1920000000 packets

anorther thing..this rule just filter the initial download request..that
would be okay if oyu want filter completely, but if you want to slwo
down (i mean using tc/htb/fwmarks) you wouldnt be matching the hole
download, only the request...

iptables -t mangle -A PREROUTING -p tcp -m --string "Kazaa" -j DROP


any comment, any idea?



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux