For the layer-7 patterns to work with iptables, you have to patch iptables. Here is the layer7 project URL:
http://l7-filter.sf.net
*nod* I've played with layer 7 pattern matching before on my test router at home and was very impressed with it. :)
Note: They have a skype pattern matching only the voice traffic. For some reason they don't have the one that matches the authentication packets.
Interesting...
Here is the one I use: ------- begin----- skype ^\x16\x03\x01$|^\x17\x03\x01$ -------end-------
Thanks.
*nod* This is unfortunately the very nature of these troublesome protocols. I'd also appreciate seeing your config if you could show it to us.
Sorry. Could you please tell me what config you are talking about?
As Curly from the Three Stooges would say "Soytenly!"
I'm interested in your iptables script (iptables-save) and tc script to see how you are doing things. This is more personal interest to see how others are doing things to see if I can gain any pointers.
Grant. . . .
