Thanks for the reply Jorge. Some people asked me to block file transfer through MSN. So a tough using string match support was a good idea, since there is a Content Type filed in the Application header. This content type is different for some of MSN's functions and file transfer is one of them. I tried something with squid, but wasn't successful. MSN uses the same port for IM and file transfer, at least that's what I saw at the logs. I tested the string match support against file transfer with MSN and it worked fine. Now I need to know how it will affect the firewall (overhead, etc) Best regards, ---- Filipe Mordhorst Brasil - SC -----Mensagem original----- De: Jorge Davila [mailto:davila@xxxxxxxxxxxxxxxxxxxxxxx] Enviada em: quinta-feira, 4 de maio de 2006 11:18 Para: Filipe Mordhorst Cc: netfilter@xxxxxxxxxxxxxxxxxxx Assunto: Re: New rule impact With the string match you can not be sure that the string that you want compares is encapsulated in a single packet, then that mechanics does not work well if you want block some URLs. I don't know what you want but if you want block http traffic maybe is better for you squid. Hope this help. Jorge.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
