From: Klaus <klaus@ipp2p.org>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] linux box as vlan p2p limiter and firewall?
Date: Fri, 24 Mar 2006 17:39:04 +0000 [thread overview]
Message-ID: <44242EB8.2030006@ipp2p.org> (raw)
In-Reply-To: <1143110605.17746.45.camel@localhost>
Hi,
Andraz Sraka wrote:
> re
>
> On Thu, 2006-03-23 at 19:20 -0500, Jason Boxman wrote:
>
>
>>I like L7, but be sure you're ready to write some pattern matches. I've been
>>using ipp2p[1] and it matches all my p2p traffic. ymmv of course.
>>
>>[1] http://www.ipp2p.org/
>
>
> can newer 2.6 (2.6.15.x) kernels be patched with ipp2p ? As far as I've
> compared the two them, the only difference (that I've noticed) is that
> L7 uses patterns from userspace (written somewhere on file system);
Yes and no,
l7filter uses regular expressions as pattern matches, which is slower
and in some situations inaccurate. For exapmle you cannot compare one or
two bytes with the packet length.
example:
http://l7-filter.sourceforge.net/layer7-protocols/protocols/edonkey.pat
<snip>
# God this is a mess. What an irritating protocol.
# This will match about 1% of streams with random data in them!
</snip>
This means 1 % packets will be matched by l7filter as edonkey.
So almost all longer connections will get matched as edonkey, which
might make this filter unusable.
ipp2p is specialized to match p2p traffic by high optimized worst case
stable layer 7 matches. It also tries to avoid missdetections as good as
possible.
I think if you would like to do a complete traffic shaping for
http,ftp,.., try l7filter. But for p2p, I would recommend ipp2p !
regards,
Klaus, maintainer of ipp2p
>
> regards,
> Andraz
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
next prev parent reply other threads:[~2006-03-24 17:39 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-03-23 10:43 [LARTC] linux box as vlan p2p limiter and firewall? Andraz Sraka
2006-03-23 15:58 ` Carlos Blanquer
2006-03-23 16:10 ` Andraz Sraka
2006-03-23 16:16 ` Andraz Sraka
2006-03-23 16:18 ` Roberto Scattini
2006-03-23 16:28 ` Philip Gaw
2006-03-23 16:29 ` Philip Gaw
2006-03-23 16:39 ` Andraz Sraka
2006-03-24 0:20 ` Jason Boxman
2006-03-24 16:54 ` Andraz Sraka
2006-03-24 17:39 ` Klaus [this message]
2006-03-24 19:07 ` Jason Boxman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=44242EB8.2030006@ipp2p.org \
--to=klaus@ipp2p.org \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.