From mboxrd@z Thu Jan 1 00:00:00 1970 From: N N Ashok Date: Thu, 22 May 2003 19:33:56 +0000 Subject: Re: [LARTC] layer-7 filtering is possible in linux ? Message-Id: List-Id: References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday 02 May 2003 13:05, Stef Coene scrawled: > On Friday 02 May 2003 17:58, openings wrote: > > Dear folks > > > > > > With U32 filter, I can filter packets with it's packet header. > > > > In linux, I wonder if Layer-7 filtering is possible. > > > > I want to filter packets that include specific pattern in it's > > payload(not header, data part). > > > > ex) Packets that include "aaa.exe" text pattern in it's data part. > > > > If it is possible, mail traffic that include specific text pattern can be > > filtered. > > > > I thought that above function is very useful. > > > > In Linux, is it possible? > > Iptables can filter based on text in a packet. At the same time, you can > mark the packet and that mark can be used with the fw filter. > > Stef The Layer 7 traffic policing project (http://l7-filter.sourceforge.net/) aims to do the very thing. Ashok -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE+zSYnRhXpVty0Ty4RAuPcAKCEWzShBSssfjkc6sS5Mmjs4DJkPwCcCGsQ 0o8zQUvY8NHeqscNACTcGMw 95 -----END PGP SIGNATURE----- _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/