From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jasper Spaans Date: Fri, 29 Aug 2003 20:43:28 +0000 Subject: Re: [LARTC] Layer 7 application blocking via tc/iptables? MIME-Version: 1 Content-Type: multipart/mixed; boundary="UlVJffcvxoiEqYs2" Message-Id: List-Id: References: In-Reply-To: To: lartc@vger.kernel.org --UlVJffcvxoiEqYs2 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Aug 30, 2003 at 08:28:38AM +1200, Steve Wright wrote: > > After I got the byte patterns and such, how might I go about > > blocking that? I can't very well set the rate to 0k or anything like > > that, so Ive been scratching my head on how to actually _block_ > > something with iproute2. Hmm, If I pull together enough info, maybe I'll > > throw together a HOWTO or something.=20 >=20 > I don't know enough to spoonfeed you on this. >=20 > Google will help. keywords ; >=20 > u32 examples iptables block match pattern If you change some keywords and use layer 7 filtering iptables after some clicking, you'll get at http://l7-filter.sourceforge.net/=20 which is somewhat less ugly than trying to parse packets using the u32 etc filters. Haven't tried it yet though, but this has far more potential. VrGr, --=20 Jasper Spaans http://jsp.vs19.net/contact/ <=3D=3D You ask questions, we make insults... =3D=3D> <=3D=3D http://www.insultant.nl/ =3D=3D> --UlVJffcvxoiEqYs2 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/T7rw1Bo4HffkuxYRAu6jAKDZLXxrCrRMSxwUBeQUtFjnZAABeQCfRiM6 G+7gEREUDuiB1lNy2K7XfKU= =lWUd -----END PGP SIGNATURE----- --UlVJffcvxoiEqYs2-- _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/