Re: block multimedia protocols

Re: block multimedia protocols

[Gáspár Lajos]

matteo@cisilino.com wrote:
> Alle 14:10, venerdì 18 agosto 2006, Rob Sterenborg ha scritto:
>   
>> On Fri, August 18, 2006 14:00, matteo@cisilino.com wrote:
>>     
>>> Hi all , I'd like to know if there's a way to block certain multimedia
>>> casting protocols , Is it possible?
>>>       
>> What do you have in mind?
>>     
> Hi rob, i want to stop streamings. I can't stop single ports becouse the 
> server can bind on many differente ports , can't block the single destination 
> ip becouse are too much , so i tought that there's a possibility to check the 
> single packet.
>
> Matteo
>
>
>
>   
I would BLOCK EVERYTHING and ENABLE SOMETHING...
It does not suit your needs ???

Swifty

block multimedia protocols

[matteo]

Hi all , I'd like to know if there's a way to block certain multimedia casting 
protocols , Is it possible?

Re: block multimedia protocols

[Rob Sterenborg]

On Fri, August 18, 2006 14:00, matteo@cisilino.com wrote:
> Hi all , I'd like to know if there's a way to block certain multimedia
> casting protocols , Is it possible?

What do you have in mind?


Gr,
Rob

Re: block multimedia protocols

[matteo]

Alle 14:10, venerdì 18 agosto 2006, Rob Sterenborg ha scritto:
> On Fri, August 18, 2006 14:00, matteo@cisilino.com wrote:
> > Hi all , I'd like to know if there's a way to block certain multimedia
> > casting protocols , Is it possible?
>
> What do you have in mind?
Hi rob, i want to stop streamings. I can't stop single ports becouse the 
server can bind on many differente ports , can't block the single destination 
ip becouse are too much , so i tought that there's a possibility to check the 
single packet.

Matteo

Re: block multimedia protocols

[matteo]

Alle 14:25, venerdì 18 agosto 2006, Gáspár Lajos ha scritto:
> matteo@cisilino.com írta:
> > Alle 14:10, venerdì 18 agosto 2006, Rob Sterenborg ha scritto:
> >> On Fri, August 18, 2006 14:00, matteo@cisilino.com wrote:
> >>> Hi all , I'd like to know if there's a way to block certain multimedia
> >>> casting protocols , Is it possible?
> >>
> >> What do you have in mind?
> >
> > Hi rob, i want to stop streamings. I can't stop single ports becouse the
> > server can bind on many differente ports , can't block the single
> > destination ip becouse are too much , so i tought that there's a
> > possibility to check the single packet.
> >
> > Matteo
>
> I would BLOCK EVERYTHING and ENABLE SOMETHING...
> It does not suit your needs ???
Block all

but as i said, cannot block in brute mode, must be selective on streams

>
> Swifty

Re: block multimedia protocols

[Gáspár Lajos]

matteo@cisilino.com wrote:
> Alle 14:25, venerdì 18 agosto 2006, Gáspár Lajos ha scritto:
>   
>> I would BLOCK EVERYTHING and ENABLE SOMETHING...
>> It does not suit your needs ???
>>     
> Block all
>
> but as i said, cannot block in brute mode, must be selective on streams
>   
Without refining your needs there is no universal solution...
What do you know about the sources/destinations/ports/streams/players ??? :)

Swifty

Re: block multimedia protocols

[Rob Sterenborg]

On Fri, August 18, 2006 14:15, matteo@cisilino.com wrote:
> Alle 14:10, venerdì 18 agosto 2006, Rob Sterenborg ha scritto:
>
>> On Fri, August 18, 2006 14:00, matteo@cisilino.com wrote:
>>
>>> Hi all , I'd like to know if there's a way to block certain multimedia
>>> casting protocols , Is it possible?
>>
>> What do you have in mind?
>>
> Hi rob, i want to stop streamings. I can't stop single ports becouse the
> server can bind on many differente ports , can't block the single destination
> ip becouse are too much , so i tought that there's a possibility to check the
>  single packet.

AFAICS you'd need helpers for that. In POM-ng (extra) are a few helpers
available, but I don't know if these cover your needs:

http://www.netfilter.org/projects/patch-o-matic/pom-extra.html#pom-extra-mms-conntrack-nat
http://www.netfilter.org/projects/patch-o-matic/pom-extra.html#pom-extra-rtsp-conntrack

You could match for MMS and RTSP traffic and then just DROP the packets.


Gr,
Rob

RE: block multimedia protocols

[Pablo Sanchez]

 

> -----Original Message-----
> From: netfilter-bounces@lists.netfilter.org 
> [mailto:netfilter-bounces@lists.netfilter.org] On Behalf Of 
> matteo@cisilino.com
> Sent: Friday, August 18, 2006 8:01 AM
> To: netfilter@lists.netfilter.org
> Subject: block multimedia protocols
> 
> Hi all , I'd like to know if there's a way to block certain 
> multimedia casting 
> protocols , Is it possible?

One thought is to use L7 (http://l7-filter.sourceforge.net/) to classify by
protocol and DROP accordingly.  I don't believe there will be a single
solution which will cover your needs so you'll have to cobble a solution
together; not terribly difficult I would think.  Try to shoot to block 95%
of the castings.  :)

-pablo

Re: block multimedia protocols

[matteo]

Alle 14:47, venerdì 18 agosto 2006, Pablo Sanchez ha scritto:
> > -----Original Message-----
> > From: netfilter-bounces@lists.netfilter.org
> > [mailto:netfilter-bounces@lists.netfilter.org] On Behalf Of
> > matteo@cisilino.com
> > Sent: Friday, August 18, 2006 8:01 AM
> > To: netfilter@lists.netfilter.org
> > Subject: block multimedia protocols
> >
> > Hi all , I'd like to know if there's a way to block certain
> > multimedia casting
> > protocols , Is it possible?
>
> One thought is to use L7 (http://l7-filter.sourceforge.net/) to classify by
> protocol and DROP accordingly.  I don't believe there will be a single
> solution which will cover your needs so you'll have to cobble a solution
> together; not terribly difficult I would think.  Try to shoot to block 95%
> of the castings.  :)
>
> -pablo