* DPI and set's of users. @ 2012-10-03 11:04 Eliezer Croitoru 2012-10-05 17:32 ` Ed W 0 siblings, 1 reply; 3+ messages in thread From: Eliezer Croitoru @ 2012-10-03 11:04 UTC (permalink / raw) To: netfilter I managed to use opendpi for Deep packets inspection and it seems to be more suitable then other layer 7 DPI solutions. I have 9 categories of connections such as p2p messenger etc and I have ip addresses of users that can or cant use the service. basically the rule is to block service unless I allow the specific IP. but there is a big list of IP addresses and I need to update them on 6 machines when I change anything and needs to be effecting immediately. what is the best tool to manage big lists of IP's and to match them to a rule? it seems to me the best choice is ipset ? but I didnt understood how to use it? Thanks, Eliezer -- Eliezer Croitoru https://www1.ngtech.co.il IT consulting for Nonprofit organizations eliezer <at> ngtech.co.il ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: DPI and set's of users. 2012-10-03 11:04 DPI and set's of users Eliezer Croitoru @ 2012-10-05 17:32 ` Ed W 2012-10-08 19:08 ` Eliezer Croitoru 0 siblings, 1 reply; 3+ messages in thread From: Ed W @ 2012-10-05 17:32 UTC (permalink / raw) To: Eliezer Croitoru; +Cc: netfilter On 03/10/2012 12:04, Eliezer Croitoru wrote: > I managed to use opendpi for Deep packets inspection and it seems to > be more suitable then other layer 7 DPI solutions. Can you please test my fork of opendpi-netfilter for nDPI (the ntop fork of opendpi) https://github.com/ewildgoose/ndpi-netfilter You need svn nDPI from here: http://www.ntop.org/get-started/download/ It may support more protocols... it may crash a lot... Good luck Ed W ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: DPI and set's of users. 2012-10-05 17:32 ` Ed W @ 2012-10-08 19:08 ` Eliezer Croitoru 0 siblings, 0 replies; 3+ messages in thread From: Eliezer Croitoru @ 2012-10-08 19:08 UTC (permalink / raw) To: Ed W; +Cc: netfilter On 10/5/2012 7:32 PM, Ed W wrote: > On 03/10/2012 12:04, Eliezer Croitoru wrote: >> I managed to use opendpi for Deep packets inspection and it seems to >> be more suitable then other layer 7 DPI solutions. > > Can you please test my fork of opendpi-netfilter for nDPI (the ntop fork > of opendpi) > https://github.com/ewildgoose/ndpi-netfilter > > You need svn nDPI from here: > http://www.ntop.org/get-started/download/ > > It may support more protocols... it may crash a lot... > > Good luck > > Ed W Nice. Thanks for the info. If you would change the module canonical name from opendpi to another that will fit the ndpi it will be less of a problem in a case that it's buggy( I can revert instead of a lot of trouble). Thanks, Eliezer ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2012-10-08 19:08 UTC | newest] Thread overview: 3+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2012-10-03 11:04 DPI and set's of users Eliezer Croitoru 2012-10-05 17:32 ` Ed W 2012-10-08 19:08 ` Eliezer Croitoru
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).