Re: traffic normalizer for ipfw?

• Previous message: hugle: "own arp reply?"
• In reply to: Bruce M Simpson: "Re: traffic normalizer for ipfw?"
• Next in thread: Claudiu Dragalina-Paraipan: "Re: traffic normalizer for ipfw?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 20 Feb 2004 13:48:18 +0100
To: Bruce M Simpson <bms@spc.org>

What about making protocol syntax and grammar dictionnary
based filtering ?

In the way you could recognize any protocol on any port
and filter by many keys looking into protocol up to the highest
levels.

Of course this requires analysis of many protocols and writing of
many dictionaries.

But at least one company made this : http://www.qosmos.fr

On Thu, 19 Feb 2004 21:14:11 +0000
Bruce M Simpson <bms@spc.org> wrote:

> On Thu, Feb 19, 2004 at 01:02:16PM -0800, Dorin H wrote:
> > Is there some way to configure ipfw to do traffic
> > normalizing ("scrubbing", as in ipf for OpenBSD)? Is
> > there any tool to do it for FreeBSD firewalling?
> > I've heard that ipf was ported on current, anything
> > else?
>
> We're looking at bringing pf into the tree. One of the things on my
> unofficial(some would say a work of pure fiction) is to look at
> something for KaZaA filtering on BSD...
>
> If you're talking about traffic shaping, have a look at dummynet which
> is already there.
>
> BMS
> _______________________________________________
> freebsd-security@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to
> "freebsd-security-unsubscribe@freebsd.org"
>

--
===============================================================
Christophe Prevotaux      Email: c.prevotaux@hexanet.fr
HEXANET SARL                URL: http://www.hexanet.fr/
Z.A.C Les Charmilles        Tel: +33 (0)3 26 79 30 05 
3 Allée Thierry Sabine   Direct: +33 (0)3 26 61 77 72 
BP202                       Fax: +33 (0)3 26 79 30 06
51686 Reims Cedex 2 		                   
FRANCE                   HEXANET Network Operation Center             
===============================================================
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

• Previous message: hugle: "own arp reply?"
• In reply to: Bruce M Simpson: "Re: traffic normalizer for ipfw?"
• Next in thread: Claudiu Dragalina-Paraipan: "Re: traffic normalizer for ipfw?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: traffic normalizer for ipfw? ... What about making protocol syntax and grammar dictionnary ... > something for KaZaA filtering on BSD... ... > If you're talking about traffic shaping, have a look at dummynet which ... To unsubscribe, ... (freebsd-net) Re: HTTP Filter button is grayed out ... You can only configure application filtering if the rule applies to the ... RPC filtering. ... The rule must apply to an RPC protocol. ... For it to work properly I need to modify the HTTP Filter ... (microsoft.public.isa.publishing) Re: newb: netfilter/iptables ?? extension? ... "protocol" writes: ... Explain further what you expect to gain by filtering on IP ... >> pointless except in the easiest cases. ... (comp.os.linux.networking) Re: FTP Protocol = Unidentified IP traffic ... go to your "All Outbound Traficc" rule/policy and see on the ... protocol page, there you have a filtering button. ... (microsoft.public.isa) Re: Lenny: mouse srewed in OpenGL application ... changing the mouse Protocol from "auto" to "ImPS/2" did not make any changes - and according to the log file xorg can deal with the 'auto' protocol. ... Everything worked fine as usually until I wanted to use a graphics program ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ... (Debian-User)