[FUG-BR] [Fwd: Application layer classifier for ipfw]

Thiago Gomes thiagomespb em gmail.com
Quinta Julho 31 11:31:45 BRT 2008 

Patrick,

Existe uma possibildade de vc.. colocar este teste em forma de artigo ?? acho
que era isso que todos estavam procurando..


2008/7/31 Patrick Tracanelli <eksffa em freebsdbrasil.com.br>:
> Estou testando e funciona muitissimo bem. Uma forma facil de controlar p2p
> sem codigo em kernel.
>
> --
> Patrick Tracanelli
>
> FreeBSD Brasil LTDA.
> Tel.: (31) 3516-0800
> 316601 em sip.freebsdbrasil.com.br
> http://www.freebsdbrasil.com.br
> "Long live Hanin Elias, Kim Deal!"
>
>
> Hi,
>
> An Internet Cafe I do some work for was recently having problems with very
> slow internet access. It turns out customers were running P2P file sharing
> applications which were hogging all the bandwidth. I looked for  programs
> that would allow me to shape traffic according to the application layer
> protocol, but couldn't find any for FreeBSD. I found a couple: l7-filter and
> ipp2p, but these are Linux specific. So, I decided to write one. The result
> is ipfw-classifyd :
> http://people.freebsd.org/~mtm/ipfw-classifyd.tar.bz2
>
> As the name implies it uses ipfw(4) to implement a userland daemon that
> classifies TCP and UDP packets according to regular expression patterns for
> various protocols. It's intended to be used with divert(4) sockets and
> dummynet(4) so you can do traffic shaping depending on the application level
> protocol. The protocol patterns are from the l7-filter project.
>
> Basically, you use ipfw(8) to divert tcp/udp packets to the damon. It reads
> its configuration file for a list of protocols and ipfw(8) rules. Then, when
> it detects a matching session it re-injects the packet back at the specified
> rule number. The tarball has a sample configuration file and firewall script
> to get you started.
>
> While I have not done extensive testing, preliminary tests are encouraging
> and it seems to work, so I thought I'd announce it to the rest of the world
> in case anyone else is interested in this kind of application.
>
> Comments and suggestions highly appreciated.
>
> Cheers.
> --
> Mike Makonnen       | GPG-KEY: http://people.freebsd.org/~mtm/mtm.asc
> mtm @ FreeBSD.Org   | AC7B 5672 2D11 F4D0 EBF8  5279 5359 2B82 7CD4 1F55
> FreeBSD             | http://www.freebsd.org
> _______________________________________________
> freebsd-net em freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe em freebsd.org"
>
> -------------------------
> Histórico: http://www.fug.com.br/historico/html/freebsd/
> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>
>

Mais detalhes sobre a lista de discussão freebsd