On Sam, 2001-10-13 at 22:37, Alvaro Reguly wrote: > > Hello, I want to filter out KaZaA/Morpheus > IMesh gnutella and the like from our administrative LAN.
I think about the most "intelligent" way to filter all those out would be protocoll matching... with iptables it's possible to search packets for strings... (not in the kernel, needs patch-o-matic) (I'd advice to only search in SYN packets... could be CPU Hog) This would need quite a bit of sniffing and/or protocol workout, but ought to be able to get all the peer-peer protocols without port-blocking (Gnutella seems to use "GNUTELLA CONNECT/0.4", e.g.) > Thanks in advance. > > A. Reguly MFG, Christian Wendt
