You will go to develop a version to work with PF ?
Mike Makonnen escreveu:
Hi,
An Internet Cafe I do some work for was recently having problems with
very slow internet access. It turns out customers were running P2P
file sharing applications which were hogging all the bandwidth. I
looked for programs that would allow me to shape traffic according to
the application layer protocol, but couldn't find any for FreeBSD. I
found a couple: l7-filter and ipp2p, but these are Linux specific. So,
I decided to write one. The result is ipfw-classifyd :
http://people.freebsd.org/~mtm/ipfw-classifyd.tar.bz2
As the name implies it uses ipfw(4) to implement a userland daemon
that classifies TCP and UDP packets according to regular expression
patterns for various protocols. It's intended to be used with
divert(4) sockets and dummynet(4) so you can do traffic shaping
depending on the application level protocol. The protocol patterns are
from the l7-filter project.
Basically, you use ipfw(8) to divert tcp/udp packets to the damon. It
reads its configuration file for a list of protocols and ipfw(8)
rules. Then, when it detects a matching session it re-injects the
packet back at the specified rule number. The tarball has a sample
configuration file and firewall script to get you started.
While I have not done extensive testing, preliminary tests are
encouraging and it seems to work, so I thought I'd announce it to the
rest of the world in case anyone else is interested in this kind of
application.
Comments and suggestions highly appreciated.
Cheers.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
