Re: deep packet inspection over no TLS/SSL traffic

Mon, 09 May 2022 06:34:06 -0700 

Correct it simple pass through interfaces:

root@arnuwanda:/etc# ipsecctl -sa | grep 94.72.143.163
flow esp in proto gre from 94.72.143.163 to 65.20.98.172 peer 94.72.143.163
srcid ASN1_DN//C=ES/ST=Madrid/L=Madrid/O=Telecom Lobby/OU=VPNC/CN=
choopa.telecomlobby.com dstid ASN1_DN//C=BG/ST=Lovech/L=Troyan/O=Telecom
Lobby/OU=VPNC/CN=bg.telecomlobby.com type require
flow esp out proto gre from 65.20.98.172 to 94.72.143.163 peer
94.72.143.163 srcid ASN1_DN//C=ES/ST=Madrid/L=Madrid/O=Telecom
Lobby/OU=VPNC/CN=choopa.telecomlobby.com dstid
ASN1_DN//C=BG/ST=Lovech/L=Troyan/O=Telecom Lobby/OU=VPNC/CN=
bg.telecomlobby.com type require
esp transport from 65.20.98.172 to 94.72.143.163 spi 0x7a783fbb enc
chacha20-poly1305
esp transport from 94.72.143.163 to 65.20.98.172 spi 0xa0fd6c20 enc
chacha20-poly1305
root@arnuwanda:/etc# ifconfig gre3
gre3: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1392
        description: bg.telecomlobby.com
        index 15 priority 0 llprio 6
        keepalive: timeout 5 count 2
        encap: vnetid none txprio payload rxprio packet
        groups: gre
        status: active
        tunnel: inet 65.20.98.172 --> 94.72.143.163 ttl 64 nodf ecn
        inet 10.10.9.81 --> 10.10.9.82 netmask 0xfffffffc
root@arnuwanda:/etc#

Next go out to the internet following default rdomain 0:

root@arnuwanda:/etc# route -n show  | grep default | head -n 1
default            65.20.98.1         UGS       12 835576762     -     8
vio0
root@arnuwanda:/etc#

Vultr has physical sites in all europe but they apply DMCA worldwide!!!!!

On Mon, May 9, 2022 at 11:22 AM Stuart Henderson <[email protected]>
wrote:

> On 2022/05/09 10:46, Riccardo Giuntoli wrote:
> > Yes I know. With rdomains and pair it would be nice to write a daemon
> > that inspect L7 search for bittorrent identification and take action
> > above those packets.
> > Yes. DMCA is a complete overkill. Vultr applies it. When business will
>
> It doesn't make sense though, DMCA relates to hosted content, you aren't
> hosting on the VPS though, right? If I understand correctly you just
> route through it?
>
> > grow I will host in some data center a pair of servers and do vmd
> > machines. But I've got to register for RIPE, get an IPv4 and IPv6
> > class, and so on. It's a temporary solution. For now I'm using ndpi on
> > linux and changing DSCP.
>
> If you're in Europe, running this service via US-territory VPS seems a
> legal minefield and a bad idea both for network performance and privacy
> related reasons.
>
>

-- 
Name: Riccardo Giuntoli
Email: [email protected]
Location: sant Pere de Ribes, BCN, Spain
PGP Key: 0x67123739
PGP Fingerprint: CE75 16B5 D855 842FAB54 FB5C DDC6 4640 6712 3739
Key server: hkp://wwwkeys.eu.pgp.net

Reply via email to