Your point of view is (my opinion) wrong. All clients pay same
money, so, use bandwidth how they want. U need to make settings, to be
shure that all users receive same bandwidth (according with contract
of course), but u not have any rights to limit some traffic. If i want
to use p2p is my
again
Cesar
- Original Message -
From: vladone [EMAIL PROTECTED]
To: freebsd-ipfw@freebsd.org
Sent: Wednesday, November 16, 2005 8:24 AM
Subject: Re[2]: String Match
Your point of view is (my opinion) wrong. All clients pay same
money, so, use bandwidth how they want. U need to make
I think Oliver is wrong.
The behavior he describe is not an excuse to do not have this feature to the
guys who use it in Linux.
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.362 / Virus Database: 267.12.8/166 - Release Date: 10/11/2005
Cesar [EMAIL PROTECTED] wrote:
Its not a bad ideia since I see a lot of people searching for P2P traffic
control/shaper.
I'm operating an ISP with 3000 broadband users ... And yes. I can call they
untrusted, but this is not the point.
In that case I'm thankful that I'm not your
IMHO this is the main disadvantage of FreeBSD and IPFW.
Sure Linux has a better support on string match for IPS.
--
Message: 1
Date: Wed, 9 Nov 2005 11:52:35 -0300
From: Cesar [EMAIL PROTECTED]
Subject: String Match
Sorry for my bad explanation ...
I want to do with ipfw what the IPP2P (http://www.ipp2p.org) do, it use a
modification in linux kernel/iptables some kind of string match to
identify P2P traffic.
Nowadays I use port based rules to limit P2P traffic, which is not a good
solution since most
traffic ... And as I know, ipfw can't do this.
And maybe this kind of string match can become useful to other things.
Cesar
- Original Message -
From: Oliver Fromme [EMAIL PROTECTED]
To: freebsd-ipfw@FreeBSD.ORG
Sent: Thursday, November 10, 2005 12:55 PM
Subject: Re: String Match
On Wednesday 09 November 2005 15:52, Cesar wrote:
An interesting thing in iptables is that option to match strings, like this
example:
iptables -A FORWARD -p TCP -m string --string BitTorrent protocol -j
REJECT --reject-with tcp-reset
iptables -A FORWARD -p TCP -m string --string GET
On Thursday 10 November 2005 11:23, Max Laier wrote:
On Wednesday 09 November 2005 15:52, Cesar wrote:
An interesting thing in iptables is that option to match strings, like
this example:
iptables -A FORWARD -p TCP -m string --string BitTorrent protocol -j
REJECT --reject-with tcp-reset