[LARTC] Detecting p2p traffic
Andrew Beverley
andy at andybev.com
Mon May 22 08:26:35 CEST 2006
Jason Boxman wrote:
> On Sunday 07 May 2006 19:43, Andrew Beverley wrote:
>> After varying degrees of success with p2p detection modules, I would like
>> to write the following rules using iptables to reliably identify p2p
>> traffic:
>>
> <snip>
>> On my network all p2p traffic falls into these categories, and I don't mind
>> overmatching with other traffic.
>
> If you can, you could look into compiling and using ipp2p against your kernel.
> I find it works extremely well with my p2p traffic from edonkey protocol(s).
> You may have success with L7-Filter, too. You can probably use both at the
> same time, but I've never tried as ipp2p works for me.
Thanks - I tried both ipp2p and l7-filter. I found that on the whole
they worked well, but on the network of 50 clients there was always a
couple that it didn't detect. I also wanted to put something in place
that didn't need upgrading - if and when I move on someone will have to
keep updating ipp2p and l7-filter on the server.
Andy
More information about the LARTC
mailing list