Kazaa and iptables
Mark T. Valites
valites at geneseo.edu
Wed Apr 23 12:19:40 EDT 2003
On Wed, 23 Apr 2003, Justin Bennett wrote:
> I think I need to look for connect strings and such in the packets. I
> think it's going to be a bear. Anyone had any luck with string matches
> in IP tables I've never played with it.
The string matching capabilites in IPTables are also experimental. The
problem with string matching is that all connections are fragmented into
packets. You will probably have a great deal of difficulty matching
against a string - what you're trying to do may not even be possible. But
if you are able to snag a packet with a certain string in it, you could
then mark the entire connection as "bad" with the stateful inspection
tracking in IPTables. The ip_conntrack table may be helpfull to you for
this.
I wouldn't spend a lot of time looking into it, but instead spend your
time on figuring out packet shaping instead.
--
Mark T. Valites
Unix Systems Analyst
CIT - SUNY Geneseo
>--))> >--))>
More information about the nflug
mailing list