Re: content matching on tcp connections...

sorry, wrong mailing list ....

----- Original Message -----
From: "Stefan Sonnenberg-Carstens" <s.sonnenberg@coolspot.de>
To: "Craig Paterson" <craigp@tippett.com>; "Darren Reed"
<darrenr@reed.wattle.id.au>
Cc: <ipfilter@coombs.anu.edu.au>
Sent: Thursday, June 26, 2003 6:22 PM
Subject: Re: content matching on tcp connections...


>
http://licensekey.realnetworks.com/r...dex.html?ulf=b
> You can download a 12 Month period linux version (x86).
> Should work with linux-compat.
>
> ----- Original Message -----
> From: "Craig Paterson" <craigp@tippett.com>
> To: "Darren Reed" <darrenr@reed.wattle.id.au>
> Cc: <ipfilter@coombs.anu.edu.au>
> Sent: Thursday, June 26, 2003 6:08 PM
> Subject: Re: content matching on tcp connections...
>
>
> > On Thu, 2003-06-26 at 08:42, Darren Reed wrote:
> >
> > > Long ago (well almost 3 years now), I put some code into IPFilter
> > > 3.5alpha (became 4.0alpha) that does this:
> > >
> > > > # Scan for anything that looks like HTTP and redirect it to the
local
> > > > # proxy. One catch - this feature (redirect) is not yet
implemented.
> > ...
> > >
> > > With the above, there are no port numbers mentioned because the
> connection
> > > content scanning (I think limited to first 16 bytes or thereabouts) is
> done
> > > across _all_ TCP connections that go through IPFilter's state table.
> > >
> > > This kind of thing could be used to block out kazaa - completely.
> > >
> > > I think I ditched it because I didn't think it would be that useful.
> > >
> > > Should I dust this off and let it back in ?
> >
> > I'd like to experiment with it, for one. Controlling outbound traffic is
> > a big issue for us, and anything that could break mainstream P2P apps
> > would be useful.
> >
> > Thanks,
> > Craig.
> >
> >
> >
>
>
>
>