Changeset 15544


Ignore:
Timestamp:
2009-05-01T17:20:34+02:00 (9 years ago)
Author:
hauke
Message:

[iptables] Update layer7 rules

Location:
trunk/package/iptables/files/l7
Files:
16 edited

Legend:

Unmodified
Added
Removed
  • trunk/package/iptables/files/l7/aim.pat

    r9582 r15544  
    33# Protocol groups: chat proprietary 
    44# Wiki: http://www.protocolinfo.org/wiki/AIM 
     5# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 
    56# 
    67# Usually runs on port 5190 
  • trunk/package/iptables/files/l7/bittorrent.pat

    r9582 r15544  
    11# Bittorrent - P2P filesharing / publishing tool - http://www.bittorrent.com 
    2 # Pattern attributes: good slow notsofast undermatch 
     2# Pattern attributes: good slow594 notsofast undermatch 
    33# Protocol groups: p2p open_source 
    44# Wiki: http://www.protocolinfo.org/wiki/Bittorrent 
     5# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 
    56# 
    67# This pattern has been tested and is believed to work well. 
    78# It will, however, not work on bittorrent streams that are encrypted, since 
    8 # it's impossible to match encrypted data (unless the encryption is extremely  
    9 # weak, like rot13 or something...). 
     9# it's impossible to match (well) encrypted data. 
    1010 
    1111bittorrent 
     
    1717# Ditto on the next bit.  Could also match on "user-agent: azureus", but that's in the next 
    1818# packet and perhaps this will match multiple clients. 
    19  
    20 # Recently the ^ was removed from before \x13.  I think this was an accident, 
    21 # so I have restored it. 
     19# bitcomet-specific strings contributed by liangjun. 
    2220 
    2321# This is not a valid GNU basic regular expression (but that's ok). 
    24 ^(\x13bittorrent protocol|azver\x01$|get /scrape\?info_hash=)|d1:ad2:id20:|\x08'7P\)[RP] 
     22^(\x13bittorrent protocol|azver\x01$|get /scrape\?info_hash=get /announce\?info_hash=|get /client/bitcomet/|GET /data\?fid=)|d1:ad2:id20:|\x08'7P\)[RP] 
    2523 
    2624# This pattern is "fast", but won't catch as much 
  • trunk/package/iptables/files/l7/edonkey.pat

    r9582 r15544  
    33# Protocol groups: p2p 
    44# Wiki: http://www.protocolinfo.org/wiki/EDonkey 
     5# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 
    56# 
    67# Tested recently (April/May 2006) with eMule 0.47a and eDonkey2000 1.4 
  • trunk/package/iptables/files/l7/fasttrack.pat

    r9582 r15544  
    33# Protocol groups: p2p 
    44# Wiki: http://www.protocolinfo.org/wiki/Fasttrack 
     5# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 
    56# 
    67# Tested with Kazaa Lite Resurrection 0.0.7.6F 
  • trunk/package/iptables/files/l7/ftp.pat

    r9582 r15544  
    33# Protocol groups: document_retrieval ietf_internet_standard 
    44# Wiki: http://protocolinfo.org/wiki/FTP 
     5# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 
    56# 
    67# Usually runs on port 21.  Note that the data stream is on a dynamically 
  • trunk/package/iptables/files/l7/gnutella.pat

    r9582 r15544  
    33# Protocol groups: p2p open_source 
    44# Wiki: http://www.protocolinfo.org/wiki/Gnutella 
     5# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 
    56# 
    67# This should match both Gnutella and "Gnutella2" ("Mike's protocol") 
  • trunk/package/iptables/files/l7/http.pat

    r9582 r15544  
    33# Protocol groups: document_retrieval ietf_draft_standard 
    44# Wiki: http://protocolinfo.org/wiki/HTTP 
     5# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 
    56# 
    67# Usually runs on port 80 
  • trunk/package/iptables/files/l7/ident.pat

    r9582 r15544  
    33# Protocol groups: networking ietf_proposed_standard 
    44# Wiki: http://www.protocolinfo.org/wiki/Ident 
     5# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 
    56# 
    67# Usually runs on port 113 
  • trunk/package/iptables/files/l7/irc.pat

    r9582 r15544  
    33# Protocol groups: chat ietf_proposed_standard 
    44# Wiki: http://www.protocolinfo.org/wiki/IRC 
     5# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 
    56# 
    67# Usually runs on port 6666 or 6667 
  • trunk/package/iptables/files/l7/jabber.pat

    r9582 r15544  
    33# Protocol groups: chat ietf_proposed_standard 
    44# Wiki: http://www.protocolinfo.org/wiki/Jabber 
     5# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 
    56# 
    67# This pattern has been tested with Gaim and Gabber.  It is only tested  
  • trunk/package/iptables/files/l7/msnmessenger.pat

    r9582 r15544  
    33# Protocol groups: chat proprietary 
    44# Wiki: http://www.protocolinfo.org/wiki/MSN_Messenger 
     5# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 
    56# 
    67# Usually uses TCP port 1863 
  • trunk/package/iptables/files/l7/ntp.pat

    r9582 r15544  
    33# Protocol groups: time_synchronization ietf_draft_standard 
    44# Wiki: http://www.protocolinfo.org/wiki/NTP 
     5# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 
    56# 
    67# This pattern is tested and is believed to work. 
  • trunk/package/iptables/files/l7/pop3.pat

    r9582 r15544  
    33# Protocol groups: mail ietf_internet_standard 
    44# Wiki: http://www.protocolinfo.org/wiki/POP 
     5# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 
    56# 
    67# This pattern has been tested somewhat. 
  • trunk/package/iptables/files/l7/smtp.pat

    r9582 r15544  
    33# Protocol groups: mail ietf_internet_standard 
    44# Wiki: http://www.protocolinfo.org/wiki/SMTP 
     5# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 
    56# 
    67# usually runs on port 25 
  • trunk/package/iptables/files/l7/ssl.pat

    r9582 r15544  
    33# Protocol groups: secure ietf_proposed_standard 
    44# Wiki: http://www.protocolinfo.org/wiki/SSL 
     5# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 
    56# 
    67# Usually runs on port 443 
  • trunk/package/iptables/files/l7/vnc.pat

    r9582 r15544  
    33# Protocol groups: remote_access 
    44# Wiki: http://www.protocolinfo.org/wiki/VNC 
     5# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 
    56# 
    67# http://www.realvnc.com/documentation.html 
Note: See TracChangeset for help on using the changeset viewer.