diff options
author | Ermal Luçi <eri@pfsense.org> | 2008-08-02 22:24:45 +0000 |
---|---|---|
committer | Ermal Luçi <eri@pfsense.org> | 2008-08-02 22:24:45 +0000 |
commit | 4ae45b1093b1a2fda98b263a5cffce9689ad109a (patch) | |
tree | c770e69156a527cbe1deb11a288dc3315c9423ca /usr/local/share/protocols/fasttrack.pat | |
parent | b5a7edb1ca42023606cde872cb8b5339d3b9837a (diff) | |
download | pfsense-4ae45b1093b1a2fda98b263a5cffce9689ad109a.zip pfsense-4ae45b1093b1a2fda98b263a5cffce9689ad109a.tar.gz |
Add protocol definitions needed by ipfw-classifyd. Basically they are copied from the ipfw-classifyd pfPort which inherits them from l7-filter project on sf.net.
Diffstat (limited to 'usr/local/share/protocols/fasttrack.pat')
-rw-r--r-- | usr/local/share/protocols/fasttrack.pat | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/usr/local/share/protocols/fasttrack.pat b/usr/local/share/protocols/fasttrack.pat new file mode 100644 index 0000000..c821ae4 --- /dev/null +++ b/usr/local/share/protocols/fasttrack.pat @@ -0,0 +1,22 @@ +# FastTrack - P2P filesharing (Kazaa, Morpheus, iMesh, Grokster, etc) +# Pattern attributes: good slow notsofast +# Protocol groups: p2p +# Wiki: http://www.protocolinfo.org/wiki/Fasttrack +# +# Tested with Kazaa Lite Resurrection 0.0.7.6F +# +# This appears to match the download connections well, but not the search +# connections (I think they are encrypted :-( ). + +fasttrack +# while this is a valid http request, this will be caught because +# the http pattern matches the response (and therefore the next packet) +# Even so, it's best to put this match earlier in the chain. +# http://cvs.berlios.de/cgi-bin/viewcvs.cgi/gift-fasttrack/giFT-FastTrack/PROTOCOL?rev=HEAD&content-type=text/vnd.viewcvs-markup + +# This pattern is kinda slow, but not too bad. +^get (/.download/[ -~]*|/.supernode[ -~]|/.status[ -~]|/.network[ -~]*|/.files|/.hash=[0-9a-f]*/[ -~]*) http/1.1|user-agent: kazaa|x-kazaa(-username|-network|-ip|-supernodeip|-xferid|-xferuid|tag)|^give [0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]?[0-9]?[0-9]? + +# This isn't much faster: +#^get (/.download/.*|/.supernode.|/.status.|/.network.*|/.files|/.hash=[0-9a-f]*/.*) http/1.1|user-agent: kazaa|x-kazaa(-username|-network|-ip|-supernodeip|-xferid|-xferuid|tag)|^give [0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]?[0-9]?[0-9]? + |