diff options
Diffstat (limited to 'src/usr/local/share/protocols/httpaudio.pat')
-rw-r--r-- | src/usr/local/share/protocols/httpaudio.pat | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/src/usr/local/share/protocols/httpaudio.pat b/src/usr/local/share/protocols/httpaudio.pat new file mode 100644 index 0000000..c6cdd9a --- /dev/null +++ b/src/usr/local/share/protocols/httpaudio.pat @@ -0,0 +1,32 @@ +# HTTP - Audio over HyperText Transfer Protocol (RFC 2616) +# Pattern attributes: good notsofast notsofast subset +# Protocol groups: streaming_audio document_retrieval ietf_draft_standard +# Wiki: http://protocolinfo.org/wiki/HTTP +# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE +# +# Usually runs on port 80 +# +# Contributed by Deepak Seshadri <dseshadri AT broadbandmaritime.com> +# +# This pattern has been tested and is believed to work well. +# +# To get or provide more information about this protocol and/or pattern: +# http://www.protocolinfo.org/wiki/HTTP +# http://lists.sourceforge.net/lists/listinfo/l7-filter-developers +# +# If you use this, you should be aware that: +# +# - they match both simple downloads of audio/video and streaming content. +# +# - blocking based on content-type encourages server +# writers/administrators to misreport content-type (which will just make +# headaches for everyone, including us), so I would strongly recommend +# shaping audio/video down to a speed that discourages use of streaming +# players without actually blocking it. +# +# - obviously, since this is a subset of HTTP, you need to match it +# earlier in your iptables rules than HTTP. + +httpaudio +http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0d -~]*(content-type: audio) + |