From d65c61130ae616c372dd4ef73632bcbaf5d058d8 Mon Sep 17 00:00:00 2001 From: Chris Buechler Date: Fri, 20 Nov 2015 20:06:48 -0600 Subject: Remove layer7 components. Ticket #5508 --- .../local/share/locale/en/LC_MESSAGES/pfSense.pot | 122 +--- .../local/share/locale/ja/LC_MESSAGES/pfSense.po | 192 +------ .../share/locale/pt_BR/LC_MESSAGES/pfSense.po | 151 +---- .../local/share/locale/tr/LC_MESSAGES/pfSense.po | 125 +---- src/usr/local/share/protocols/100bao.pat | 12 - src/usr/local/share/protocols/EAOrigin.pat | 7 - src/usr/local/share/protocols/LICENSE | 605 -------------------- src/usr/local/share/protocols/aim.pat | 28 - src/usr/local/share/protocols/aimwebcontent.pat | 10 - src/usr/local/share/protocols/any.pat | 8 - src/usr/local/share/protocols/applejuice.pat | 12 - src/usr/local/share/protocols/ares.pat | 63 --- src/usr/local/share/protocols/armagetron.pat | 12 - src/usr/local/share/protocols/audiogalaxy.pat | 19 - src/usr/local/share/protocols/battlefield1942.pat | 14 - src/usr/local/share/protocols/battlefield2.pat | 26 - src/usr/local/share/protocols/battlefield2142.pat | 14 - src/usr/local/share/protocols/bgp.pat | 19 - src/usr/local/share/protocols/biff.pat | 16 - src/usr/local/share/protocols/bittorrent.pat | 25 - src/usr/local/share/protocols/chikka.pat | 17 - src/usr/local/share/protocols/cimd.pat | 19 - src/usr/local/share/protocols/ciscovpn.pat | 11 - src/usr/local/share/protocols/citrix.pat | 12 - src/usr/local/share/protocols/code_red.pat | 8 - .../local/share/protocols/counterstrike-source.pat | 42 -- src/usr/local/share/protocols/cvs.pat | 14 - .../local/share/protocols/dayofdefeat-source.pat | 11 - src/usr/local/share/protocols/dazhihui.pat | 11 - src/usr/local/share/protocols/dhcp.pat | 36 -- src/usr/local/share/protocols/directconnect.pat | 14 - src/usr/local/share/protocols/dns.pat | 63 --- src/usr/local/share/protocols/doom3.pat | 10 - src/usr/local/share/protocols/edonkey.pat | 37 -- src/usr/local/share/protocols/exe.pat | 20 - src/usr/local/share/protocols/fasttrack.pat | 23 - src/usr/local/share/protocols/finger.pat | 15 - src/usr/local/share/protocols/flash.pat | 18 - src/usr/local/share/protocols/freenet.pat | 10 - src/usr/local/share/protocols/ftp.pat | 46 -- src/usr/local/share/protocols/gif.pat | 8 - src/usr/local/share/protocols/gkrellm.pat | 13 - src/usr/local/share/protocols/gnucleuslan.pat | 10 - src/usr/local/share/protocols/gnutella.pat | 34 -- src/usr/local/share/protocols/goboogy.pat | 13 - src/usr/local/share/protocols/gopher.pat | 25 - src/usr/local/share/protocols/gtalk.pat | 11 - src/usr/local/share/protocols/guildwars.pat | 14 - src/usr/local/share/protocols/h323.pat | 36 -- .../local/share/protocols/halflife2-deathmatch.pat | 10 - src/usr/local/share/protocols/hddtemp.pat | 14 - src/usr/local/share/protocols/hotline.pat | 12 - src/usr/local/share/protocols/html.pat | 11 - src/usr/local/share/protocols/http-dap.pat | 19 - .../local/share/protocols/http-freshdownload.pat | 17 - src/usr/local/share/protocols/http-itunes.pat | 14 - src/usr/local/share/protocols/http-rtsp.pat | 16 - src/usr/local/share/protocols/http.pat | 28 - src/usr/local/share/protocols/httpaudio.pat | 32 -- src/usr/local/share/protocols/httpcachehit.pat | 19 - src/usr/local/share/protocols/httpcachemiss.pat | 17 - src/usr/local/share/protocols/httpvideo.pat | 32 -- src/usr/local/share/protocols/ident.pat | 15 - src/usr/local/share/protocols/imap.pat | 14 - src/usr/local/share/protocols/imesh.pat | 15 - src/usr/local/share/protocols/ipp.pat | 12 - src/usr/local/share/protocols/irc.pat | 20 - src/usr/local/share/protocols/jabber.pat | 24 - src/usr/local/share/protocols/jpeg.pat | 8 - src/usr/local/share/protocols/kugoo.pat | 21 - src/usr/local/share/protocols/live365.pat | 15 - src/usr/local/share/protocols/liveforspeed.pat | 13 - src/usr/local/share/protocols/lpd.pat | 18 - src/usr/local/share/protocols/mohaa.pat | 11 - src/usr/local/share/protocols/mp3.pat | 11 - src/usr/local/share/protocols/msn-filetransfer.pat | 30 - src/usr/local/share/protocols/msnmessenger.pat | 28 - src/usr/local/share/protocols/mute.pat | 11 - src/usr/local/share/protocols/napster.pat | 24 - src/usr/local/share/protocols/nbns.pat | 20 - src/usr/local/share/protocols/ncp.pat | 23 - src/usr/local/share/protocols/netbios.pat | 29 - src/usr/local/share/protocols/nimda.pat | 8 - src/usr/local/share/protocols/nntp.pat | 21 - src/usr/local/share/protocols/ntp.pat | 17 - src/usr/local/share/protocols/ogg.pat | 7 - src/usr/local/share/protocols/openft.pat | 13 - src/usr/local/share/protocols/pcanywhere.pat | 12 - src/usr/local/share/protocols/pdf.pat | 11 - src/usr/local/share/protocols/perl.pat | 7 - src/usr/local/share/protocols/png.pat | 13 - src/usr/local/share/protocols/poco.pat | 12 - src/usr/local/share/protocols/pop3.pat | 50 -- src/usr/local/share/protocols/postscript.pat | 7 - src/usr/local/share/protocols/pplive.pat | 11 - src/usr/local/share/protocols/pressplay.pat | 15 - src/usr/local/share/protocols/qq.pat | 26 - src/usr/local/share/protocols/quake-halflife.pat | 32 -- src/usr/local/share/protocols/quake1.pat | 19 - src/usr/local/share/protocols/quicktime.pat | 21 - src/usr/local/share/protocols/radmin.pat | 17 - src/usr/local/share/protocols/rar.pat | 7 - src/usr/local/share/protocols/rdp.pat | 20 - src/usr/local/share/protocols/replaytv-ivs.pat | 11 - src/usr/local/share/protocols/rlogin.pat | 19 - src/usr/local/share/protocols/rpm.pat | 7 - src/usr/local/share/protocols/rtf.pat | 8 - src/usr/local/share/protocols/rtmp.pat | 13 - src/usr/local/share/protocols/rtp.pat | 33 -- src/usr/local/share/protocols/rtsp.pat | 15 - src/usr/local/share/protocols/runesofmagic.pat | 63 --- src/usr/local/share/protocols/shoutcast.pat | 27 - src/usr/local/share/protocols/sip.pat | 20 - src/usr/local/share/protocols/skypeout.pat | 50 -- src/usr/local/share/protocols/skypetoskype.pat | 14 - src/usr/local/share/protocols/smb.pat | 19 - src/usr/local/share/protocols/smtp.pat | 40 -- src/usr/local/share/protocols/snmp-mon.pat | 32 -- src/usr/local/share/protocols/snmp-trap.pat | 33 -- src/usr/local/share/protocols/snmp.pat | 19 - src/usr/local/share/protocols/socks.pat | 32 -- src/usr/local/share/protocols/soribada.pat | 51 -- src/usr/local/share/protocols/soulseek.pat | 17 - src/usr/local/share/protocols/ssdp.pat | 21 - src/usr/local/share/protocols/ssh.pat | 17 - src/usr/local/share/protocols/ssl.pat | 16 - src/usr/local/share/protocols/stun.pat | 46 -- src/usr/local/share/protocols/subspace.pat | 21 - src/usr/local/share/protocols/subversion.pat | 13 - src/usr/local/share/protocols/swf.pat | 2 - src/usr/local/share/protocols/tar.pat | 12 - src/usr/local/share/protocols/teamfortress2.pat | 11 - src/usr/local/share/protocols/teamspeak.pat | 15 - src/usr/local/share/protocols/telnet.pat | 16 - src/usr/local/share/protocols/tesla.pat | 15 - src/usr/local/share/protocols/tftp.pat | 21 - src/usr/local/share/protocols/thecircle.pat | 12 - src/usr/local/share/protocols/tonghuashun.pat | 11 - src/usr/local/share/protocols/tor.pat | 17 - src/usr/local/share/protocols/tsp.pat | 14 - src/usr/local/share/protocols/unset.pat | 8 - src/usr/local/share/protocols/uucp.pat | 12 - src/usr/local/share/protocols/validcertssl.pat | 25 - src/usr/local/share/protocols/ventrilo.pat | 18 - src/usr/local/share/protocols/vnc.pat | 23 - src/usr/local/share/protocols/whois.pat | 14 - src/usr/local/share/protocols/worldofwarcraft.pat | 66 --- src/usr/local/share/protocols/x11.pat | 23 - src/usr/local/share/protocols/xboxlive.pat | 41 -- src/usr/local/share/protocols/xunlei.pat | 83 --- src/usr/local/share/protocols/yahoo.pat | 27 - src/usr/local/share/protocols/zip.pat | 7 - src/usr/local/share/protocols/zmaap.pat | 18 - src/usr/local/www/diag_patterns.php | 125 ----- src/usr/local/www/firewall_rules_edit.php | 25 +- src/usr/local/www/firewall_shaper.php | 1 - src/usr/local/www/firewall_shaper_layer7.php | 613 --------------------- src/usr/local/www/firewall_shaper_queues.php | 1 - src/usr/local/www/firewall_shaper_vinterface.php | 1 - src/usr/local/www/firewall_shaper_wizards.php | 1 - src/usr/local/www/guiconfig.inc | 3 - src/usr/local/www/help.php | 2 - src/usr/local/www/system_hasync.php | 9 - 163 files changed, 9 insertions(+), 4970 deletions(-) delete mode 100644 src/usr/local/share/protocols/100bao.pat delete mode 100644 src/usr/local/share/protocols/EAOrigin.pat delete mode 100644 src/usr/local/share/protocols/LICENSE delete mode 100644 src/usr/local/share/protocols/aim.pat delete mode 100644 src/usr/local/share/protocols/aimwebcontent.pat delete mode 100644 src/usr/local/share/protocols/any.pat delete mode 100644 src/usr/local/share/protocols/applejuice.pat delete mode 100644 src/usr/local/share/protocols/ares.pat delete mode 100644 src/usr/local/share/protocols/armagetron.pat delete mode 100644 src/usr/local/share/protocols/audiogalaxy.pat delete mode 100644 src/usr/local/share/protocols/battlefield1942.pat delete mode 100644 src/usr/local/share/protocols/battlefield2.pat delete mode 100644 src/usr/local/share/protocols/battlefield2142.pat delete mode 100644 src/usr/local/share/protocols/bgp.pat delete mode 100644 src/usr/local/share/protocols/biff.pat delete mode 100644 src/usr/local/share/protocols/bittorrent.pat delete mode 100644 src/usr/local/share/protocols/chikka.pat delete mode 100644 src/usr/local/share/protocols/cimd.pat delete mode 100644 src/usr/local/share/protocols/ciscovpn.pat delete mode 100644 src/usr/local/share/protocols/citrix.pat delete mode 100644 src/usr/local/share/protocols/code_red.pat delete mode 100644 src/usr/local/share/protocols/counterstrike-source.pat delete mode 100644 src/usr/local/share/protocols/cvs.pat delete mode 100644 src/usr/local/share/protocols/dayofdefeat-source.pat delete mode 100644 src/usr/local/share/protocols/dazhihui.pat delete mode 100644 src/usr/local/share/protocols/dhcp.pat delete mode 100644 src/usr/local/share/protocols/directconnect.pat delete mode 100644 src/usr/local/share/protocols/dns.pat delete mode 100644 src/usr/local/share/protocols/doom3.pat delete mode 100644 src/usr/local/share/protocols/edonkey.pat delete mode 100644 src/usr/local/share/protocols/exe.pat delete mode 100644 src/usr/local/share/protocols/fasttrack.pat delete mode 100644 src/usr/local/share/protocols/finger.pat delete mode 100644 src/usr/local/share/protocols/flash.pat delete mode 100644 src/usr/local/share/protocols/freenet.pat delete mode 100644 src/usr/local/share/protocols/ftp.pat delete mode 100644 src/usr/local/share/protocols/gif.pat delete mode 100644 src/usr/local/share/protocols/gkrellm.pat delete mode 100644 src/usr/local/share/protocols/gnucleuslan.pat delete mode 100644 src/usr/local/share/protocols/gnutella.pat delete mode 100644 src/usr/local/share/protocols/goboogy.pat delete mode 100644 src/usr/local/share/protocols/gopher.pat delete mode 100644 src/usr/local/share/protocols/gtalk.pat delete mode 100644 src/usr/local/share/protocols/guildwars.pat delete mode 100644 src/usr/local/share/protocols/h323.pat delete mode 100644 src/usr/local/share/protocols/halflife2-deathmatch.pat delete mode 100644 src/usr/local/share/protocols/hddtemp.pat delete mode 100644 src/usr/local/share/protocols/hotline.pat delete mode 100644 src/usr/local/share/protocols/html.pat delete mode 100644 src/usr/local/share/protocols/http-dap.pat delete mode 100644 src/usr/local/share/protocols/http-freshdownload.pat delete mode 100644 src/usr/local/share/protocols/http-itunes.pat delete mode 100644 src/usr/local/share/protocols/http-rtsp.pat delete mode 100644 src/usr/local/share/protocols/http.pat delete mode 100644 src/usr/local/share/protocols/httpaudio.pat delete mode 100644 src/usr/local/share/protocols/httpcachehit.pat delete mode 100644 src/usr/local/share/protocols/httpcachemiss.pat delete mode 100644 src/usr/local/share/protocols/httpvideo.pat delete mode 100644 src/usr/local/share/protocols/ident.pat delete mode 100644 src/usr/local/share/protocols/imap.pat delete mode 100644 src/usr/local/share/protocols/imesh.pat delete mode 100644 src/usr/local/share/protocols/ipp.pat delete mode 100644 src/usr/local/share/protocols/irc.pat delete mode 100644 src/usr/local/share/protocols/jabber.pat delete mode 100644 src/usr/local/share/protocols/jpeg.pat delete mode 100644 src/usr/local/share/protocols/kugoo.pat delete mode 100644 src/usr/local/share/protocols/live365.pat delete mode 100644 src/usr/local/share/protocols/liveforspeed.pat delete mode 100644 src/usr/local/share/protocols/lpd.pat delete mode 100644 src/usr/local/share/protocols/mohaa.pat delete mode 100644 src/usr/local/share/protocols/mp3.pat delete mode 100644 src/usr/local/share/protocols/msn-filetransfer.pat delete mode 100644 src/usr/local/share/protocols/msnmessenger.pat delete mode 100644 src/usr/local/share/protocols/mute.pat delete mode 100644 src/usr/local/share/protocols/napster.pat delete mode 100644 src/usr/local/share/protocols/nbns.pat delete mode 100644 src/usr/local/share/protocols/ncp.pat delete mode 100644 src/usr/local/share/protocols/netbios.pat delete mode 100644 src/usr/local/share/protocols/nimda.pat delete mode 100644 src/usr/local/share/protocols/nntp.pat delete mode 100644 src/usr/local/share/protocols/ntp.pat delete mode 100644 src/usr/local/share/protocols/ogg.pat delete mode 100644 src/usr/local/share/protocols/openft.pat delete mode 100644 src/usr/local/share/protocols/pcanywhere.pat delete mode 100644 src/usr/local/share/protocols/pdf.pat delete mode 100644 src/usr/local/share/protocols/perl.pat delete mode 100644 src/usr/local/share/protocols/png.pat delete mode 100644 src/usr/local/share/protocols/poco.pat delete mode 100644 src/usr/local/share/protocols/pop3.pat delete mode 100644 src/usr/local/share/protocols/postscript.pat delete mode 100644 src/usr/local/share/protocols/pplive.pat delete mode 100644 src/usr/local/share/protocols/pressplay.pat delete mode 100644 src/usr/local/share/protocols/qq.pat delete mode 100644 src/usr/local/share/protocols/quake-halflife.pat delete mode 100644 src/usr/local/share/protocols/quake1.pat delete mode 100644 src/usr/local/share/protocols/quicktime.pat delete mode 100644 src/usr/local/share/protocols/radmin.pat delete mode 100644 src/usr/local/share/protocols/rar.pat delete mode 100644 src/usr/local/share/protocols/rdp.pat delete mode 100644 src/usr/local/share/protocols/replaytv-ivs.pat delete mode 100644 src/usr/local/share/protocols/rlogin.pat delete mode 100644 src/usr/local/share/protocols/rpm.pat delete mode 100644 src/usr/local/share/protocols/rtf.pat delete mode 100644 src/usr/local/share/protocols/rtmp.pat delete mode 100644 src/usr/local/share/protocols/rtp.pat delete mode 100644 src/usr/local/share/protocols/rtsp.pat delete mode 100644 src/usr/local/share/protocols/runesofmagic.pat delete mode 100644 src/usr/local/share/protocols/shoutcast.pat delete mode 100644 src/usr/local/share/protocols/sip.pat delete mode 100644 src/usr/local/share/protocols/skypeout.pat delete mode 100644 src/usr/local/share/protocols/skypetoskype.pat delete mode 100644 src/usr/local/share/protocols/smb.pat delete mode 100644 src/usr/local/share/protocols/smtp.pat delete mode 100644 src/usr/local/share/protocols/snmp-mon.pat delete mode 100644 src/usr/local/share/protocols/snmp-trap.pat delete mode 100644 src/usr/local/share/protocols/snmp.pat delete mode 100644 src/usr/local/share/protocols/socks.pat delete mode 100644 src/usr/local/share/protocols/soribada.pat delete mode 100644 src/usr/local/share/protocols/soulseek.pat delete mode 100644 src/usr/local/share/protocols/ssdp.pat delete mode 100644 src/usr/local/share/protocols/ssh.pat delete mode 100644 src/usr/local/share/protocols/ssl.pat delete mode 100644 src/usr/local/share/protocols/stun.pat delete mode 100644 src/usr/local/share/protocols/subspace.pat delete mode 100644 src/usr/local/share/protocols/subversion.pat delete mode 100644 src/usr/local/share/protocols/swf.pat delete mode 100644 src/usr/local/share/protocols/tar.pat delete mode 100644 src/usr/local/share/protocols/teamfortress2.pat delete mode 100644 src/usr/local/share/protocols/teamspeak.pat delete mode 100644 src/usr/local/share/protocols/telnet.pat delete mode 100644 src/usr/local/share/protocols/tesla.pat delete mode 100644 src/usr/local/share/protocols/tftp.pat delete mode 100644 src/usr/local/share/protocols/thecircle.pat delete mode 100644 src/usr/local/share/protocols/tonghuashun.pat delete mode 100644 src/usr/local/share/protocols/tor.pat delete mode 100644 src/usr/local/share/protocols/tsp.pat delete mode 100644 src/usr/local/share/protocols/unset.pat delete mode 100644 src/usr/local/share/protocols/uucp.pat delete mode 100644 src/usr/local/share/protocols/validcertssl.pat delete mode 100644 src/usr/local/share/protocols/ventrilo.pat delete mode 100644 src/usr/local/share/protocols/vnc.pat delete mode 100644 src/usr/local/share/protocols/whois.pat delete mode 100644 src/usr/local/share/protocols/worldofwarcraft.pat delete mode 100644 src/usr/local/share/protocols/x11.pat delete mode 100644 src/usr/local/share/protocols/xboxlive.pat delete mode 100644 src/usr/local/share/protocols/xunlei.pat delete mode 100644 src/usr/local/share/protocols/yahoo.pat delete mode 100644 src/usr/local/share/protocols/zip.pat delete mode 100644 src/usr/local/share/protocols/zmaap.pat delete mode 100644 src/usr/local/www/diag_patterns.php delete mode 100644 src/usr/local/www/firewall_shaper_layer7.php (limited to 'src/usr') diff --git a/src/usr/local/share/locale/en/LC_MESSAGES/pfSense.pot b/src/usr/local/share/locale/en/LC_MESSAGES/pfSense.pot index 4864b7b..7342e22 100644 --- a/src/usr/local/share/locale/en/LC_MESSAGES/pfSense.pot +++ b/src/usr/local/share/locale/en/LC_MESSAGES/pfSense.pot @@ -813,10 +813,6 @@ msgstr "" msgid "Generating ALTQ queues" msgstr "" -#: etc/inc/filter.inc:261 -msgid "Generating Layer7 rules" -msgstr "" - #: etc/inc/filter.inc:265 msgid "Loading filter rules" msgstr "" @@ -871,10 +867,6 @@ msgstr "" msgid "There were error(s) loading the rules: %1$s - %2$s" msgstr "" -#: etc/inc/filter.inc:388 -msgid "Starting up layer7 daemon" -msgstr "" - #: etc/inc/filter.inc:447 msgid "Processing down interface states" msgstr "" @@ -2545,14 +2537,6 @@ msgstr "" msgid "Allow access to the 'Firewall: Traffic Shaper' page." msgstr "" -#: etc/inc/priv.defs.inc:414 -msgid "WebCfg - Firewall: Traffic Shaper: Layer7 page" -msgstr "" - -#: etc/inc/priv.defs.inc:415 -msgid "Allow access to the 'Firewall: Traffic Shaper: Layer7' page." -msgstr "" - #: etc/inc/priv.defs.inc:420 msgid "WebCfg - Firewall: Traffic Shaper: Queues page" msgstr "" @@ -4868,10 +4852,6 @@ msgstr "" msgid "slots" msgstr "" -#: etc/inc/shaper.inc:3885 -msgid "Enable/Disable layer7 Container" -msgstr "" - #: etc/inc/shaper.inc:4150 #, php-format msgid "Sending HUP signal to %s" @@ -5812,7 +5792,6 @@ msgstr "" #: usr/local/www/carp_status.php:199 usr/local/www/diag_packet_capture.php:262 #: usr/local/www/diag_packet_capture.php:348 -#: usr/local/www/firewall_shaper_layer7.php:66 #: usr/local/www/interfaces_wireless.php:137 usr/local/www/pkg_edit.php:936 #: usr/local/www/services_ntpd_pps.php:138 usr/local/www/status_graph.php:338 #: usr/local/www/status_graph_cpu.php:54 usr/local/www/status_queues.php:187 @@ -5827,7 +5806,6 @@ msgid "You can configure high availability sync settings" msgstr "" #: usr/local/www/carp_status.php:201 -#: usr/local/www/firewall_shaper_layer7.php:67 #: usr/local/www/firewall_virtual_ip.php:308 usr/local/www/interfaces.php:3490 #: usr/local/www/interfaces.php:3499 usr/local/www/status_queues.php:189 msgid "here" @@ -5888,7 +5866,7 @@ msgstr "" #: usr/local/www/diag_dump_states_sources.php:66 #: usr/local/www/diag_gmirror.php:46 usr/local/www/diag_nanobsd.php:50 #: usr/local/www/diag_ndp.php:107 usr/local/www/diag_packet_capture.php:88 -#: usr/local/www/diag_patterns.php:63 usr/local/www/diag_ping.php:47 +#: usr/local/www/diag_ping.php:47 #: usr/local/www/diag_resetstate.php:65 usr/local/www/diag_routes.php:71 #: usr/local/www/diag_smart.php:18 usr/local/www/diag_sockets.php:45 #: usr/local/www/diag_states_summary.php:187 usr/local/www/diag_tables.php:45 @@ -6291,7 +6269,6 @@ msgstr "" #: usr/local/www/diag_backup.php:201 usr/local/www/fbegin.inc:132 #: usr/local/www/firewall_shaper.php:55 -#: usr/local/www/firewall_shaper_layer7.php:60 #: usr/local/www/firewall_shaper_vinterface.php:54 #: usr/local/www/firewall_shaper_wizards.php:74 msgid "Traffic Shaper" @@ -6663,7 +6640,6 @@ msgstr "" #: usr/local/www/firewall_rules_edit.php:1738 #: usr/local/www/firewall_schedule_edit.php:1168 #: usr/local/www/firewall_shaper.php:351 -#: usr/local/www/firewall_shaper_layer7.php:566 #: usr/local/www/firewall_shaper_vinterface.php:319 #: usr/local/www/firewall_virtual_ip_edit.php:509 #: usr/local/www/interfaces.php:3379 usr/local/www/interfaces_assign.php:553 @@ -7567,7 +7543,6 @@ msgstr "" #: usr/local/www/firewall_nat_out_edit.php:146 #: usr/local/www/firewall_nat_out_edit.php:513 #: usr/local/www/firewall_rules_edit.php:988 -#: usr/local/www/firewall_shaper_layer7.php:467 #: usr/local/www/interfaces_bridge_edit.php:310 #: usr/local/www/load_balancer_relay_action_edit.php:121 #: usr/local/www/load_balancer_relay_action_edit.php:425 @@ -7685,7 +7660,6 @@ msgstr "" #: usr/local/www/firewall_schedule.php:51 #: usr/local/www/firewall_schedule_edit.php:62 #: usr/local/www/firewall_shaper.php:55 -#: usr/local/www/firewall_shaper_layer7.php:60 #: usr/local/www/firewall_shaper_vinterface.php:54 #: usr/local/www/firewall_shaper_wizards.php:74 #: usr/local/www/firewall_virtual_ip.php:203 @@ -8861,35 +8835,6 @@ msgstr "" msgid "Packets Captured:" msgstr "" -#: usr/local/www/diag_patterns.php:43 usr/local/www/diag_patterns.php:85 -msgid "Upload Pattern file" -msgstr "" - -#: usr/local/www/diag_patterns.php:49 -#, php-format -msgid "Added custom l7 pattern %s" -msgstr "" - -#: usr/local/www/diag_patterns.php:51 -msgid "Uploaded file to" -msgstr "" - -#: usr/local/www/diag_patterns.php:54 -msgid "Warning: You must upload a file with .pat extension." -msgstr "" - -#: usr/local/www/diag_patterns.php:63 -msgid "Add layer7 pattern" -msgstr "" - -#: usr/local/www/diag_patterns.php:74 -msgid "Upload layer7 pattern file" -msgstr "" - -#: usr/local/www/diag_patterns.php:77 -msgid "File to upload:" -msgstr "" - #: usr/local/www/diag_pf_info.php:101 msgid "Gathering PF information, please wait..." msgstr "" @@ -9310,7 +9255,6 @@ msgid "entries in this table." msgstr "" #: usr/local/www/diag_tables.php:169 -#: usr/local/www/firewall_shaper_layer7.php:572 #: usr/local/www/services_dhcpv6.php:809 #: usr/local/www/system_firmware_restorefullbackup.php:164 msgid "Delete" @@ -9933,7 +9877,6 @@ msgstr "" #: usr/local/www/firewall_nat_npt.php:90 #: usr/local/www/firewall_nat_out.php:226 #: usr/local/www/firewall_shaper.php:406 -#: usr/local/www/firewall_shaper_layer7.php:402 #: usr/local/www/firewall_shaper_queues.php:189 #: usr/local/www/firewall_shaper_vinterface.php:386 #: usr/local/www/firewall_shaper_wizards.php:97 @@ -10333,7 +10276,6 @@ msgid "remove this entry" msgstr "" #: usr/local/www/firewall_aliases_edit.php:843 -#: usr/local/www/firewall_shaper_layer7.php:556 #: usr/local/www/interfaces_groups_edit.php:322 #: usr/local/www/interfaces_qinq_edit.php:390 #: usr/local/www/services_dhcp.php:1197 usr/local/www/services_dhcpv6.php:817 @@ -10356,7 +10298,6 @@ msgstr "" #: usr/local/www/firewall_rules_edit.php:1262 #: usr/local/www/firewall_rules_edit.php:1739 #: usr/local/www/firewall_schedule_edit.php:1169 -#: usr/local/www/firewall_shaper_layer7.php:569 #: usr/local/www/firewall_virtual_ip_edit.php:510 #: usr/local/www/interfaces.php:1856 usr/local/www/interfaces.php:1962 #: usr/local/www/interfaces.php:3380 @@ -11992,14 +11933,6 @@ msgstr "" msgid "ID must be an integer" msgstr "" -#: usr/local/www/firewall_rules_edit.php:526 -msgid "You can only select a layer7 container for TCP and/or UDP protocols" -msgstr "" - -#: usr/local/www/firewall_rules_edit.php:528 -msgid "You can only select a layer7 container for Pass type rules." -msgstr "" - #: usr/local/www/firewall_rules_edit.php:533 msgid "" "You can only specify the maximum number of established connections per host " @@ -12502,22 +12435,6 @@ msgstr "" msgid "Choose the Acknowledge Queue only if you have selected Queue." msgstr "" -#: usr/local/www/firewall_rules_edit.php:1673 -#: usr/local/www/firewall_shaper.php:415 -#: usr/local/www/firewall_shaper_layer7.php:60 -#: usr/local/www/firewall_shaper_layer7.php:411 -#: usr/local/www/firewall_shaper_queues.php:198 -#: usr/local/www/firewall_shaper_vinterface.php:395 -#: usr/local/www/firewall_shaper_wizards.php:106 -msgid "Layer7" -msgstr "" - -#: usr/local/www/firewall_rules_edit.php:1696 -msgid "" -"Choose a Layer7 container to apply application protocol inspection rules. " -"These are valid for TCP and UDP protocols only." -msgstr "" - #: usr/local/www/firewall_schedule.php:78 #, php-format msgid "Cannot delete Schedule. Currently in use by %s" @@ -12725,7 +12642,6 @@ msgid "The traffic shaper configuration has been changed." msgstr "" #: usr/local/www/firewall_shaper.php:412 -#: usr/local/www/firewall_shaper_layer7.php:408 #: usr/local/www/firewall_shaper_queues.php:195 #: usr/local/www/firewall_shaper_vinterface.php:392 #: usr/local/www/firewall_shaper_wizards.php:103 @@ -12733,7 +12649,6 @@ msgid "By Interface" msgstr "" #: usr/local/www/firewall_shaper.php:413 -#: usr/local/www/firewall_shaper_layer7.php:409 #: usr/local/www/firewall_shaper_queues.php:196 #: usr/local/www/firewall_shaper_vinterface.php:393 #: usr/local/www/firewall_shaper_wizards.php:104 @@ -12741,7 +12656,6 @@ msgid "By Queue" msgstr "" #: usr/local/www/firewall_shaper.php:414 -#: usr/local/www/firewall_shaper_layer7.php:410 #: usr/local/www/firewall_shaper_queues.php:197 #: usr/local/www/firewall_shaper_vinterface.php:54 #: usr/local/www/firewall_shaper_vinterface.php:394 @@ -12750,7 +12664,6 @@ msgid "Limiter" msgstr "" #: usr/local/www/firewall_shaper.php:416 -#: usr/local/www/firewall_shaper_layer7.php:412 #: usr/local/www/firewall_shaper_queues.php:199 #: usr/local/www/firewall_shaper_vinterface.php:396 #: usr/local/www/firewall_shaper_wizards.php:74 @@ -12765,43 +12678,10 @@ msgstr "" msgid "Remove Shaper" msgstr "" -#: usr/local/www/firewall_shaper_layer7.php:67 -msgid "You can add new layer7 protocol patterns by simply uploading the file" -msgstr "" - -#: usr/local/www/firewall_shaper_layer7.php:112 -msgid "Layer7 Rules Container not found!" -msgstr "" - -#: usr/local/www/firewall_shaper_layer7.php:162 -msgid "Found the following repeated protocol definitions" -msgstr "" - -#: usr/local/www/firewall_shaper_layer7.php:402 #: usr/local/www/firewall_shaper_queues.php:189 msgid "The traffic shaper configuration has been changed" msgstr "" -#: usr/local/www/firewall_shaper_layer7.php:433 -msgid "Create new l7 rules group" -msgstr "" - -#: usr/local/www/firewall_shaper_layer7.php:446 -msgid "Rule(s)" -msgstr "" - -#: usr/local/www/firewall_shaper_layer7.php:458 -msgid "Add one or more rules" -msgstr "" - -#: usr/local/www/firewall_shaper_layer7.php:474 -msgid "Structure" -msgstr "" - -#: usr/local/www/firewall_shaper_layer7.php:481 -msgid "Behaviour" -msgstr "" - #: usr/local/www/firewall_shaper_queues.php:173 msgid "Firewall: Shaper: By Queues View" msgstr "" diff --git a/src/usr/local/share/locale/ja/LC_MESSAGES/pfSense.po b/src/usr/local/share/locale/ja/LC_MESSAGES/pfSense.po index 6b417dc..b9d66c6 100644 --- a/src/usr/local/share/locale/ja/LC_MESSAGES/pfSense.po +++ b/src/usr/local/share/locale/ja/LC_MESSAGES/pfSense.po @@ -340,11 +340,6 @@ msgstr "ALTQキューを生成する" msgid "Generating Limiter rules" msgstr "リミッタールールを生成する" -#: etc/inc/filter.inc:234 etc/inc/filter.inc:232 etc/inc/filter.inc:231 -#: etc/inc/filter.inc:206 etc/inc/filter.inc:206 -msgid "Generating Layer7 rules" -msgstr "生成レイヤ7ルール" - #: etc/inc/filter.inc:238 etc/inc/filter.inc:236 etc/inc/filter.inc:235 #: etc/inc/filter.inc:210 etc/inc/filter.inc:210 msgid "Loading filter rules" @@ -488,11 +483,6 @@ msgstr "ルールのロード中にエラー(S)がありました:%1$s - % msgid "PF was wedged/busy and has been reset." msgstr "PFは忙しい/押し込まれ、リセットされました。" -#: etc/inc/filter.inc:355 etc/inc/filter.inc:357 etc/inc/filter.inc:360 -#: etc/inc/filter.inc:329 etc/inc/filter.inc:333 etc/inc/filter.inc:333 -msgid "Starting up layer7 daemon" -msgstr "レイヤ7デーモンを起動" - #: etc/inc/filter.inc:403 etc/inc/filter.inc:405 etc/inc/filter.inc:408 #: etc/inc/filter.inc:380 etc/inc/filter.inc:384 etc/inc/filter.inc:384 msgid "Processing down interface states" @@ -3090,12 +3080,6 @@ msgstr ""ヒント:同じ親の下にキューの場合、これはキュー msgid "slots" msgstr "スロット" -#: etc/inc/shaper.inc:3494 etc/inc/shaper.inc:3506 etc/inc/shaper.inc:3661 -#: etc/inc/shaper.inc:3662 etc/inc/shaper.inc:3669 etc/inc/shaper.inc:3737 -#: etc/inc/shaper.inc:3842 -msgid "Enable/Disable layer7 Container" -msgstr "レイヤ7コンテナを有効または無効にします" - #: etc/inc/shaper.inc:3744 etc/inc/shaper.inc:3756 etc/inc/shaper.inc:3911 #: etc/inc/shaper.inc:3912 etc/inc/shaper.inc:3919 etc/inc/shaper.inc:3987 #: etc/inc/shaper.inc:4092 @@ -4854,18 +4838,6 @@ msgstr "WebCfg - ファイアウォール:トラフィックシェイパーペ msgid "Allow access to the 'Firewall: Traffic Shaper' page." msgstr "ページ: 「トラフィック·シェイパーファイアウォール」へのアクセスを許可します。" -#: etc/inc/priv.defs.inc:346 etc/inc/priv.defs.inc:364 -#: etc/inc/priv.defs.inc:370 etc/inc/priv.defs.inc:366 -#: etc/inc/priv.defs.inc:366 -msgid "WebCfg - Firewall: Traffic Shaper: Layer7 page" -msgstr "WebCfg - ファイアウォール:トラフィックシェイパー:レイヤ7ページ" - -#: etc/inc/priv.defs.inc:347 etc/inc/priv.defs.inc:365 -#: etc/inc/priv.defs.inc:371 etc/inc/priv.defs.inc:367 -#: etc/inc/priv.defs.inc:367 -msgid "Allow access to the 'Firewall: Traffic Shaper: Layer7' page." -msgstr "ページ': Traffic Shaperはレイヤ7ファイアウォール」へのアクセスを許可します。" - #: etc/inc/priv.defs.inc:352 etc/inc/priv.defs.inc:370 #: etc/inc/priv.defs.inc:376 etc/inc/priv.defs.inc:372 #: etc/inc/priv.defs.inc:372 @@ -7334,7 +7306,6 @@ msgid "The virtual server configuration has been changed" msgstr "仮想サーバーの構成が変更されました" #: usr/local/www/load_balancer_virtual_server.php:108 -#: usr/local/www/firewall_shaper_layer7.php:401 #: usr/local/www/firewall_shaper_vinterface.php:366 #: usr/local/www/firewall_shaper_wizards.php:96 #: usr/local/www/firewall_aliases.php:160 @@ -7388,7 +7359,7 @@ msgstr "仮想サーバーの構成が変更されました" #: usr/local/www/firewall_virtual_ip.php:204 #: usr/local/www/firewall_nat.php:183 usr/local/www/firewall_nat_out.php:311 #: usr/local/www/services_dnsmasq.php:175 usr/local/www/interfaces.php:1364 -#: usr/local/www/firewall_shaper_layer7.php:401 usr/local/www/vpn_pppoe.php:98 +#: usr/local/www/vpn_pppoe.php:98 #: usr/local/www/firewall_shaper.php:405 #: usr/local/www/firewall_shaper_vinterface.php:386 #: usr/local/www/vpn_ipsec.php:139 usr/local/www/firewall_virtual_ip.php:204 @@ -7459,7 +7430,6 @@ msgid "Monitors" msgstr "モニター" #: usr/local/www/load_balancer_virtual_server.php:129 -#: usr/local/www/firewall_shaper_layer7.php:466 #: usr/local/www/interfaces_bridge_edit.php:291 #: usr/local/www/firewall_nat_edit.php:182 #: usr/local/www/firewall_nat_edit.php:185 @@ -7521,7 +7491,6 @@ msgstr "モニター" #: usr/local/www/firewall_rules_edit.php:857 #: usr/local/www/firewall_nat_edit.php:532 #: usr/local/www/interfaces_bridge_edit.php:304 -#: usr/local/www/firewall_shaper_layer7.php:466 #: usr/local/www/vpn_openvpn_client.php:452 #: usr/local/www/vpn_openvpn_client.php:938 #: usr/local/www/firewall_rules_edit.php:857 @@ -7670,7 +7639,7 @@ msgstr "プールのフォールバック" #: usr/local/www/diag_confbak.php:98 usr/local/www/halt.php:59 #: usr/local/www/diag_smart.php:14 usr/local/www/diag_states_summary.php:185 #: usr/local/www/system_firmware_auto.php:60 -#: usr/local/www/diag_patterns.php:58 usr/local/www/diag_dns.php:34 +#: usr/local/www/diag_dns.php:34 #: usr/local/www/reboot.php:51 usr/local/www/edit.php:39 #: usr/local/www/diag_ping.php:43 usr/local/www/diag_resetstate.php:64 #: usr/local/www/diag_routes.php:45 usr/local/www/diag_traceroute.php:45 @@ -7700,7 +7669,7 @@ msgstr "プールのフォールバック" #: usr/local/www/diag_packet_capture.php:43 usr/local/www/diag_routes.php:45 #: usr/local/www/diag_traceroute.php:46 usr/local/www/diag_smart.php:14 #: usr/local/www/exec.php:93 usr/local/www/halt.php:54 -#: usr/local/www/diag_patterns.php:58 usr/local/www/diag_backup.php:581 +#: usr/local/www/diag_backup.php:581 #: usr/local/www/diag_ping.php:44 usr/local/www/diag_resetstate.php:64 #: usr/local/www/system_firmware_restorefullbackup.php:104 #: usr/local/www/diag_dns.php:34 usr/local/www/edit.php:41 @@ -7753,14 +7722,11 @@ msgid " the latest bogon data." msgstr "最新のbogonデータ。" #: usr/local/www/diag_tables.php:162 -#: usr/local/www/firewall_shaper_layer7.php:576 #: usr/local/www/services_dhcpv6.php:758 #: usr/local/www/system_firmware_restorefullbackup.php:163 #: usr/local/www/diag_tables.php:161 usr/local/www/services_dhcpv6.php:853 #: usr/local/www/services_dhcpv6.php:784 usr/local/www/diag_tables.php:165 #: usr/local/www/services_dhcpv6.php:801 -#: usr/local/www/firewall_shaper_layer7.php:571 -#: usr/local/www/firewall_shaper_layer7.php:571 #: usr/local/www/diag_tables.php:165 usr/local/www/services_dhcpv6.php:801 #: usr/local/www/system_firmware_restorefullbackup.php:163 msgid "Delete" @@ -7880,7 +7846,6 @@ msgstr "パッケージ·エディター" #: usr/local/www/pkg_edit.php:405 #: usr/local/www/firewall_aliases_import.php:154 -#: usr/local/www/firewall_shaper_layer7.php:569 #: usr/local/www/firewall_shaper_vinterface.php:307 #: usr/local/www/services_dnsmasq_domainoverride_edit.php:130 #: usr/local/www/firewall_virtual_ip_edit.php:546 @@ -8116,7 +8081,6 @@ msgstr "パッケージ·エディター" #: usr/local/www/vpn_ipsec_phase2.php:791 usr/local/www/services_snmp.php:430 #: usr/local/www/interfaces_qinq_edit.php:398 #: usr/local/www/interfaces.php:2664 -#: usr/local/www/firewall_shaper_layer7.php:565 #: usr/local/www/services_router_advertisements.php:395 #: usr/local/www/system_gateways_edit.php:634 #: usr/local/www/services_dyndns_edit.php:378 @@ -8152,7 +8116,7 @@ msgstr "パッケージ·エディター" #: usr/local/www/interfaces_groups_edit.php:320 usr/local/www/pkg_edit.php:422 #: usr/local/www/interfaces_bridge_edit.php:598 #: usr/local/www/services_dnsmasq.php:312 usr/local/www/interfaces.php:2699 -#: usr/local/www/firewall_shaper_layer7.php:565 usr/local/www/vpn_l2tp.php:449 +#: usr/local/www/vpn_l2tp.php:449 #: usr/local/www/services_router_advertisements.php:395 #: usr/local/www/system_gateways_edit.php:665 #: usr/local/www/system_camanager.php:366 @@ -8259,7 +8223,6 @@ msgstr "保存" msgid "Advanced features" msgstr "高度な機能" -#: usr/local/www/pkg_edit.php:817 usr/local/www/firewall_shaper_layer7.php:65 #: usr/local/www/diag_packet_capture.php:203 usr/local/www/vpn_ipsec.php:422 #: usr/local/www/interfaces_wireless.php:133 usr/local/www/vpn_pptp.php:477 #: usr/local/www/status_graph.php:291 usr/local/www/carp_status.php:194 @@ -8280,7 +8243,7 @@ msgstr "高度な機能" #: usr/local/www/status_graph.php:330 #: usr/local/www/diag_packet_capture.php:208 #: usr/local/www/diag_packet_capture.php:288 usr/local/www/pkg_edit.php:921 -#: usr/local/www/firewall_shaper_layer7.php:65 usr/local/www/vpn_ipsec.php:438 +#: usr/local/www/vpn_ipsec.php:438 #: usr/local/www/status_graph_cpu.php:53 usr/local/www/status_graph.php:330 #: usr/local/www/diag_packet_capture.php:208 #: usr/local/www/diag_packet_capture.php:288 @@ -8293,7 +8256,6 @@ msgstr "ノート" #: usr/local/www/pkg_edit.php:823 usr/local/www/pkg_edit.php:835 #: usr/local/www/firewall_aliases_import.php:155 -#: usr/local/www/firewall_shaper_layer7.php:573 #: usr/local/www/services_dnsmasq_domainoverride_edit.php:130 #: usr/local/www/firewall_virtual_ip_edit.php:546 #: usr/local/www/services_wol_edit.php:157 @@ -8417,7 +8379,6 @@ msgstr "ノート" #: usr/local/www/interfaces_qinq_edit.php:399 #: usr/local/www/interfaces.php:1547 usr/local/www/interfaces.php:1652 #: usr/local/www/interfaces.php:2665 -#: usr/local/www/firewall_shaper_layer7.php:568 #: usr/local/www/system_gateways_edit.php:634 #: usr/local/www/services_dyndns_edit.php:379 #: usr/local/www/firewall_rules_edit.php:1128 @@ -8444,7 +8405,6 @@ msgstr "ノート" #: usr/local/www/interfaces_bridge_edit.php:598 #: usr/local/www/interfaces.php:1586 usr/local/www/interfaces.php:1691 #: usr/local/www/interfaces.php:2700 -#: usr/local/www/firewall_shaper_layer7.php:568 #: usr/local/www/system_gateways_edit.php:665 #: usr/local/www/interfaces_wireless_edit.php:197 #: usr/local/www/load_balancer_relay_protocol_edit.php:278 @@ -9130,7 +9090,6 @@ msgid "System Logs, Firewall Tab" msgstr "システムログ、ファイアウォールタブ" #: usr/local/www/firewall_aliases_import.php:48 -#: usr/local/www/firewall_shaper_layer7.php:59 #: usr/local/www/firewall_shaper_vinterface.php:54 #: usr/local/www/firewall_shaper_wizards.php:73 #: usr/local/www/firewall_virtual_ip_edit.php:281 @@ -9212,7 +9171,6 @@ msgstr "システムログ、ファイアウォールタブ" #: usr/local/www/firewall_nat_out_edit.php:329 #: usr/local/www/firewall_virtual_ip.php:189 #: usr/local/www/firewall_nat_edit.php:452 usr/local/www/firewall_nat.php:166 -#: usr/local/www/firewall_shaper_layer7.php:59 #: usr/local/www/firewall_shaper.php:54 usr/local/www/diag_logs_auth.php:67 #: usr/local/www/diag_logs_settings.php:223 #: usr/local/www/firewall_shaper_vinterface.php:54 @@ -9397,13 +9355,11 @@ msgstr "「キャリッジリターンで区切られたインポートする別 msgid "The list may contain only IP addresses." msgstr "リストは、 IPアドレスを含んでもよい。" -#: usr/local/www/firewall_shaper_layer7.php:59 #: usr/local/www/firewall_shaper_vinterface.php:54 #: usr/local/www/firewall_shaper_wizards.php:73 #: usr/local/www/firewall_shaper.php:54 usr/local/www/diag_backup.php:121 #: usr/local/www/fbegin.inc:114 usr/local/www/fbegin.inc:131 #: usr/local/www/diag_backup.php:199 usr/local/www/fbegin.inc:140 -#: usr/local/www/fbegin.inc:132 usr/local/www/firewall_shaper_layer7.php:59 #: usr/local/www/firewall_shaper.php:54 #: usr/local/www/firewall_shaper_vinterface.php:54 #: usr/local/www/firewall_shaper_wizards.php:73 @@ -9411,40 +9367,6 @@ msgstr "リストは、 IPアドレスを含んでもよい。" msgid "Traffic Shaper" msgstr "トラフィックシェー" -#: usr/local/www/firewall_shaper_layer7.php:59 -#: usr/local/www/firewall_shaper_layer7.php:410 -#: usr/local/www/firewall_shaper_vinterface.php:375 -#: usr/local/www/firewall_shaper_wizards.php:105 -#: usr/local/www/firewall_rules_edit.php:1443 -#: usr/local/www/firewall_shaper.php:412 -#: usr/local/www/firewall_shaper_queues.php:196 -#: usr/local/www/firewall_rules_edit.php:1514 -#: usr/local/www/firewall_shaper_vinterface.php:385 -#: usr/local/www/firewall_shaper.php:413 -#: usr/local/www/firewall_shaper_vinterface.php:392 -#: usr/local/www/firewall_rules_edit.php:1529 -#: usr/local/www/firewall_shaper.php:414 -#: usr/local/www/firewall_shaper_vinterface.php:395 -#: usr/local/www/firewall_rules_edit.php:1537 -#: usr/local/www/firewall_shaper_queues.php:197 -#: usr/local/www/firewall_shaper_wizards.php:106 -#: usr/local/www/firewall_rules_edit.php:1548 -#: usr/local/www/firewall_shaper_layer7.php:59 -#: usr/local/www/firewall_shaper_layer7.php:410 -#: usr/local/www/firewall_shaper.php:414 -#: usr/local/www/firewall_shaper_vinterface.php:395 -#: usr/local/www/firewall_rules_edit.php:1548 -#: usr/local/www/firewall_shaper_queues.php:197 -#: usr/local/www/firewall_shaper_wizards.php:106 -msgid "Layer7" -msgstr "レイヤ7" - -#: usr/local/www/firewall_shaper_layer7.php:66 -#: usr/local/www/firewall_shaper_layer7.php:66 -msgid "You can add new layer7 protocol patterns by simply uploading the file" -msgstr "あなたは、単にファイルをアップロードすることにより、新たなレイヤ7プロトコルのパターンを追加することができます" - -#: usr/local/www/firewall_shaper_layer7.php:66 #: usr/local/www/firewall_virtual_ip.php:243 usr/local/www/interfaces.php:2550 #: usr/local/www/interfaces.php:2559 usr/local/www/carp_status.php:196 #: usr/local/www/status_queues.php:174 usr/local/www/status_queues.php:182 @@ -9457,32 +9379,18 @@ msgstr "あなたは、単にファイルをアップロードすることによ #: usr/local/www/interfaces.php:2783 usr/local/www/interfaces.php:2820 #: usr/local/www/interfaces.php:2829 usr/local/www/firewall_virtual_ip.php:292 #: usr/local/www/interfaces.php:2806 usr/local/www/interfaces.php:2815 -#: usr/local/www/firewall_shaper_layer7.php:66 #: usr/local/www/firewall_virtual_ip.php:292 #: usr/local/www/status_queues.php:165 usr/local/www/interfaces.php:2806 #: usr/local/www/interfaces.php:2815 usr/local/www/carp_status.php:189 msgid "here" msgstr "ここに" -#: usr/local/www/firewall_shaper_layer7.php:111 -#: usr/local/www/firewall_shaper_layer7.php:111 -msgid "Layer7 Rules Container not found!" -msgstr "レイヤ7ルールコンテナが見つかりません !" - -#: usr/local/www/firewall_shaper_layer7.php:161 -#: usr/local/www/firewall_shaper_layer7.php:161 -msgid "Found the following repeated protocol definitions" -msgstr "次の反復プロトコル定義を見つけた" - -#: usr/local/www/firewall_shaper_layer7.php:401 #: usr/local/www/firewall_shaper_queues.php:187 #: usr/local/www/firewall_shaper_queues.php:188 -#: usr/local/www/firewall_shaper_layer7.php:401 #: usr/local/www/firewall_shaper_queues.php:188 msgid "The traffic shaper configuration has been changed" msgstr "トラフィックシェーパの構成が変更されました" -#: usr/local/www/firewall_shaper_layer7.php:407 #: usr/local/www/firewall_shaper_vinterface.php:372 #: usr/local/www/firewall_shaper_wizards.php:102 #: usr/local/www/firewall_shaper.php:409 @@ -9494,7 +9402,6 @@ msgstr "トラフィックシェーパの構成が変更されました" #: usr/local/www/firewall_shaper_vinterface.php:392 #: usr/local/www/firewall_shaper_queues.php:194 #: usr/local/www/firewall_shaper_wizards.php:103 -#: usr/local/www/firewall_shaper_layer7.php:407 #: usr/local/www/firewall_shaper.php:411 #: usr/local/www/firewall_shaper_vinterface.php:392 #: usr/local/www/firewall_shaper_queues.php:194 @@ -9502,7 +9409,6 @@ msgstr "トラフィックシェーパの構成が変更されました" msgid "By Interface" msgstr "インタフェースで" -#: usr/local/www/firewall_shaper_layer7.php:408 #: usr/local/www/firewall_shaper_vinterface.php:373 #: usr/local/www/firewall_shaper_wizards.php:103 #: usr/local/www/firewall_shaper.php:410 @@ -9514,7 +9420,6 @@ msgstr "インタフェースで" #: usr/local/www/firewall_shaper_vinterface.php:393 #: usr/local/www/firewall_shaper_queues.php:195 #: usr/local/www/firewall_shaper_wizards.php:104 -#: usr/local/www/firewall_shaper_layer7.php:408 #: usr/local/www/firewall_shaper.php:412 #: usr/local/www/firewall_shaper_vinterface.php:393 #: usr/local/www/firewall_shaper_queues.php:195 @@ -9522,7 +9427,6 @@ msgstr "インタフェースで" msgid "By Queue" msgstr "キューによって" -#: usr/local/www/firewall_shaper_layer7.php:409 #: usr/local/www/firewall_shaper_vinterface.php:54 #: usr/local/www/firewall_shaper_vinterface.php:374 #: usr/local/www/firewall_shaper_wizards.php:104 @@ -9535,7 +9439,6 @@ msgstr "キューによって" #: usr/local/www/firewall_shaper_vinterface.php:394 #: usr/local/www/firewall_shaper_queues.php:196 #: usr/local/www/firewall_shaper_wizards.php:105 -#: usr/local/www/firewall_shaper_layer7.php:409 #: usr/local/www/firewall_shaper.php:413 #: usr/local/www/firewall_shaper_vinterface.php:54 #: usr/local/www/firewall_shaper_vinterface.php:394 @@ -9544,7 +9447,6 @@ msgstr "キューによって" msgid "Limiter" msgstr "リミッタ" -#: usr/local/www/firewall_shaper_layer7.php:411 #: usr/local/www/firewall_shaper_vinterface.php:376 #: usr/local/www/firewall_shaper_wizards.php:73 #: usr/local/www/firewall_shaper_wizards.php:106 @@ -9566,7 +9468,6 @@ msgstr "リミッタ" #: usr/local/www/firewall_shaper_vinterface.php:396 #: usr/local/www/firewall_shaper_queues.php:198 #: usr/local/www/firewall_shaper_wizards.php:107 -#: usr/local/www/firewall_shaper_layer7.php:411 #: usr/local/www/firewall_shaper.php:415 #: usr/local/www/firewall_shaper_vinterface.php:396 #: usr/local/www/vpn_openvpn_client.php:399 @@ -9578,32 +9479,6 @@ msgstr "リミッタ" msgid "Wizards" msgstr "ウィザーズ" -#: usr/local/www/firewall_shaper_layer7.php:432 -#: usr/local/www/firewall_shaper_layer7.php:432 -msgid "Create new l7 rules group" -msgstr "新しいL7ルール·グループを作成する" - -#: usr/local/www/firewall_shaper_layer7.php:445 -#: usr/local/www/firewall_shaper_layer7.php:445 -msgid "Rule(s)" -msgstr "規則(単数または複数)" - -#: usr/local/www/firewall_shaper_layer7.php:457 -#: usr/local/www/firewall_shaper_layer7.php:457 -msgid "Add one or more rules" -msgstr "1つ以上のルールを追加" - -#: usr/local/www/firewall_shaper_layer7.php:473 -#: usr/local/www/firewall_shaper_layer7.php:473 -msgid "Structure" -msgstr "構造" - -#: usr/local/www/firewall_shaper_layer7.php:480 -#: usr/local/www/firewall_shaper_layer7.php:480 -msgid "Behaviour" -msgstr "行動" - -#: usr/local/www/firewall_shaper_layer7.php:558 #: usr/local/www/interfaces_groups_edit.php:315 #: usr/local/www/firewall_aliases_edit.php:680 #: usr/local/www/interfaces_qinq_edit.php:387 @@ -9628,13 +9503,11 @@ msgstr "行動" #: usr/local/www/system_certmanager.php:818 #: usr/local/www/services_dhcpv6.php:811 #: usr/local/www/interfaces_qinq_edit.php:391 -#: usr/local/www/firewall_shaper_layer7.php:555 #: usr/local/www/services_router_advertisements.php:353 #: usr/local/www/services_dhcp.php:1123 #: usr/local/www/system_certmanager.php:820 #: usr/local/www/firewall_aliases_edit.php:717 #: usr/local/www/interfaces_groups_edit.php:313 -#: usr/local/www/firewall_shaper_layer7.php:555 #: usr/local/www/services_router_advertisements.php:353 #: usr/local/www/vpn_pppoe_edit.php:577 usr/local/www/services_dhcp.php:1123 #: usr/local/www/system_certmanager.php:820 @@ -19462,24 +19335,6 @@ msgstr "「あなたは、 1キューとINとOUTのための1つの仮想イン msgid "ID must be an integer" msgstr "IDは整数でなければなりません" -#: usr/local/www/firewall_rules_edit.php:428 -#: usr/local/www/firewall_rules_edit.php:460 -#: usr/local/www/firewall_rules_edit.php:461 -#: usr/local/www/firewall_rules_edit.php:464 -#: usr/local/www/firewall_rules_edit.php:470 -#: usr/local/www/firewall_rules_edit.php:470 -msgid "You can only select a layer7 container for TCP and/or UDP protocols" -msgstr "あなただけのTCPおよび/またはUDPプロトコルのためのレイヤ7コンテナを選択することができます" - -#: usr/local/www/firewall_rules_edit.php:430 -#: usr/local/www/firewall_rules_edit.php:462 -#: usr/local/www/firewall_rules_edit.php:463 -#: usr/local/www/firewall_rules_edit.php:466 -#: usr/local/www/firewall_rules_edit.php:472 -#: usr/local/www/firewall_rules_edit.php:472 -msgid "You can only select a layer7 container for Pass type rules." -msgstr "あなただけの通過型ルールのレイヤ7のコンテナを選択することができます。" - #: usr/local/www/firewall_rules_edit.php:443 #: usr/local/www/firewall_rules_edit.php:475 #: usr/local/www/firewall_rules_edit.php:476 @@ -20241,17 +20096,6 @@ msgstr "Ackqueue /キュー" msgid "Choose the Acknowledge Queue only if you have selected Queue." msgstr "キューを選択した場合にのみ肯定応答キューを選択してください。" -#: usr/local/www/firewall_rules_edit.php:1466 -#: usr/local/www/firewall_rules_edit.php:1537 -#: usr/local/www/firewall_rules_edit.php:1552 -#: usr/local/www/firewall_rules_edit.php:1560 -#: usr/local/www/firewall_rules_edit.php:1571 -#: usr/local/www/firewall_rules_edit.php:1571 -msgid "" -"Choose a Layer7 container to apply application protocol inspection rules. " -"These are valid for TCP and UDP protocols only." -msgstr "「アプリケーションプロトコルインスペクションルールを適用するレイヤ7のコンテナを選択します。 「これらはTCPおよびUDPのみのプロトコルに有効です。" - #: usr/local/www/firewall_schedule.php:50 #: usr/local/www/firewall_schedule_edit.php:61 usr/local/www/fbegin.inc:113 #: usr/local/www/system_advanced_misc.php:380 usr/local/www/fbegin.inc:130 @@ -26036,7 +25880,6 @@ msgstr "MB /秒" msgid "GB/s" msgstr "GB /秒" -#: usr/local/www/diag_patterns.php:43 #: usr/local/www/services_captiveportal_filemanager.php:195 #: usr/local/www/exec.php:290 usr/local/www/exec.php:300 #: usr/local/www/exec.php:292 usr/local/www/exec.php:302 @@ -26046,31 +25889,6 @@ msgstr "GB /秒" msgid "Upload" msgstr "アップロード" -#: usr/local/www/diag_patterns.php:46 usr/local/www/diag_patterns.php:46 -msgid "Uploaded file to" -msgstr "アップロードされたファイルへの" - -#: usr/local/www/diag_patterns.php:49 usr/local/www/diag_patterns.php:49 -msgid "Warning: You must upload a file with .pat extension." -msgstr "警告:あなたはパットの拡張子を持つファイルをアップロードする必要があります。" - -#: usr/local/www/diag_patterns.php:58 usr/local/www/diag_patterns.php:58 -msgid "Add layer7 pattern" -msgstr "レイヤ7パターンを追加" - -#: usr/local/www/diag_patterns.php:69 usr/local/www/diag_patterns.php:69 -msgid "Upload layer7 pattern file" -msgstr "レイヤ7のパターンファイルをアップロード" - -#: usr/local/www/diag_patterns.php:72 usr/local/www/diag_patterns.php:72 -msgid "File to upload:" -msgstr "アップロードするファイル:" - -#: usr/local/www/diag_patterns.php:80 usr/local/www/diag_patterns.php:43 -#: usr/local/www/diag_patterns.php:43 usr/local/www/diag_patterns.php:80 -msgid "Upload Pattern file" -msgstr "パターンファイルをアップロード" - #: usr/local/www/vpn_ipsec_keys.php:64 usr/local/www/vpn_ipsec_keys.php:64 msgid "Deleted IPsec Pre-Shared Key" msgstr "削除されたIPsecの事前共有キー" diff --git a/src/usr/local/share/locale/pt_BR/LC_MESSAGES/pfSense.po b/src/usr/local/share/locale/pt_BR/LC_MESSAGES/pfSense.po index a4f299d..b013681 100644 --- a/src/usr/local/share/locale/pt_BR/LC_MESSAGES/pfSense.po +++ b/src/usr/local/share/locale/pt_BR/LC_MESSAGES/pfSense.po @@ -325,11 +325,6 @@ msgstr "Gerando filas ALTQ" msgid "Generating Limiter rules" msgstr "Gerando regras Limiter" -#: etc/inc/filter.inc:234 etc/inc/filter.inc:232 etc/inc/filter.inc:231 -#: etc/inc/filter.inc:206 etc/inc/filter.inc:221 -msgid "Generating Layer7 rules" -msgstr "Gerando regras Layer7" - #: etc/inc/filter.inc:238 etc/inc/filter.inc:236 etc/inc/filter.inc:235 #: etc/inc/filter.inc:210 etc/inc/filter.inc:225 msgid "Loading filter rules" @@ -457,11 +452,6 @@ msgstr "Houve erro(s) carregando as regras: %1$s - %2$s" msgid "PF was wedged/busy and has been reset." msgstr "PF estava travado/ocupado e foi reiniciado." -#: etc/inc/filter.inc:355 etc/inc/filter.inc:357 etc/inc/filter.inc:360 -#: etc/inc/filter.inc:329 etc/inc/filter.inc:333 etc/inc/filter.inc:348 -msgid "Starting up layer7 daemon" -msgstr "Iniciando daemon layer7" - #: etc/inc/filter.inc:403 etc/inc/filter.inc:405 etc/inc/filter.inc:408 #: etc/inc/filter.inc:380 etc/inc/filter.inc:384 msgid "Processing down interface states" @@ -2758,12 +2748,6 @@ msgstr "Dica: Para filas abaixo do mesmo pai, isso especifica o compartilhamento msgid "slots" msgstr "slots" -#: etc/inc/shaper.inc:3494 etc/inc/shaper.inc:3506 etc/inc/shaper.inc:3661 -#: etc/inc/shaper.inc:3662 etc/inc/shaper.inc:3669 etc/inc/shaper.inc:3737 -#: etc/inc/shaper.inc:3842 etc/inc/shaper.inc:3868 -msgid "Enable/Disable layer7 Container" -msgstr "Habilitar/Desabilitar Contêiner de layer7" - #: etc/inc/shaper.inc:3744 etc/inc/shaper.inc:3756 etc/inc/shaper.inc:3911 #: etc/inc/shaper.inc:3912 etc/inc/shaper.inc:3919 etc/inc/shaper.inc:3987 #: etc/inc/shaper.inc:4092 etc/inc/shaper.inc:4118 @@ -4393,16 +4377,6 @@ msgstr "WebCfg - Página Firewall: Traffic Shaper" msgid "Allow access to the 'Firewall: Traffic Shaper' page." msgstr "Permitir acesso à página 'Firewall: Traffic Shaper'." -#: etc/inc/priv.defs.inc:346 etc/inc/priv.defs.inc:364 -#: etc/inc/priv.defs.inc:370 etc/inc/priv.defs.inc:366 -msgid "WebCfg - Firewall: Traffic Shaper: Layer7 page" -msgstr "WebCfg - Página Firewall: Traffic Shaper: Layer7" - -#: etc/inc/priv.defs.inc:347 etc/inc/priv.defs.inc:365 -#: etc/inc/priv.defs.inc:371 etc/inc/priv.defs.inc:367 -msgid "Allow access to the 'Firewall: Traffic Shaper: Layer7' page." -msgstr "Permitir acesso à página 'Firewall: Traffic Shaper: Layer7'." - #: etc/inc/priv.defs.inc:352 etc/inc/priv.defs.inc:370 #: etc/inc/priv.defs.inc:376 etc/inc/priv.defs.inc:372 msgid "WebCfg - Firewall: Traffic Shaper: Queues page" @@ -6471,7 +6445,6 @@ msgid "The virtual server configuration has been changed" msgstr "A configuração do servidor virtual foi modificada" #: usr/local/www/load_balancer_virtual_server.php:108 -#: usr/local/www/firewall_shaper_layer7.php:401 #: usr/local/www/firewall_shaper_vinterface.php:366 #: usr/local/www/firewall_shaper_wizards.php:96 #: usr/local/www/firewall_aliases.php:160 @@ -6562,7 +6535,6 @@ msgid "Monitors" msgstr "Monitores" #: usr/local/www/load_balancer_virtual_server.php:129 -#: usr/local/www/firewall_shaper_layer7.php:466 #: usr/local/www/interfaces_bridge_edit.php:291 #: usr/local/www/firewall_nat_edit.php:182 #: usr/local/www/firewall_nat_edit.php:185 @@ -6731,7 +6703,7 @@ msgstr "Pool de Fall Back" #: usr/local/www/diag_confbak.php:98 usr/local/www/halt.php:59 #: usr/local/www/diag_smart.php:14 usr/local/www/diag_states_summary.php:185 #: usr/local/www/system_firmware_auto.php:60 -#: usr/local/www/diag_patterns.php:58 usr/local/www/diag_dns.php:34 +#: usr/local/www/diag_dns.php:34 #: usr/local/www/reboot.php:51 usr/local/www/edit.php:39 #: usr/local/www/diag_ping.php:43 usr/local/www/diag_resetstate.php:64 #: usr/local/www/diag_routes.php:45 usr/local/www/diag_traceroute.php:45 @@ -6789,13 +6761,11 @@ msgid " the latest bogon data." msgstr " dados de bogon mais recente." #: usr/local/www/diag_tables.php:162 -#: usr/local/www/firewall_shaper_layer7.php:576 #: usr/local/www/services_dhcpv6.php:758 #: usr/local/www/system_firmware_restorefullbackup.php:163 #: usr/local/www/diag_tables.php:161 usr/local/www/services_dhcpv6.php:853 #: usr/local/www/services_dhcpv6.php:784 usr/local/www/diag_tables.php:165 #: usr/local/www/services_dhcpv6.php:801 -#: usr/local/www/firewall_shaper_layer7.php:571 msgid "Delete" msgstr "Excluir" @@ -6886,7 +6856,6 @@ msgstr "Editor de Pacote" #: usr/local/www/pkg_edit.php:405 #: usr/local/www/firewall_aliases_import.php:154 -#: usr/local/www/firewall_shaper_layer7.php:569 #: usr/local/www/firewall_shaper_vinterface.php:307 #: usr/local/www/services_dnsmasq_domainoverride_edit.php:130 #: usr/local/www/firewall_virtual_ip_edit.php:546 @@ -7122,7 +7091,6 @@ msgstr "Editor de Pacote" #: usr/local/www/vpn_ipsec_phase2.php:791 usr/local/www/services_snmp.php:430 #: usr/local/www/interfaces_qinq_edit.php:398 #: usr/local/www/interfaces.php:2664 -#: usr/local/www/firewall_shaper_layer7.php:565 #: usr/local/www/services_router_advertisements.php:395 #: usr/local/www/system_gateways_edit.php:634 #: usr/local/www/services_dyndns_edit.php:378 @@ -7189,7 +7157,6 @@ msgstr "Salvar" msgid "Advanced features" msgstr "Recursos avançados" -#: usr/local/www/pkg_edit.php:817 usr/local/www/firewall_shaper_layer7.php:65 #: usr/local/www/diag_packet_capture.php:203 usr/local/www/vpn_ipsec.php:422 #: usr/local/www/interfaces_wireless.php:133 usr/local/www/vpn_pptp.php:477 #: usr/local/www/status_graph.php:291 usr/local/www/carp_status.php:194 @@ -7216,7 +7183,6 @@ msgstr "Nota" #: usr/local/www/pkg_edit.php:823 usr/local/www/pkg_edit.php:835 #: usr/local/www/firewall_aliases_import.php:155 -#: usr/local/www/firewall_shaper_layer7.php:573 #: usr/local/www/services_dnsmasq_domainoverride_edit.php:130 #: usr/local/www/firewall_virtual_ip_edit.php:546 #: usr/local/www/services_wol_edit.php:157 @@ -7340,7 +7306,6 @@ msgstr "Nota" #: usr/local/www/interfaces_qinq_edit.php:399 #: usr/local/www/interfaces.php:1547 usr/local/www/interfaces.php:1652 #: usr/local/www/interfaces.php:2665 -#: usr/local/www/firewall_shaper_layer7.php:568 #: usr/local/www/system_gateways_edit.php:634 #: usr/local/www/services_dyndns_edit.php:379 #: usr/local/www/firewall_rules_edit.php:1128 @@ -7909,7 +7874,6 @@ msgid "System Logs, Firewall Tab" msgstr "Logs de Sistema, Firewall Tab" #: usr/local/www/firewall_aliases_import.php:48 -#: usr/local/www/firewall_shaper_layer7.php:59 #: usr/local/www/firewall_shaper_vinterface.php:54 #: usr/local/www/firewall_shaper_wizards.php:73 #: usr/local/www/firewall_virtual_ip_edit.php:281 @@ -8111,7 +8075,6 @@ msgstr "Cole nos alias para importar separada por retorno de carro. Exemplos com msgid "The list may contain only IP addresses." msgstr "Esta lista pode conter apenas endereços IP." -#: usr/local/www/firewall_shaper_layer7.php:59 #: usr/local/www/firewall_shaper_vinterface.php:54 #: usr/local/www/firewall_shaper_wizards.php:73 #: usr/local/www/firewall_shaper.php:54 usr/local/www/diag_backup.php:121 @@ -8121,33 +8084,6 @@ msgstr "Esta lista pode conter apenas endereços IP." msgid "Traffic Shaper" msgstr "Traffic Shaper" -#: usr/local/www/firewall_shaper_layer7.php:59 -#: usr/local/www/firewall_shaper_layer7.php:410 -#: usr/local/www/firewall_shaper_vinterface.php:375 -#: usr/local/www/firewall_shaper_wizards.php:105 -#: usr/local/www/firewall_rules_edit.php:1443 -#: usr/local/www/firewall_shaper.php:412 -#: usr/local/www/firewall_shaper_queues.php:196 -#: usr/local/www/firewall_rules_edit.php:1514 -#: usr/local/www/firewall_shaper_vinterface.php:385 -#: usr/local/www/firewall_shaper.php:413 -#: usr/local/www/firewall_shaper_vinterface.php:392 -#: usr/local/www/firewall_rules_edit.php:1529 -#: usr/local/www/firewall_shaper.php:414 -#: usr/local/www/firewall_shaper_vinterface.php:395 -#: usr/local/www/firewall_rules_edit.php:1537 -#: usr/local/www/firewall_shaper_queues.php:197 -#: usr/local/www/firewall_shaper_wizards.php:106 -#: usr/local/www/firewall_rules_edit.php:1548 -#: usr/local/www/firewall_rules_edit.php:1596 -msgid "Layer7" -msgstr "Layer7" - -#: usr/local/www/firewall_shaper_layer7.php:66 -msgid "You can add new layer7 protocol patterns by simply uploading the file" -msgstr "Você pode adicionar um novo padrão de protocolo layer7 simplesmente carregando o arquivo" - -#: usr/local/www/firewall_shaper_layer7.php:66 #: usr/local/www/firewall_virtual_ip.php:243 usr/local/www/interfaces.php:2550 #: usr/local/www/interfaces.php:2559 usr/local/www/carp_status.php:196 #: usr/local/www/status_queues.php:174 usr/local/www/status_queues.php:182 @@ -8166,21 +8102,11 @@ msgstr "Você pode adicionar um novo padrão de protocolo layer7 simplesmente ca msgid "here" msgstr "aqui" -#: usr/local/www/firewall_shaper_layer7.php:111 -msgid "Layer7 Rules Container not found!" -msgstr "Contâiner de Regras Layer7 não encontrado!" - -#: usr/local/www/firewall_shaper_layer7.php:161 -msgid "Found the following repeated protocol definitions" -msgstr "Encontradas as seguintes definições de protocolo repetidas" - -#: usr/local/www/firewall_shaper_layer7.php:401 #: usr/local/www/firewall_shaper_queues.php:187 #: usr/local/www/firewall_shaper_queues.php:188 msgid "The traffic shaper configuration has been changed" msgstr "A configuração do traffic shaper foi modificada" -#: usr/local/www/firewall_shaper_layer7.php:407 #: usr/local/www/firewall_shaper_vinterface.php:372 #: usr/local/www/firewall_shaper_wizards.php:102 #: usr/local/www/firewall_shaper.php:409 @@ -8195,7 +8121,6 @@ msgstr "A configuração do traffic shaper foi modificada" msgid "By Interface" msgstr "Por Interface" -#: usr/local/www/firewall_shaper_layer7.php:408 #: usr/local/www/firewall_shaper_vinterface.php:373 #: usr/local/www/firewall_shaper_wizards.php:103 #: usr/local/www/firewall_shaper.php:410 @@ -8210,7 +8135,6 @@ msgstr "Por Interface" msgid "By Queue" msgstr "Por Fila" -#: usr/local/www/firewall_shaper_layer7.php:409 #: usr/local/www/firewall_shaper_vinterface.php:54 #: usr/local/www/firewall_shaper_vinterface.php:374 #: usr/local/www/firewall_shaper_wizards.php:104 @@ -8226,7 +8150,6 @@ msgstr "Por Fila" msgid "Limiter" msgstr "Limitador" -#: usr/local/www/firewall_shaper_layer7.php:411 #: usr/local/www/firewall_shaper_vinterface.php:376 #: usr/local/www/firewall_shaper_wizards.php:73 #: usr/local/www/firewall_shaper_wizards.php:106 @@ -8251,27 +8174,6 @@ msgstr "Limitador" msgid "Wizards" msgstr "Wizards" -#: usr/local/www/firewall_shaper_layer7.php:432 -msgid "Create new l7 rules group" -msgstr "Criar um novo grupo de regras l7" - -#: usr/local/www/firewall_shaper_layer7.php:445 -msgid "Rule(s)" -msgstr "Regra(s)" - -#: usr/local/www/firewall_shaper_layer7.php:457 -msgid "Add one or more rules" -msgstr "Adicionar uma ou mais regras" - -#: usr/local/www/firewall_shaper_layer7.php:473 -msgid "Structure" -msgstr "Estrutura" - -#: usr/local/www/firewall_shaper_layer7.php:480 -msgid "Behaviour" -msgstr "Comportamento" - -#: usr/local/www/firewall_shaper_layer7.php:558 #: usr/local/www/interfaces_groups_edit.php:315 #: usr/local/www/firewall_aliases_edit.php:680 #: usr/local/www/interfaces_qinq_edit.php:387 @@ -8296,7 +8198,6 @@ msgstr "Comportamento" #: usr/local/www/system_certmanager.php:818 #: usr/local/www/services_dhcpv6.php:811 #: usr/local/www/interfaces_qinq_edit.php:391 -#: usr/local/www/firewall_shaper_layer7.php:555 #: usr/local/www/services_router_advertisements.php:353 #: usr/local/www/services_dhcp.php:1123 #: usr/local/www/system_certmanager.php:820 @@ -16377,22 +16278,6 @@ msgstr "Você não pode selecionar uma fila e uma interface virtual para Entrada msgid "ID must be an integer" msgstr "ID deve ser um inteiro" -#: usr/local/www/firewall_rules_edit.php:428 -#: usr/local/www/firewall_rules_edit.php:460 -#: usr/local/www/firewall_rules_edit.php:461 -#: usr/local/www/firewall_rules_edit.php:464 -#: usr/local/www/firewall_rules_edit.php:470 -msgid "You can only select a layer7 container for TCP and/or UDP protocols" -msgstr "Você somente pode selecionar um conteiner layer7 para TCP e/ou protocolos UDP" - -#: usr/local/www/firewall_rules_edit.php:430 -#: usr/local/www/firewall_rules_edit.php:462 -#: usr/local/www/firewall_rules_edit.php:463 -#: usr/local/www/firewall_rules_edit.php:466 -#: usr/local/www/firewall_rules_edit.php:472 -msgid "You can only select a layer7 container for Pass type rules." -msgstr "Você somente pode selecionar um conteiner layer7 para regras de tipo Liberação." - #: usr/local/www/firewall_rules_edit.php:443 #: usr/local/www/firewall_rules_edit.php:475 #: usr/local/www/firewall_rules_edit.php:476 @@ -17095,15 +16980,6 @@ msgstr "Reconhecimento/Fila" msgid "Choose the Acknowledge Queue only if you have selected Queue." msgstr "Escolha a Fila de Acordo somente se você selecionou Fila." -#: usr/local/www/firewall_rules_edit.php:1466 -#: usr/local/www/firewall_rules_edit.php:1537 -#: usr/local/www/firewall_rules_edit.php:1552 -#: usr/local/www/firewall_rules_edit.php:1560 -#: usr/local/www/firewall_rules_edit.php:1571 -#: usr/local/www/firewall_rules_edit.php:1619 -msgid "Choose a Layer7 container to apply application protocol inspection rules. These are valid for TCP and UDP protocols only." -msgstr "Escolha o contâiner Layer7 para aplicar regras de inspeção de protocolo de aplicação. Essas são válidas somente para protocolos TCP e UDP." - #: usr/local/www/firewall_schedule.php:50 #: usr/local/www/firewall_schedule_edit.php:61 usr/local/www/fbegin.inc:113 #: usr/local/www/system_advanced_misc.php:380 usr/local/www/fbegin.inc:130 @@ -22183,7 +22059,6 @@ msgstr "MB/s" msgid "GB/s" msgstr "BG/s" -#: usr/local/www/diag_patterns.php:43 #: usr/local/www/services_captiveportal_filemanager.php:195 #: usr/local/www/exec.php:290 usr/local/www/exec.php:300 #: usr/local/www/exec.php:292 usr/local/www/exec.php:302 @@ -22191,30 +22066,6 @@ msgstr "BG/s" msgid "Upload" msgstr "Carregar" -#: usr/local/www/diag_patterns.php:46 -msgid "Uploaded file to" -msgstr "Arquivo carregado em" - -#: usr/local/www/diag_patterns.php:49 -msgid "Warning: You must upload a file with .pat extension." -msgstr "Atenção: Você deve fazer o carregamento de um arquivo com extensão .pat." - -#: usr/local/www/diag_patterns.php:58 -msgid "Add layer7 pattern" -msgstr "Adicionar amostra de camada 7" - -#: usr/local/www/diag_patterns.php:69 -msgid "Upload layer7 pattern file" -msgstr "Upload de arquivo padrão Layer7" - -#: usr/local/www/diag_patterns.php:72 -msgid "File to upload:" -msgstr "Arquivo para carregar:" - -#: usr/local/www/diag_patterns.php:80 usr/local/www/diag_patterns.php:43 -msgid "Upload Pattern file" -msgstr "Enviar arquivo de padrões" - #: usr/local/www/vpn_ipsec_keys.php:64 msgid "Deleted IPsec Pre-Shared Key" msgstr "Chave pré-compartilhada IPsec apagada" diff --git a/src/usr/local/share/locale/tr/LC_MESSAGES/pfSense.po b/src/usr/local/share/locale/tr/LC_MESSAGES/pfSense.po index a11fe8f..fe8f676 100644 --- a/src/usr/local/share/locale/tr/LC_MESSAGES/pfSense.po +++ b/src/usr/local/share/locale/tr/LC_MESSAGES/pfSense.po @@ -845,10 +845,6 @@ msgstr "Fiitre kuralları oluşturuluyor" msgid "Generating ALTQ queues" msgstr "ALTQ kuyrukları oluşturuluyor" -#: etc/inc/filter.inc:261 -msgid "Generating Layer7 rules" -msgstr "Layer7 kuralları oluşturuluyor" - #: etc/inc/filter.inc:265 msgid "Loading filter rules" msgstr "Filtreleme kuralları yükleniyor" @@ -903,10 +899,6 @@ msgstr "PF sıkışmış/meşgul oldu ve tekrar başlatılıyor." msgid "There were error(s) loading the rules: %1$s - %2$s" msgstr "Kurallar yüklenirken hata(lar) vardı: %1$s - %2$s" -#: etc/inc/filter.inc:388 -msgid "Starting up layer7 daemon" -msgstr "layer7 servisi başlatılıyor" - #: etc/inc/filter.inc:447 msgid "Processing down interface states" msgstr "Kapalı arabirim durumları işleniyor" @@ -2619,15 +2611,6 @@ msgstr "WebCfg - Güvenlik Duvarı: Trafik Şekillendirici sayfası" msgid "Allow access to the 'Firewall: Traffic Shaper' page." msgstr "'Güvenlik Duvarı: Trafik Şekillendirici' sayfasını erişime açar." -#: etc/inc/priv.defs.inc:414 -msgid "WebCfg - Firewall: Traffic Shaper: Layer7 page" -msgstr "WebCfg - Güvenlik Duvarı: Trafik Şekillendirici: Layer7 sayfası" - -#: etc/inc/priv.defs.inc:415 -msgid "Allow access to the 'Firewall: Traffic Shaper: Layer7' page." -msgstr "" -"'Güvenlik Duvarı: Trafik Şekillendirici: Layer7' sayfasını erişime açar." - #: etc/inc/priv.defs.inc:420 msgid "WebCfg - Firewall: Traffic Shaper: Queues page" msgstr "WebCfg - Güvenlik Duvarı: Trafik Şekillendirici: Kuyruklar sayfası" @@ -5041,10 +5024,6 @@ msgstr "" msgid "slots" msgstr "yuvalar" -#: etc/inc/shaper.inc:3885 -msgid "Enable/Disable layer7 Container" -msgstr "Layer7 Barındırıcı Etkinleştir/Kapat" - #: etc/inc/shaper.inc:4150 #, php-format msgid "Sending HUP signal to %s" @@ -6035,7 +6014,6 @@ msgstr "Tanımlı herhangi bir CARP arabirimi tespit edilememiştir." #: usr/local/www/carp_status.php:199 usr/local/www/diag_packet_capture.php:262 #: usr/local/www/diag_packet_capture.php:348 -#: usr/local/www/firewall_shaper_layer7.php:66 #: usr/local/www/interfaces_wireless.php:137 usr/local/www/pkg_edit.php:936 #: usr/local/www/services_ntpd_pps.php:138 usr/local/www/status_graph.php:338 #: usr/local/www/status_graph_cpu.php:54 usr/local/www/status_queues.php:187 @@ -6050,7 +6028,6 @@ msgid "You can configure high availability sync settings" msgstr "Yüksek erişilebilirlik senkronize ayarlarını yapılandırabilirsiniz" #: usr/local/www/carp_status.php:201 -#: usr/local/www/firewall_shaper_layer7.php:67 #: usr/local/www/firewall_virtual_ip.php:308 usr/local/www/interfaces.php:3490 #: usr/local/www/interfaces.php:3499 usr/local/www/status_queues.php:189 msgid "here" @@ -6115,7 +6092,7 @@ msgstr "- Hata raporunu temizle ve anasayfaya geri dön" #: usr/local/www/diag_dump_states_sources.php:66 #: usr/local/www/diag_gmirror.php:46 usr/local/www/diag_nanobsd.php:50 #: usr/local/www/diag_ndp.php:107 usr/local/www/diag_packet_capture.php:88 -#: usr/local/www/diag_patterns.php:63 usr/local/www/diag_ping.php:47 +#: usr/local/www/diag_ping.php:47 #: usr/local/www/diag_resetstate.php:65 usr/local/www/diag_routes.php:71 #: usr/local/www/diag_smart.php:18 usr/local/www/diag_sockets.php:45 #: usr/local/www/diag_states_summary.php:187 usr/local/www/diag_tables.php:45 @@ -6520,7 +6497,6 @@ msgstr "SNMP Sunucu" #: usr/local/www/diag_backup.php:201 usr/local/www/fbegin.inc:132 #: usr/local/www/firewall_shaper.php:55 -#: usr/local/www/firewall_shaper_layer7.php:60 #: usr/local/www/firewall_shaper_vinterface.php:54 #: usr/local/www/firewall_shaper_wizards.php:74 msgid "Traffic Shaper" @@ -6912,7 +6888,6 @@ msgstr "" #: usr/local/www/firewall_rules_edit.php:1738 #: usr/local/www/firewall_schedule_edit.php:1168 #: usr/local/www/firewall_shaper.php:351 -#: usr/local/www/firewall_shaper_layer7.php:566 #: usr/local/www/firewall_shaper_vinterface.php:319 #: usr/local/www/firewall_virtual_ip_edit.php:509 #: usr/local/www/interfaces.php:3379 usr/local/www/interfaces_assign.php:553 @@ -7827,7 +7802,6 @@ msgstr "Hedef" #: usr/local/www/firewall_nat_out_edit.php:146 #: usr/local/www/firewall_nat_out_edit.php:513 #: usr/local/www/firewall_rules_edit.php:988 -#: usr/local/www/firewall_shaper_layer7.php:467 #: usr/local/www/interfaces_bridge_edit.php:310 #: usr/local/www/load_balancer_relay_action_edit.php:121 #: usr/local/www/load_balancer_relay_action_edit.php:425 @@ -7947,7 +7921,6 @@ msgstr "Genel" #: usr/local/www/firewall_schedule.php:51 #: usr/local/www/firewall_schedule_edit.php:62 #: usr/local/www/firewall_shaper.php:55 -#: usr/local/www/firewall_shaper_layer7.php:60 #: usr/local/www/firewall_shaper_vinterface.php:54 #: usr/local/www/firewall_shaper_wizards.php:74 #: usr/local/www/firewall_virtual_ip.php:203 @@ -9167,35 +9140,6 @@ msgstr "Paket Yakalama durdu." msgid "Packets Captured:" msgstr "Yakalanan Paket Sayısı:" -#: usr/local/www/diag_patterns.php:43 usr/local/www/diag_patterns.php:85 -msgid "Upload Pattern file" -msgstr "Desen dosyası yükle" - -#: usr/local/www/diag_patterns.php:49 -#, php-format -msgid "Added custom l7 pattern %s" -msgstr "" - -#: usr/local/www/diag_patterns.php:51 -msgid "Uploaded file to" -msgstr "Yüklenen dosyanın konumu" - -#: usr/local/www/diag_patterns.php:54 -msgid "Warning: You must upload a file with .pat extension." -msgstr "Uyarı: Yüklenecek dosya .pat uzantısında olmalıdır." - -#: usr/local/www/diag_patterns.php:63 -msgid "Add layer7 pattern" -msgstr "Layer7 deseni ekle" - -#: usr/local/www/diag_patterns.php:74 -msgid "Upload layer7 pattern file" -msgstr "Layer7 desen dosyası yükle" - -#: usr/local/www/diag_patterns.php:77 -msgid "File to upload:" -msgstr "Yüklenecek dosya:" - #: usr/local/www/diag_pf_info.php:101 msgid "Gathering PF information, please wait..." msgstr "PF bilgisi toplanıyor, lütfen bekleyiniz..." @@ -9631,7 +9575,6 @@ msgid "entries in this table." msgstr "girdileri sil." #: usr/local/www/diag_tables.php:169 -#: usr/local/www/firewall_shaper_layer7.php:572 #: usr/local/www/services_dhcpv6.php:809 #: usr/local/www/system_firmware_restorefullbackup.php:164 msgid "Delete" @@ -10272,7 +10215,6 @@ msgstr "Grup listesi değiştirildi." #: usr/local/www/firewall_nat_npt.php:90 #: usr/local/www/firewall_nat_out.php:226 #: usr/local/www/firewall_shaper.php:406 -#: usr/local/www/firewall_shaper_layer7.php:402 #: usr/local/www/firewall_shaper_queues.php:189 #: usr/local/www/firewall_shaper_vinterface.php:386 #: usr/local/www/firewall_shaper_wizards.php:97 @@ -10694,7 +10636,6 @@ msgid "remove this entry" msgstr "bu girdiyi sil" #: usr/local/www/firewall_aliases_edit.php:843 -#: usr/local/www/firewall_shaper_layer7.php:556 #: usr/local/www/interfaces_groups_edit.php:322 #: usr/local/www/interfaces_qinq_edit.php:390 #: usr/local/www/services_dhcp.php:1197 usr/local/www/services_dhcpv6.php:817 @@ -10717,7 +10658,6 @@ msgstr "başka giriş ekle" #: usr/local/www/firewall_rules_edit.php:1262 #: usr/local/www/firewall_rules_edit.php:1739 #: usr/local/www/firewall_schedule_edit.php:1169 -#: usr/local/www/firewall_shaper_layer7.php:569 #: usr/local/www/firewall_virtual_ip_edit.php:510 #: usr/local/www/interfaces.php:1856 usr/local/www/interfaces.php:1962 #: usr/local/www/interfaces.php:3380 @@ -12436,14 +12376,6 @@ msgstr "" msgid "ID must be an integer" msgstr "Kimlik değeri tamsayı olmalıdır" -#: usr/local/www/firewall_rules_edit.php:526 -msgid "You can only select a layer7 container for TCP and/or UDP protocols" -msgstr "Sadece TCP ve UDP protokolleri için layer7 barındırıcı seçilebilir" - -#: usr/local/www/firewall_rules_edit.php:528 -msgid "You can only select a layer7 container for Pass type rules." -msgstr "Sadece İzin türü kurallar için layer7 barındırıcı seçilebilir." - #: usr/local/www/firewall_rules_edit.php:533 msgid "" "You can only specify the maximum number of established connections per host " @@ -12987,24 +12919,6 @@ msgstr "Alındılama kuyruğu/Kuyruk" msgid "Choose the Acknowledge Queue only if you have selected Queue." msgstr "Sadece Kuyruk seçtiyseniz Alındılama Kuyruğu'nu seçin." -#: usr/local/www/firewall_rules_edit.php:1673 -#: usr/local/www/firewall_shaper.php:415 -#: usr/local/www/firewall_shaper_layer7.php:60 -#: usr/local/www/firewall_shaper_layer7.php:411 -#: usr/local/www/firewall_shaper_queues.php:198 -#: usr/local/www/firewall_shaper_vinterface.php:395 -#: usr/local/www/firewall_shaper_wizards.php:106 -msgid "Layer7" -msgstr "Layer7" - -#: usr/local/www/firewall_rules_edit.php:1696 -msgid "" -"Choose a Layer7 container to apply application protocol inspection rules. " -"These are valid for TCP and UDP protocols only." -msgstr "" -"Uygulama protokolü inceleme kurallarını uygulamak için Layer7 barındırıcı " -"seçiniz. Bu seçenekler sadece TCP ve UDP protokolleri için geçerlidir." - #: usr/local/www/firewall_schedule.php:78 #, php-format msgid "Cannot delete Schedule. Currently in use by %s" @@ -13222,7 +13136,6 @@ msgid "The traffic shaper configuration has been changed." msgstr "Trafik şekillendirici yapılandırması değiştirildi." #: usr/local/www/firewall_shaper.php:412 -#: usr/local/www/firewall_shaper_layer7.php:408 #: usr/local/www/firewall_shaper_queues.php:195 #: usr/local/www/firewall_shaper_vinterface.php:392 #: usr/local/www/firewall_shaper_wizards.php:103 @@ -13230,7 +13143,6 @@ msgid "By Interface" msgstr "Arabirime Göre" #: usr/local/www/firewall_shaper.php:413 -#: usr/local/www/firewall_shaper_layer7.php:409 #: usr/local/www/firewall_shaper_queues.php:196 #: usr/local/www/firewall_shaper_vinterface.php:393 #: usr/local/www/firewall_shaper_wizards.php:104 @@ -13238,7 +13150,6 @@ msgid "By Queue" msgstr "Kuyruğa Göre" #: usr/local/www/firewall_shaper.php:414 -#: usr/local/www/firewall_shaper_layer7.php:410 #: usr/local/www/firewall_shaper_queues.php:197 #: usr/local/www/firewall_shaper_vinterface.php:54 #: usr/local/www/firewall_shaper_vinterface.php:394 @@ -13247,7 +13158,6 @@ msgid "Limiter" msgstr "Limitleyici" #: usr/local/www/firewall_shaper.php:416 -#: usr/local/www/firewall_shaper_layer7.php:412 #: usr/local/www/firewall_shaper_queues.php:199 #: usr/local/www/firewall_shaper_vinterface.php:396 #: usr/local/www/firewall_shaper_wizards.php:74 @@ -13262,43 +13172,10 @@ msgstr "Sihirbazlar" msgid "Remove Shaper" msgstr "Şekillendiriciyi Kaldır" -#: usr/local/www/firewall_shaper_layer7.php:67 -msgid "You can add new layer7 protocol patterns by simply uploading the file" -msgstr "Dosyayı yükleyerek yeni layer7 protokol örüntüleri ekleyebilirsiniz" - -#: usr/local/www/firewall_shaper_layer7.php:112 -msgid "Layer7 Rules Container not found!" -msgstr "Layer7 Kural Barındırıcısı bulunamadı!" - -#: usr/local/www/firewall_shaper_layer7.php:162 -msgid "Found the following repeated protocol definitions" -msgstr "Şu tekrarlanan protokol tanımları tespit edildi" - -#: usr/local/www/firewall_shaper_layer7.php:402 #: usr/local/www/firewall_shaper_queues.php:189 msgid "The traffic shaper configuration has been changed" msgstr "Trafik şekillendirme yapılandırması değiştirildi" -#: usr/local/www/firewall_shaper_layer7.php:433 -msgid "Create new l7 rules group" -msgstr "Yeni Layer7 kural grubu oluştur" - -#: usr/local/www/firewall_shaper_layer7.php:446 -msgid "Rule(s)" -msgstr "Kural(lar)" - -#: usr/local/www/firewall_shaper_layer7.php:458 -msgid "Add one or more rules" -msgstr "Bir yada daha fazla kural ekle" - -#: usr/local/www/firewall_shaper_layer7.php:474 -msgid "Structure" -msgstr "Yapı" - -#: usr/local/www/firewall_shaper_layer7.php:481 -msgid "Behaviour" -msgstr "Davranış" - #: usr/local/www/firewall_shaper_queues.php:173 msgid "Firewall: Shaper: By Queues View" msgstr "Güvenlik Duvarı: Şekillendirici: Kuyruk Görünümü" diff --git a/src/usr/local/share/protocols/100bao.pat b/src/usr/local/share/protocols/100bao.pat deleted file mode 100644 index a03a891..0000000 --- a/src/usr/local/share/protocols/100bao.pat +++ /dev/null @@ -1,12 +0,0 @@ -# 100bao - a Chinese P2P protocol/program - http://www.100bao.com -# Pattern attributes: ok veryfast fast -# Protocol groups: p2p -# Wiki: http://www.protocolinfo.org/wiki/100Bao -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Pattern written by www.routerclub.com's wsgtrsys. -# The author of this pattern says it works, but this is unconfirmed. - -100bao -^\x01\x01\x05\x0a - diff --git a/src/usr/local/share/protocols/EAOrigin.pat b/src/usr/local/share/protocols/EAOrigin.pat deleted file mode 100644 index 391be72..0000000 --- a/src/usr/local/share/protocols/EAOrigin.pat +++ /dev/null @@ -1,7 +0,0 @@ -# Origin powered by EA -# zip? - Main Downloads for Games/Patches/Updates -# User-Agents - Browsing the EA store. - -User-Agent: Mozilla/5.0 (Windows NT 6.0; WOW64) AppleWebKit/534.34 (KHTML, like Gecko) Origin/9.2.1.4399 Safari/534.34 EA Download Manager -User-Agent: Mozilla/5.0 EA Download Manager Origin -zip? diff --git a/src/usr/local/share/protocols/LICENSE b/src/usr/local/share/protocols/LICENSE deleted file mode 100644 index 49395f6..0000000 --- a/src/usr/local/share/protocols/LICENSE +++ /dev/null @@ -1,605 +0,0 @@ -You may distribute this software under either the GPLv2 or Creative -Commons Attribution-ShareAlike 2.5. The text of each follows: - -*************************************************************************** - - GNU GENERAL PUBLIC LICENSE - Version 2, June 1991 - - Copyright (C) 1989, 1991 Free Software Foundation, Inc. - 675 Mass Ave, Cambridge, MA 02139, USA - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - Preamble - - The licenses for most software are designed to take away your -freedom to share and change it. By contrast, the GNU General Public -License is intended to guarantee your freedom to share and change free -software--to make sure the software is free for all its users. This -General Public License applies to most of the Free Software -Foundation's software and to any other program whose authors commit to -using it. (Some other Free Software Foundation software is covered by -the GNU Library General Public License instead.) You can apply it to -your programs, too. - - When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -this service if you wish), that you receive source code or can get it -if you want it, that you can change the software or use pieces of it -in new free programs; and that you know you can do these things. - - To protect your rights, we need to make restrictions that forbid -anyone to deny you these rights or to ask you to surrender the rights. -These restrictions translate to certain responsibilities for you if you -distribute copies of the software, or if you modify it. - - For example, if you distribute copies of such a program, whether -gratis or for a fee, you must give the recipients all the rights that -you have. You must make sure that they, too, receive or can get the -source code. And you must show them these terms so they know their -rights. - - We protect your rights with two steps: (1) copyright the software, and -(2) offer you this license which gives you legal permission to copy, -distribute and/or modify the software. - - Also, for each author's protection and ours, we want to make certain -that everyone understands that there is no warranty for this free -software. If the software is modified by someone else and passed on, we -want its recipients to know that what they have is not the original, so -that any problems introduced by others will not reflect on the original -authors' reputations. - - Finally, any free program is threatened constantly by software -patents. We wish to avoid the danger that redistributors of a free -program will individually obtain patent licenses, in effect making the -program proprietary. To prevent this, we have made it clear that any -patent must be licensed for everyone's free use or not licensed at all. - - The precise terms and conditions for copying, distribution and -modification follow. - - GNU GENERAL PUBLIC LICENSE - TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - - 0. This License applies to any program or other work which contains -a notice placed by the copyright holder saying it may be distributed -under the terms of this General Public License. The "Program", below, -refers to any such program or work, and a "work based on the Program" -means either the Program or any derivative work under copyright law: -that is to say, a work containing the Program or a portion of it, -either verbatim or with modifications and/or translated into another -language. (Hereinafter, translation is included without limitation in -the term "modification".) Each licensee is addressed as "you". - -Activities other than copying, distribution and modification are not -covered by this License; they are outside its scope. The act of -running the Program is not restricted, and the output from the Program -is covered only if its contents constitute a work based on the -Program (independent of having been made by running the Program). -Whether that is true depends on what the Program does. - - 1. You may copy and distribute verbatim copies of the Program's -source code as you receive it, in any medium, provided that you -conspicuously and appropriately publish on each copy an appropriate -copyright notice and disclaimer of warranty; keep intact all the -notices that refer to this License and to the absence of any warranty; -and give any other recipients of the Program a copy of this License -along with the Program. - -You may charge a fee for the physical act of transferring a copy, and -you may at your option offer warranty protection in exchange for a fee. - - 2. You may modify your copy or copies of the Program or any portion -of it, thus forming a work based on the Program, and copy and -distribute such modifications or work under the terms of Section 1 -above, provided that you also meet all of these conditions: - - a) You must cause the modified files to carry prominent notices - stating that you changed the files and the date of any change. - - b) You must cause any work that you distribute or publish, that in - whole or in part contains or is derived from the Program or any - part thereof, to be licensed as a whole at no charge to all third - parties under the terms of this License. - - c) If the modified program normally reads commands interactively - when run, you must cause it, when started running for such - interactive use in the most ordinary way, to print or display an - announcement including an appropriate copyright notice and a - notice that there is no warranty (or else, saying that you provide - a warranty) and that users may redistribute the program under - these conditions, and telling the user how to view a copy of this - License. (Exception: if the Program itself is interactive but - does not normally print such an announcement, your work based on - the Program is not required to print an announcement.) - -These requirements apply to the modified work as a whole. If -identifiable sections of that work are not derived from the Program, -and can be reasonably considered independent and separate works in -themselves, then this License, and its terms, do not apply to those -sections when you distribute them as separate works. But when you -distribute the same sections as part of a whole which is a work based -on the Program, the distribution of the whole must be on the terms of -this License, whose permissions for other licensees extend to the -entire whole, and thus to each and every part regardless of who wrote it. - -Thus, it is not the intent of this section to claim rights or contest -your rights to work written entirely by you; rather, the intent is to -exercise the right to control the distribution of derivative or -collective works based on the Program. - -In addition, mere aggregation of another work not based on the Program -with the Program (or with a work based on the Program) on a volume of -a storage or distribution medium does not bring the other work under -the scope of this License. - - 3. You may copy and distribute the Program (or a work based on it, -under Section 2) in object code or executable form under the terms of -Sections 1 and 2 above provided that you also do one of the following: - - a) Accompany it with the complete corresponding machine-readable - source code, which must be distributed under the terms of Sections - 1 and 2 above on a medium customarily used for software interchange; or, - - b) Accompany it with a written offer, valid for at least three - years, to give any third party, for a charge no more than your - cost of physically performing source distribution, a complete - machine-readable copy of the corresponding source code, to be - distributed under the terms of Sections 1 and 2 above on a medium - customarily used for software interchange; or, - - c) Accompany it with the information you received as to the offer - to distribute corresponding source code. (This alternative is - allowed only for noncommercial distribution and only if you - received the program in object code or executable form with such - an offer, in accord with Subsection b above.) - -The source code for a work means the preferred form of the work for -making modifications to it. For an executable work, complete source -code means all the source code for all modules it contains, plus any -associated interface definition files, plus the scripts used to -control compilation and installation of the executable. However, as a -special exception, the source code distributed need not include -anything that is normally distributed (in either source or binary -form) with the major components (compiler, kernel, and so on) of the -operating system on which the executable runs, unless that component -itself accompanies the executable. - -If distribution of executable or object code is made by offering -access to copy from a designated place, then offering equivalent -access to copy the source code from the same place counts as -distribution of the source code, even though third parties are not -compelled to copy the source along with the object code. - - 4. You may not copy, modify, sublicense, or distribute the Program -except as expressly provided under this License. Any attempt -otherwise to copy, modify, sublicense or distribute the Program is -void, and will automatically terminate your rights under this License. -However, parties who have received copies, or rights, from you under -this License will not have their licenses terminated so long as such -parties remain in full compliance. - - 5. You are not required to accept this License, since you have not -signed it. However, nothing else grants you permission to modify or -distribute the Program or its derivative works. These actions are -prohibited by law if you do not accept this License. Therefore, by -modifying or distributing the Program (or any work based on the -Program), you indicate your acceptance of this License to do so, and -all its terms and conditions for copying, distributing or modifying -the Program or works based on it. - - 6. Each time you redistribute the Program (or any work based on the -Program), the recipient automatically receives a license from the -original licensor to copy, distribute or modify the Program subject to -these terms and conditions. You may not impose any further -restrictions on the recipients' exercise of the rights granted herein. -You are not responsible for enforcing compliance by third parties to -this License. - - 7. If, as a consequence of a court judgment or allegation of patent -infringement or for any other reason (not limited to patent issues), -conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot -distribute so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you -may not distribute the Program at all. For example, if a patent -license would not permit royalty-free redistribution of the Program by -all those who receive copies directly or indirectly through you, then -the only way you could satisfy both it and this License would be to -refrain entirely from distribution of the Program. - -If any portion of this section is held invalid or unenforceable under -any particular circumstance, the balance of the section is intended to -apply and the section as a whole is intended to apply in other -circumstances. - -It is not the purpose of this section to induce you to infringe any -patents or other property right claims or to contest validity of any -such claims; this section has the sole purpose of protecting the -integrity of the free software distribution system, which is -implemented by public license practices. Many people have made -generous contributions to the wide range of software distributed -through that system in reliance on consistent application of that -system; it is up to the author/donor to decide if he or she is willing -to distribute software through any other system and a licensee cannot -impose that choice. - -This section is intended to make thoroughly clear what is believed to -be a consequence of the rest of this License. - - 8. If the distribution and/or use of the Program is restricted in -certain countries either by patents or by copyrighted interfaces, the -original copyright holder who places the Program under this License -may add an explicit geographical distribution limitation excluding -those countries, so that distribution is permitted only in or among -countries not thus excluded. In such case, this License incorporates -the limitation as if written in the body of this License. - - 9. The Free Software Foundation may publish revised and/or new versions -of the General Public License from time to time. Such new versions will -be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - -Each version is given a distinguishing version number. If the Program -specifies a version number of this License which applies to it and "any -later version", you have the option of following the terms and conditions -either of that version or of any later version published by the Free -Software Foundation. If the Program does not specify a version number of -this License, you may choose any version ever published by the Free Software -Foundation. - - 10. If you wish to incorporate parts of the Program into other free -programs whose distribution conditions are different, write to the author -to ask for permission. For software which is copyrighted by the Free -Software Foundation, write to the Free Software Foundation; we sometimes -make exceptions for this. Our decision will be guided by the two goals -of preserving the free status of all derivatives of our free software and -of promoting the sharing and reuse of software generally. - - NO WARRANTY - - 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY -FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN -OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES -PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED -OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS -TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE -PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, -REPAIR OR CORRECTION. - - 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR -REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, -INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING -OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED -TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER -PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE -POSSIBILITY OF SUCH DAMAGES. - - END OF TERMS AND CONDITIONS - - Appendix: How to Apply These Terms to Your New Programs - - If you develop a new program, and you want it to be of the greatest -possible use to the public, the best way to achieve this is to make it -free software which everyone can redistribute and change under these terms. - - To do so, attach the following notices to the program. It is safest -to attach them to the start of each source file to most effectively -convey the exclusion of warranty; and each file should have at least -the "copyright" line and a pointer to where the full notice is found. - - - Copyright (C) 19yy - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - -Also add information on how to contact you by electronic and paper mail. - -If the program is interactive, make it output a short notice like this -when it starts in an interactive mode: - - Gnomovision version 69, Copyright (C) 19yy name of author - Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. - This is free software, and you are welcome to redistribute it - under certain conditions; type `show c' for details. - -The hypothetical commands `show w' and `show c' should show the appropriate -parts of the General Public License. Of course, the commands you use may -be called something other than `show w' and `show c'; they could even be -mouse-clicks or menu items--whatever suits your program. - -You should also get your employer (if you work as a programmer) or your -school, if any, to sign a "copyright disclaimer" for the program, if -necessary. Here is a sample; alter the names: - - Yoyodyne, Inc., hereby disclaims all copyright interest in the program - `Gnomovision' (which makes passes at compilers) written by James Hacker. - - , 1 April 1989 - Ty Coon, President of Vice - -This General Public License does not permit incorporating your program into -proprietary programs. If your program is a subroutine library, you may -consider it more useful to permit linking proprietary applications with the -library. If this is what you want to do, use the GNU Library General -Public License instead of this License. - -*************************************************************************** - - Creative Commons Legal Code - Attribution-ShareAlike 2.5 - - CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE - LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN - ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS - INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES - REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR - DAMAGES RESULTING FROM ITS USE. - - License - - THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS - CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS - PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE - WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS - PROHIBITED. - - BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND - AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. THE LICENSOR GRANTS - YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF - SUCH TERMS AND CONDITIONS. - - 1. Definitions - a. "Collective Work" means a work, such as a periodical issue, - anthology or encyclopedia, in which the Work in its entirety in - unmodified form, along with a number of other contributions, - constituting separate and independent works in themselves, are - assembled into a collective whole. A work that constitutes a - Collective Work will not be considered a Derivative Work (as - defined below) for the purposes of this License. - b. "Derivative Work" means a work based upon the Work or upon the - Work and other pre-existing works, such as a translation, musical - arrangement, dramatization, fictionalization, motion picture - version, sound recording, art reproduction, abridgment, - condensation, or any other form in which the Work may be recast, - transformed, or adapted, except that a work that constitutes a - Collective Work will not be considered a Derivative Work for the - purpose of this License. For the avoidance of doubt, where the - Work is a musical composition or sound recording, the - synchronization of the Work in timed-relation with a moving image - ("synching") will be considered a Derivative Work for the purpose - of this License. - c. "Licensor" means the individual or entity that offers the Work - under the terms of this License. - d. "Original Author" means the individual or entity who created the - Work. - e. "Work" means the copyrightable work of authorship offered under - the terms of this License. - f. "You" means an individual or entity exercising rights under this - License who has not previously violated the terms of this License - with respect to the Work, or who has received express permission - from the Licensor to exercise rights under this License despite a - previous violation. - g. "License Elements" means the following high-level license - attributes as selected by Licensor and indicated in the title of - this License: Attribution, ShareAlike. - - 2. Fair Use Rights. Nothing in this license is intended to reduce, - limit, or restrict any rights arising from fair use, first sale or - other limitations on the exclusive rights of the copyright owner under - copyright law or other applicable laws. - - 3. License Grant. Subject to the terms and conditions of this License, - Licensor hereby grants You a worldwide, royalty-free, non-exclusive, - perpetual (for the duration of the applicable copyright) license to - exercise the rights in the Work as stated below: - a. to reproduce the Work, to incorporate the Work into one or more - Collective Works, and to reproduce the Work as incorporated in the - Collective Works; - b. to create and reproduce Derivative Works; - c. to distribute copies or phonorecords of, display publicly, perform - publicly, and perform publicly by means of a digital audio - transmission the Work including as incorporated in Collective - Works; - d. to distribute copies or phonorecords of, display publicly, perform - publicly, and perform publicly by means of a digital audio - transmission Derivative Works. - e. For the avoidance of doubt, where the work is a musical - composition: - i. Performance Royalties Under Blanket Licenses. Licensor waives - the exclusive right to collect, whether individually or via a - performance rights society (e.g. ASCAP, BMI, SESAC), - royalties for the public performance or public digital - performance (e.g. webcast) of the Work. - ii. Mechanical Rights and Statutory Royalties. Licensor waives - the exclusive right to collect, whether individually or via a - music rights society or designated agent (e.g. Harry Fox - Agency), royalties for any phonorecord You create from the - Work ("cover version") and distribute, subject to the - compulsory license created by 17 USC Section 115 of the US - Copyright Act (or the equivalent in other jurisdictions). - f. Webcasting Rights and Statutory Royalties. For the avoidance of - doubt, where the Work is a sound recording, Licensor waives the - exclusive right to collect, whether individually or via a - performance-rights society (e.g. SoundExchange), royalties for the - public digital performance (e.g. webcast) of the Work, subject to - the compulsory license created by 17 USC Section 114 of the US - Copyright Act (or the equivalent in other jurisdictions). - - The above rights may be exercised in all media and formats whether now - known or hereafter devised. The above rights include the right to make - such modifications as are technically necessary to exercise the rights - in other media and formats. All rights not expressly granted by - Licensor are hereby reserved. - - 4. Restrictions.The license granted in Section 3 above is expressly - made subject to and limited by the following restrictions: - a. You may distribute, publicly display, publicly perform, or - publicly digitally perform the Work only under the terms of this - License, and You must include a copy of, or the Uniform Resource - Identifier for, this License with every copy or phonorecord of the - Work You distribute, publicly display, publicly perform, or - publicly digitally perform. You may not offer or impose any terms - on the Work that alter or restrict the terms of this License or - the recipients' exercise of the rights granted hereunder. You may - not sublicense the Work. You must keep intact all notices that - refer to this License and to the disclaimer of warranties. You may - not distribute, publicly display, publicly perform, or publicly - digitally perform the Work with any technological measures that - control access or use of the Work in a manner inconsistent with - the terms of this License Agreement. The above applies to the Work - as incorporated in a Collective Work, but this does not require - the Collective Work apart from the Work itself to be made subject - to the terms of this License. If You create a Collective Work, - upon notice from any Licensor You must, to the extent practicable, - remove from the Collective Work any credit as required by clause - 4(c), as requested. If You create a Derivative Work, upon notice - from any Licensor You must, to the extent practicable, remove from - the Derivative Work any credit as required by clause 4(c), as - requested. - b. You may distribute, publicly display, publicly perform, or - publicly digitally perform a Derivative Work only under the terms - of this License, a later version of this License with the same - License Elements as this License, or a Creative Commons iCommons - license that contains the same License Elements as this License - (e.g. Attribution-ShareAlike 2.5 Japan). You must include a copy - of, or the Uniform Resource Identifier for, this License or other - license specified in the previous sentence with every copy or - phonorecord of each Derivative Work You distribute, publicly - display, publicly perform, or publicly digitally perform. You may - not offer or impose any terms on the Derivative Works that alter - or restrict the terms of this License or the recipients' exercise - of the rights granted hereunder, and You must keep intact all - notices that refer to this License and to the disclaimer of - warranties. You may not distribute, publicly display, publicly - perform, or publicly digitally perform the Derivative Work with - any technological measures that control access or use of the Work - in a manner inconsistent with the terms of this License Agreement. - The above applies to the Derivative Work as incorporated in a - Collective Work, but this does not require the Collective Work - apart from the Derivative Work itself to be made subject to the - terms of this License. - c. If you distribute, publicly display, publicly perform, or publicly - digitally perform the Work or any Derivative Works or Collective - Works, You must keep intact all copyright notices for the Work and - provide, reasonable to the medium or means You are utilizing: (i) - the name of the Original Author (or pseudonym, if applicable) if - supplied, and/or (ii) if the Original Author and/or Licensor - designate another party or parties (e.g. a sponsor institute, - publishing entity, journal) for attribution in Licensor's - copyright notice, terms of service or by other reasonable means, - the name of such party or parties; the title of the Work if - supplied; to the extent reasonably practicable, the Uniform - Resource Identifier, if any, that Licensor specifies to be - associated with the Work, unless such URI does not refer to the - copyright notice or licensing information for the Work; and in the - case of a Derivative Work, a credit identifying the use of the - Work in the Derivative Work (e.g., "French translation of the Work - by Original Author," or "Screenplay based on original Work by - Original Author"). Such credit may be implemented in any - reasonable manner; provided, however, that in the case of a - Derivative Work or Collective Work, at a minimum such credit will - appear where any other comparable authorship credit appears and in - a manner at least as prominent as such other comparable authorship - credit. - - 5. Representations, Warranties and Disclaimer - - UNLESS OTHERWISE AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS - THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND - CONCERNING THE MATERIALS, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, - INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, - FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF - LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF - ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW - THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY - TO YOU. - - 6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY - APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY - LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR - EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, - EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. - - 7. Termination - a. This License and the rights granted hereunder will terminate - automatically upon any breach by You of the terms of this License. - Individuals or entities who have received Derivative Works or - Collective Works from You under this License, however, will not - have their licenses terminated provided such individuals or - entities remain in full compliance with those licenses. Sections - 1, 2, 5, 6, 7, and 8 will survive any termination of this License. - b. Subject to the above terms and conditions, the license granted - here is perpetual (for the duration of the applicable copyright in - the Work). Notwithstanding the above, Licensor reserves the right - to release the Work under different license terms or to stop - distributing the Work at any time; provided, however that any such - election will not serve to withdraw this License (or any other - license that has been, or is required to be, granted under the - terms of this License), and this License will continue in full - force and effect unless terminated as stated above. - - 8. Miscellaneous - a. Each time You distribute or publicly digitally perform the Work or - a Collective Work, the Licensor offers to the recipient a license - to the Work on the same terms and conditions as the license - granted to You under this License. - b. Each time You distribute or publicly digitally perform a - Derivative Work, Licensor offers to the recipient a license to the - original Work on the same terms and conditions as the license - granted to You under this License. - c. If any provision of this License is invalid or unenforceable under - applicable law, it shall not affect the validity or enforceability - of the remainder of the terms of this License, and without further - action by the parties to this agreement, such provision shall be - reformed to the minimum extent necessary to make such provision - valid and enforceable. - d. No term or provision of this License shall be deemed waived and no - breach consented to unless such waiver or consent shall be in - writing and signed by the party to be charged with such waiver or - consent. - e. This License constitutes the entire agreement between the parties - with respect to the Work licensed here. There are no - understandings, agreements or representations with respect to the - Work not specified here. Licensor shall not be bound by any - additional provisions that may appear in any communication from - You. This License may not be modified without the mutual written - agreement of the Licensor and You. - - Creative Commons is not a party to this License, and makes no warranty - whatsoever in connection with the Work. Creative Commons will not be - liable to You or any party on any legal theory for any damages - whatsoever, including without limitation any general, special, - incidental or consequential damages arising in connection to this - license. Notwithstanding the foregoing two (2) sentences, if Creative - Commons has expressly identified itself as the Licensor hereunder, it - shall have all rights and obligations of Licensor. - - Except for the limited purpose of indicating to the public that the - Work is licensed under the CCPL, neither party will use the trademark - "Creative Commons" or any related trademark or logo of Creative - Commons without the prior written consent of Creative Commons. Any - permitted use will be in compliance with Creative Commons' - then-current trademark usage guidelines, as may be published on its - website or otherwise made available upon request from time to time. - - Creative Commons may be contacted at http://creativecommons.org/. diff --git a/src/usr/local/share/protocols/aim.pat b/src/usr/local/share/protocols/aim.pat deleted file mode 100644 index 5c43930..0000000 --- a/src/usr/local/share/protocols/aim.pat +++ /dev/null @@ -1,28 +0,0 @@ -# AIM - AOL instant messenger (OSCAR and TOC) -# Pattern attributes: good slow notsofast -# Protocol groups: chat proprietary -# Wiki: http://www.protocolinfo.org/wiki/AIM -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Usually runs on port 5190 -# -# This may also match ICQ traffic. -# -# This pattern has been tested and is believed to work well. - -aim -# See http://gridley.res.carleton.edu/~straitm/final (and various other places) -# The first bit matches OSCAR signon and data commands, but not sure what -# \x03\x0b matches, but it works apparently. -# The next three bits match various parts of the TOC signon process. -# The third one is the magic number "*", then 0x01 for "signon", then up to four -# bytes ("up to" because l7-filter strips out nulls) which contain a sequence -# number (2 bytes) the data length (2 more) and 3 nulls (which don't count), -# then 0x01 for the version number (not sure if there ever has been another -# version) -# The fourth one is a command string, followed by some stuff, then the -# beginning of the "roasted" password - -# This pattern is too slow! - -^(\*[\x01\x02].*\x03\x0b|\*\x01.?.?.?.?\x01)|flapon|toc_signon.*0x diff --git a/src/usr/local/share/protocols/aimwebcontent.pat b/src/usr/local/share/protocols/aimwebcontent.pat deleted file mode 100644 index bc9a22d..0000000 --- a/src/usr/local/share/protocols/aimwebcontent.pat +++ /dev/null @@ -1,10 +0,0 @@ -# AIM web content - ads/news content downloaded by AOL Instant Messenger -# Pattern attributes: good notsofast notsofast -# Protocol groups: chat document_retrieval proprietary -# Wiki: http://www.protocolinfo.org/wiki/AIM -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern has been tested and is believed to work well. - -aimwebcontent -user-agent:aim/ diff --git a/src/usr/local/share/protocols/any.pat b/src/usr/local/share/protocols/any.pat deleted file mode 100644 index 56d8134..0000000 --- a/src/usr/local/share/protocols/any.pat +++ /dev/null @@ -1,8 +0,0 @@ -# Unknown - Dummy pattern for old unmatched connections. - -unknown -# This pattern is ignored by the kernel. It sees that the "protocol" is -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# "unknown" and always returns unmatched for connections that are still -# being tested. -. diff --git a/src/usr/local/share/protocols/applejuice.pat b/src/usr/local/share/protocols/applejuice.pat deleted file mode 100644 index eb552dc..0000000 --- a/src/usr/local/share/protocols/applejuice.pat +++ /dev/null @@ -1,12 +0,0 @@ -# Apple Juice - P2P filesharing - http://www.applejuicenet.de -# Pattern attributes: great veryfast fast -# Protocol groups: p2p -# Wiki: http://www.protocolinfo.org/wiki/AppleJuice -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern has been tested with the Linux version (version -# 0,29,142,229). It matches search reqests and file transfers. - -applejuice -# this pattern extracted from ipp2p, by Eicke Friedrich. -^ajprot\x0d\x0a diff --git a/src/usr/local/share/protocols/ares.pat b/src/usr/local/share/protocols/ares.pat deleted file mode 100644 index 32dc70d..0000000 --- a/src/usr/local/share/protocols/ares.pat +++ /dev/null @@ -1,63 +0,0 @@ -# Ares - P2P filesharing - http://aresgalaxy.sf.net -# Pattern attributes: good veryfast fast undermatch -# Protocol groups: p2p open_source -# Wiki: http://www.protocolinfo.org/wiki/Ares -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE - -# This pattern catches only client-server connect messages. This is -# sufficient for blocking, but not for shaping, since it doesn't catch -# the actual file transfers (see below). - -# Original pattern by Brandon Enright - -# This pattern has been tested with Ares 1.8.8.2998. - -ares -# regular expression madness: "[]Z]" means ']' or 'Z'. -^\x03[]Z].?.?\x05$ - -# It appears that the general packet format is: -# - Two byte little endian integer giving the data length -# - One byte packet type -# - data -# -# Login packets (TCP) have the following format: -# - \x03\x00 (the length appears to always be 3) -# - \x5a - The login packet type. -# The source code suggests that for supernodes \x5d is used instead. -# - Three more bytes. I don't know the meaning of these, but for me they -# are always \x06\x06\x05 (in Ares 1.8.8.2998). From the comments in IPP2P, -# it seems that they are not always exactly that, but seem to always end in -# \x05. -# -# Search packets have the following format: -# - Two byte little endian integer giving the data length -# A single two letter word make this \x0a -# The biggest I could get it was \x4f -# - Packet type = \x09 -# - One byte document type: -# - "all" = 00 -# - "audio" = 01 -# - "software" = 03 -# - "video" = 05 -# - "document" = 06 -# - "image" = 07 -# - "other" = 08 -# - \x0f - I don't know what this means, but it is always this for me -# - Two bytes of unknown meaning that change -# - Some number search words: -# - \x14 - I don't know what this means, but it is always this for me -# - One byte length of the first search word -# Between 2 and \x14 in my tests with Ares 1.8.8.2998 -# It ignores single letter words and truncates ones longer than \x14 -# - Two bytes of unknown meaning that change -# - The search word (not null terminated) -# This was all investigated by searching for strings in "all". Searches -# can also be performed in "title" and "author". I'm not going to -# bother to research these because I new realize that searches are done -# on the same TCP connection as the login packets, so there is no need -# to match them separately. -# -# File transfers appear to be encrypted or at least obfuscated. (The -# files themselves, at least, are not transmitted in the clear.) I -# haven't found any patterns. diff --git a/src/usr/local/share/protocols/armagetron.pat b/src/usr/local/share/protocols/armagetron.pat deleted file mode 100644 index a032410..0000000 --- a/src/usr/local/share/protocols/armagetron.pat +++ /dev/null @@ -1,12 +0,0 @@ -# Armagetron Advanced - open source Tron/snake based multiplayer game -# Pattern attributes: good slow notsofast -# Protocol groups: open_source game -# Wiki: http://protocolinfo.org/wiki/Armagetron -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE - -# Contributed to protocolinfo.org, possibly by joda.bot, who says "The -# filter matches the initial transfer of configuration data. Very early -# versions might not transfer the CYCLE_ Settings (before 0.2.5.x)." - -armagetron -YCLC_E|CYEL diff --git a/src/usr/local/share/protocols/audiogalaxy.pat b/src/usr/local/share/protocols/audiogalaxy.pat deleted file mode 100644 index db1999a..0000000 --- a/src/usr/local/share/protocols/audiogalaxy.pat +++ /dev/null @@ -1,19 +0,0 @@ -# Audiogalaxy - (defunct) Peer to Peer filesharing -# Pattern attributes: ok fast fast -# Protocol groups: p2p obsolete -# Wiki: http://protocolinfo.org/wiki/Audiogalaxy -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# http://www.movspclr.co.uk/info/agprotocol.html -# -# This pattern is untested. -# -# To get or provide more information about this protocol and/or pattern: -# http://www.protocolinfo.org/wiki/Audiogalaxy -# http://lists.sourceforge.net/lists/listinfo/l7-filter-developers - -audiogalaxy -# (magic cookie that starts conversations)|(magic cookie that starts -# 0.606W/0.608W client/server conversations and a string that should always -# appear in login messages) -^(\x45\x5f\xd0\xd5|\x45\x5f.*0.60(6|8)W) diff --git a/src/usr/local/share/protocols/battlefield1942.pat b/src/usr/local/share/protocols/battlefield1942.pat deleted file mode 100644 index ed7a7bf..0000000 --- a/src/usr/local/share/protocols/battlefield1942.pat +++ /dev/null @@ -1,14 +0,0 @@ -# Battlefield 1942 - An EA game -# Pattern attributes: ok veryfast fast -# Protocol groups: game proprietary -# Wiki: http://www.protocolinfo.org/wiki/Battlefield_1942 -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Contributed by Myles Uyema -# -# This pattern has only been tested by one person. - -# tested on two original EA battlefield 1942 servers -# matches the first two packets of joining a server -battlefield1942 -^\x01\x11\x10\|\xf8\x02\x10\x40\x06 diff --git a/src/usr/local/share/protocols/battlefield2.pat b/src/usr/local/share/protocols/battlefield2.pat deleted file mode 100644 index e2d8791..0000000 --- a/src/usr/local/share/protocols/battlefield2.pat +++ /dev/null @@ -1,26 +0,0 @@ -# Battlefield 2 - An EA game. -# Pattern attributes: ok slow notsofast -# Protocol groups: game proprietary -# Wiki: http://www.protocolinfo.org/wiki/Battlefield_2 -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern is unconfirmed except implicitly by a comment on protocolinfo. - -battlefield2 -# gameplay|account-login|server browsing/information -# See http://protocolinfo.org/wiki/Battlefield_2 -# Can we put a ^ on the last branch? If so, nosofast --> veryfast - -# 193.85.217.35 on protocolinfo says: -# The first part of the pattern, \x11\x20\x01\xa0\x98\x11, has to be -# modified for different version of Battlefield 2. The gameplay part of -# pattern for BF2 v1.4 is \x11\x20\x01\x30\xb9\x10\x11, and for BF2 -# v1.41 is \x11\x20\x01\x50\xb9\x10\x11 -# -# Rather than put all of those in, I've just gone with "...?" in the -# middle. - -^(\x11\x20\x01...?\x11|\xfe\xfd.?.?.?.?.?.?(\x14\x01\x06|\xff\xff\xff))|[]\x01].?battlefield2 - -# Pattern prior to 193.85.217.35's comment on protocolinfo: -#^(\x11\x20\x01\xa0\x98\x11|\xfe\xfd.?.?.?.?.?.?(\x14\x01\x06|\xff\xff\xff))|[]\x01].?battlefield2 diff --git a/src/usr/local/share/protocols/battlefield2142.pat b/src/usr/local/share/protocols/battlefield2142.pat deleted file mode 100644 index 4c0e42b..0000000 --- a/src/usr/local/share/protocols/battlefield2142.pat +++ /dev/null @@ -1,14 +0,0 @@ -# Battlefield 2142 - An EA game. -# Pattern attributes: ok fast fast -# Protocol groups: proprietary game -# Wiki: http://protocolinfo.org/wiki/Battlefield_2142 -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE - -# Submitted by Telsin. Not confirmed. - -battlefield2142 -# gameplay|account-login|server browsing/information -# Can't put a ^ on the last branch: it fails to match if you do. -# This branch seems to matter very rarely, though -^(\x11\x20\x01\x90\x50\x64\x10|\xfe\xfd.?.?.?\x18|[\x01\\].?battlefield2) - diff --git a/src/usr/local/share/protocols/bgp.pat b/src/usr/local/share/protocols/bgp.pat deleted file mode 100644 index 61e417f..0000000 --- a/src/usr/local/share/protocols/bgp.pat +++ /dev/null @@ -1,19 +0,0 @@ -# BGP - Border Gateway Protocol - RFC 1771 -# Pattern attributes: ok veryfast fast -# Protocol groups: networking ietf_draft_standard -# Wiki: http://www.protocolinfo.org/wiki/BGP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern is UNTESTED. - -bgp -# "After a transport protocol connection is established, the first -# message sent by each side is an OPEN message." -# "If the Type of the message is OPEN, or if the Authentication Code used -# in the OPEN message of the connection is zero, then the Marker must be -# all ones." -# Then the 2 byte length field, then the 1 byte type field (1 = OPEN). -# Then the BGP version: 3 was RFC'd in 1991, 4 was RFC'd in 1995. -# Could keep going, but that should be sufficient. -^\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff..?\x01[\x03\x04] - diff --git a/src/usr/local/share/protocols/biff.pat b/src/usr/local/share/protocols/biff.pat deleted file mode 100644 index 91e8bbf..0000000 --- a/src/usr/local/share/protocols/biff.pat +++ /dev/null @@ -1,16 +0,0 @@ -# Biff - new mail notification -# Pattern attributes: good fast fast undermatch overmatch -# Protocol groups: mail -# Wiki: http://www.protocolinfo.org/wiki/Biff -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Usually runs on port 512 -# -# This pattern is completely untested. - -biff -# This is a rare case where we will specify a $ (end of line), since -# this is the entirety of the communication. -# something that looks like a username, an @, a number. -# won't catch usernames that have strange characters in them. -^[a-z][a-z0-9]+@[1-9][0-9]+$ diff --git a/src/usr/local/share/protocols/bittorrent.pat b/src/usr/local/share/protocols/bittorrent.pat deleted file mode 100644 index c66f867..0000000 --- a/src/usr/local/share/protocols/bittorrent.pat +++ /dev/null @@ -1,25 +0,0 @@ -# Bittorrent - P2P filesharing / publishing tool - http://www.bittorrent.com -# Pattern attributes: good slow notsofast undermatch -# Protocol groups: p2p open_source -# Wiki: http://www.protocolinfo.org/wiki/Bittorrent -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern has been tested and is believed to work well. -# It will, however, not work on bittorrent streams that are encrypted, since -# it's impossible to match (well) encrypted data. - -bittorrent - -# Does not attempt to match the HTTP download of the tracker -# 0x13 is the length of "bittorrent protocol" -# Second two bits match UDP wierdness -# Next bit matches something Azureus does -# Ditto on the next bit. Could also match on "user-agent: azureus", but that's in the next -# packet and perhaps this will match multiple clients. -# bitcomet-specific strings contributed by liangjun. - -# This is not a valid GNU basic regular expression (but that's ok). -^(\x13bittorrent protocol|azver\x01$|get /scrape\?info_hash=|get /announce\?info_hash=|get /client/bitcomet/|GET /data\?fid=)|d1:ad2:id20:|\x08'7P\)[RP] - -# This pattern is "fast", but won't catch as much -#^(\x13bittorrent protocol|azver\x01$|get /scrape\?info_hash=) diff --git a/src/usr/local/share/protocols/chikka.pat b/src/usr/local/share/protocols/chikka.pat deleted file mode 100644 index a97ef28..0000000 --- a/src/usr/local/share/protocols/chikka.pat +++ /dev/null @@ -1,17 +0,0 @@ -# Chikka - SMS service which can be used without phones - http://chikka.com -# Pattern attributes: good fast fast superset -# Protocol groups: proprietary chat -# Wiki: http://www.protocolinfo.org/wiki/Chikka -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE - -# Tested with Chikka Javalite on 14 Jan 2007. -# The login and chat use the same TCP connection. - -# "Kamusta" means "Hello" in Tagalog, apparently, so that will probably -# stay the same. I've only seen v1.2, but I've given it some leeway for -# past and future versions. - -# Chikka uses CIMD as part of the login process, see cimd.pat - -chikka -^CTPv1\.[123] Kamusta.*\x0d\x0a$ diff --git a/src/usr/local/share/protocols/cimd.pat b/src/usr/local/share/protocols/cimd.pat deleted file mode 100644 index f508350..0000000 --- a/src/usr/local/share/protocols/cimd.pat +++ /dev/null @@ -1,19 +0,0 @@ -# Computer Interface to Message Distribution, an SMSC protocol by Nokia -# Pattern attributes: good notsofast notsofast subset -# Protocol groups: proprietary chat -# Wiki: http://www.protocolinfo.org/wiki/CIMD -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE - -# I don't know whether CIMD is ever found by itself in a TCP connection. -# I have only seen it myself as part of the Chikka login process, in -# which the second and third packets (at least) are CIMD. So I am not -# using a '^' at the beginning. -# -# This pretty well explains the pattern: -# http://en.wikipedia.org/w/index.php?title=CIMD&oldid=42707583 -# However, Chikka does NOT terminate the last field with a tab. -# -# Tested with Chikka Javalite on 14 Jan 2007. - -cimd -\x02[0-4][0-9]:[0-9]+.*\x03$ diff --git a/src/usr/local/share/protocols/ciscovpn.pat b/src/usr/local/share/protocols/ciscovpn.pat deleted file mode 100644 index d3dd7a6..0000000 --- a/src/usr/local/share/protocols/ciscovpn.pat +++ /dev/null @@ -1,11 +0,0 @@ -# Cisco VPN - VPN client software to a Cisco VPN server -# Pattern attributes: ok veryfast fast -# Protocol groups: remote_access proprietary -# Wiki: http://www.protocolinfo.org/wiki/Cisco_VPN -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern contributed by Myles Uyema - -ciscovpn -^\x01\xf4\x01\xf4 - diff --git a/src/usr/local/share/protocols/citrix.pat b/src/usr/local/share/protocols/citrix.pat deleted file mode 100644 index fa73ce1..0000000 --- a/src/usr/local/share/protocols/citrix.pat +++ /dev/null @@ -1,12 +0,0 @@ -# Citrix ICA - proprietary remote desktop application - http://citrix.com -# Pattern attributes: marginal notsofast notsofast -# Protocol groups: remote_access proprietary -# Wiki: http://www.protocolinfo.org/wiki/Citrix -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern is UNTESTED. - -# This is based on decode_citrix in dsniff 2.4. - -citrix -\x32\x26\x85\x92\x58 diff --git a/src/usr/local/share/protocols/code_red.pat b/src/usr/local/share/protocols/code_red.pat deleted file mode 100644 index df0beee..0000000 --- a/src/usr/local/share/protocols/code_red.pat +++ /dev/null @@ -1,8 +0,0 @@ -# Code Red - a worm that attacks Microsoft IIS web servers -# Pattern attributes: ok fast notsofast subset -# Protocol groups: worm -# Wiki: http://www.protocolinfo.org/wiki/CodeRed -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE - -code_red -/default\.ida\?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a diff --git a/src/usr/local/share/protocols/counterstrike-source.pat b/src/usr/local/share/protocols/counterstrike-source.pat deleted file mode 100644 index 8ebd627..0000000 --- a/src/usr/local/share/protocols/counterstrike-source.pat +++ /dev/null @@ -1,42 +0,0 @@ -# Counterstrike (using the new "Source" engine) - network game -# Pattern attributes: good veryfast fast -# Protocol groups: game proprietary -# Wiki: http://www.protocolinfo.org/wiki/Counter-Strike -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# By adam.randazzoATgmail.com - -counterstrike-source -^\xff\xff\xff\xff.*cstrikeCounter-Strike - -# These games use Steam, which is developed by Valve Software. -# -# This was based off of the following captured data from ethereal: -# --Source-- -# 0000 00 11 09 2a a8 79 00 13 10 2c 3f d7 08 00 45 20 ...*.y...,?...E -# 0010 00 72 b9 f6 00 00 6b 11 b6 78 18 0e 04 cc c0 a8 .r....k..x...... -# 0020 01 6a 69 87 04 65 00 5e 01 ac ff ff ff ff 49 07 .ji..e.^......I. -# 0030 54 4a 27 73 20 50 6c 61 63 65 20 6f 66 20 50 61 TJ's Place of Pa -# 0040 69 6e 00 64 65 5f 70 69 72 61 6e 65 73 69 00 63 in.de_piranesi.c -# 0050 73 74 72 69 6b 65 00 43 6f 75 6e 74 65 72 2d 53 strike.Counter-S -# 0060 74 72 69 6b 65 3a 20 53 6f 75 72 63 65 00 dc 00 trike: Source... -# 0070 08 10 06 64 77 00 00 31 2e 30 2e 30 2e 31 38 00 ...dw..1.0.0.18. -# 0080 -# -# --1.6-- -# 0000 00 11 09 2a a8 79 00 13 10 2c 3f d7 08 00 45 00 ...*.y...,?...E. -# 0010 00 8e c4 1a 00 00 76 11 b3 85 08 09 02 fa c0 a8 ......v......... -# 0020 01 14 69 91 04 37 00 7a c9 90 ff ff ff ff 6d 38 ..i..7.z......m8 -# 0030 2e 39 2e 32 2e 32 35 30 3a 32 37 30 32 35 00 49 .9.2.250:27025.I -# 0040 50 20 2d 20 43 6c 61 6e 20 73 65 72 76 65 72 00 P - Clan server. -# 0050 64 65 5f 64 75 73 74 32 00 63 73 74 72 69 6b 65 de_dust2.cstrike -# 0060 00 43 6f 75 6e 74 65 72 2d 53 74 72 69 6b 65 00 .Counter-Strike. -# 0070 0a 0c 2f 64 77 00 01 77 77 77 2e 63 6f 75 6e 74 ../dw..www.count -# 0080 65 72 2d 73 74 72 69 6b 65 2e 6e 65 74 00 00 00 er-strike.net... -# 0090 01 00 00 00 00 9e f7 0a 00 01 00 00 ............ - - -# Old pattern. (Adam Randazzo says "CS 1.6 and CS: Source are the -# only two versions that are playable on the Internet since Valve -# disabled the WON system in favor of steam.") -# cs .*dl.www.counter-strike.net diff --git a/src/usr/local/share/protocols/cvs.pat b/src/usr/local/share/protocols/cvs.pat deleted file mode 100644 index fc084d3..0000000 --- a/src/usr/local/share/protocols/cvs.pat +++ /dev/null @@ -1,14 +0,0 @@ -# CVS - Concurrent Versions System -# Pattern attributes: good veryfast fast -# Protocol groups: version_control open_source -# Wiki: http://www.protocolinfo.org/wiki/CVS -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE - -cvs - -# Matches pserver login. AUTH is for actually starting the protocol -# VERIFICATION is for authenticating without starting the protocols -# and GSSAPI is for using security services such as kerberos. -# http://www.loria.fr/~molli/cvs/doc/cvsclient_3.html - -^BEGIN (AUTH|VERIFICATION|GSSAPI) REQUEST\x0a diff --git a/src/usr/local/share/protocols/dayofdefeat-source.pat b/src/usr/local/share/protocols/dayofdefeat-source.pat deleted file mode 100644 index 42b24bb..0000000 --- a/src/usr/local/share/protocols/dayofdefeat-source.pat +++ /dev/null @@ -1,11 +0,0 @@ -# Day of Defeat: Source - game (Half-Life 2 mod) - http://www.valvesoftware.com -# Pattern attributes: good veryfast fast -# Protocol groups: game proprietary -# Wiki: http://www.protocolinfo.org/wiki/Day_of_Defeat:Source -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# By Clayton Macleod - -dayofdefeat-source -^\xff\xff\xff\xff.*dodDay of Defeat - diff --git a/src/usr/local/share/protocols/dazhihui.pat b/src/usr/local/share/protocols/dazhihui.pat deleted file mode 100644 index 032440c..0000000 --- a/src/usr/local/share/protocols/dazhihui.pat +++ /dev/null @@ -1,11 +0,0 @@ -# Dazhihui - stock analysis and trading; Chinese - http://www.gw.com.cn -# Pattern attributes: fast fast ok -# Protocol groups: -# Wiki: http://www.protocolinfo.org/wiki/Dazhihui -# Copyright (C) 2009 Matthew Strait; See ../LICENSE - -# Pattern contributed by liangjun without comment. - -dazhihui -^(longaccoun|qsver2auth|\x35[57]\x30|\+\x10\*) - diff --git a/src/usr/local/share/protocols/dhcp.pat b/src/usr/local/share/protocols/dhcp.pat deleted file mode 100644 index 426480d..0000000 --- a/src/usr/local/share/protocols/dhcp.pat +++ /dev/null @@ -1,36 +0,0 @@ -# DHCP - Dynamic Host Configuration Protocol - RFC 1541 -# Pattern attributes: good veryfast fast -# Protocol groups: networking ietf_draft_standard -# Wiki: http://www.protocolinfo.org/wiki/DHCP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Usually runs on ports 67 (server) and 68 (client) -# -# Also matches BOOTP (Bootstrap Protocol (RFC 951)) in the case that -# the "vendor specific options" are used (these options were made standard -# for DHCP). -# -# This pattern is lightly tested. - -dhcp -^[\x01\x02][\x01- ]\x06.*c\x82sc - -# Let's break that down: -# -# (\x01|\x02) is for BOOTREQUEST or BOOTREPLY -# Is there a demand for doing these separately? The Packeteer does. -# -# [\x01-\x20] is for any of the hardware address types listed at -# (http://www.iana.org/assignments/arp-parameters) and hopefully faster -# ethernets too (100, 1000 and 10000mb) as well (do they share the 10mb -# number?). -# -# \x06 for "hardware address length = 6 bytes". Does anyone use other lengths -# these days? If so, this pattern won't match it as it stands. -# -# .* covers the hops, xid, secs, flags, ciaddr, yiaddr, siaddr, giaddr, -# chaddr, sname and file fields. While this can't really be "any number -# of characters" long, it doesn't seem worth it to count. -# Can we make this more specific by restricting the number of hops or seconds? -# -# 0x63825363 is the "magic cookie" which begins the DHCP options field. diff --git a/src/usr/local/share/protocols/directconnect.pat b/src/usr/local/share/protocols/directconnect.pat deleted file mode 100644 index 13be4a1..0000000 --- a/src/usr/local/share/protocols/directconnect.pat +++ /dev/null @@ -1,14 +0,0 @@ -# Direct Connect - P2P filesharing - http://www.neo-modus.com -# Pattern attributes: good fast fast -# Protocol groups: p2p -# Wiki: http://www.protocolinfo.org/wiki/Direct_Connect -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Direct Connect "hubs" listen on port 411 -# http://www.dcpp.net/wiki/ -# I've verified that this pattern can be used to limit direct connect -# bandwidth using DC:PRO 0.2.3.149R11. - -directconnect -# client-to-client handshake|client-to-hub login, hub speaking|client-to-hub login, client speaking -^(\$mynick |\$lock |\$key ) diff --git a/src/usr/local/share/protocols/dns.pat b/src/usr/local/share/protocols/dns.pat deleted file mode 100644 index c351831..0000000 --- a/src/usr/local/share/protocols/dns.pat +++ /dev/null @@ -1,63 +0,0 @@ -# DNS - Domain Name System - RFC 1035 -# Pattern attributes: great slow fast -# Protocol groups: networking ietf_internet_standard -# Wiki: http://www.protocolinfo.org/wiki/DNS -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE - -# Thanks to Sebastien Bechet for TLD detection -# improvements - -# While RFC 2181 says "Occasionally it is assumed that the Domain Name -# System serves only the purpose of mapping Internet host names to data, -# and mapping Internet addresses to host names. This is not correct, the -# DNS is a general (if somewhat limited) hierarchical database, and can -# store almost any kind of data, for almost any purpose.", we will assume -# just that, because that represents the vast majority of DNS traffic. - -# The packet starts with a 2 byte random ID number and 2 bytes of flags that -# aren't easy to match on. - -# The first thing that is matchable is QDCOUNT, the number of queries. -# Despite the fact that you can apparently ask for up to 65535 -# things at a time, usually you only ask for one and I doubt you ever ask for -# zero. Let's allow up to two, just in case (even though I can't find any -# situation that generates more than one). - -# Next comes the ANCOUNT, NSCOUNT, and ARCOUNT fields, which could be null -# or some smallish number, not matchable except by length (up to 6) - -# The next matchable thing is the query address. The first byte indicates the -# length of the first part of the address, which is limited to 63 (0x3F == '?'). -# The next byte has to be a letter (for domain names) or number (for reverse lookups). -# Then there can be an combination of -# letters, digits, hyphens, and 0x01-0x3F length markers. -# Then we check for the presence of a top-level-domain at some later point. -# This is indicated by a 0x02-0x06 and at least two letters, followed by no -# more than four more letters. -# Note that this will miss a very few queries that are for a TLD alone. -# i.e. "host museum" (195.7.77.17) -# -# http://www.icann.org/tlds http://www.iana.org/cctld/cctld-whois.htm - -# next is the QTYPE field, which has valid values 1-16 (although this -# could probably be restricted further since many are rare) and \x1c for -# IPv6 (and maybe more?). It should follow immediately after the TLD -# (and some stripped-out nulls) - -# next is QCLASS, which has valid values 1-4 and 255, except 2 is never used. -# I'm not sure if 3 and 4 are used, so I'll include them. 1=Internet 255=any - -# If we wanted to match queries and responses separately, there could be -# more specifics after this for the responses. - -dns -# here's a sane way of doing it -^.?.?.?.?[\x01\x02].?.?.?.?.?.?[\x01-?][a-z0-9][\x01-?a-z]*[\x02-\x06][a-z][a-z][fglmoprstuvz]?[aeop]?(um)?[\x01-\x10\x1c][\x01\x03\x04\xFF] - -# This way assumes that TLDs are any alpha string 2-6 characters long. -# If TLDs are added, this is a good fallback. -#^.?.?.?.?[\x01\x02].?.?.?.?.?.?[\x01-?][a-z0-9][\x01-?a-z]*[\x02-\x06][a-z][a-z][a-z]?[a-z]?[a-z]?[a-z]?[\x01-\x10][\x01\x03\x04\xFF] - -# If you have more processing power than me, you can substitute this for -# the [a-z][a-z][a-z]?[a-z]?[a-z]?[a-z]? -#(aero|arpa|biz|com|coop|edu|gov|info|int|mil|museum|name|net|org|pro|arpa|ac|ad|ae|af|ag|ai|al|am|an|ao|aq|ar|as|at|au|aw|az|ba|bb|bd|be|bf|bg|bh|bi|bj|bm|bn|bo|br|bs|bt|bv|bw|by|bz|ca|cc|cd|cf|cg|ch|ci|ck|cl|cm|cn|co|cr|cu|cv|cx|cy|cz|de|dj|dk|dm|do|dz|ec|ee|eg|eh|er|es|et|fi|fj|fk|fm|fo|fr|ga|gd|ge|gf|gg|gh|gi|gl|gm|gn|gp|gq|gr|gs|gt|gu|gw|gy|hk|hm|hn|hr|ht|hu|id|ie|il|im|in|io|iq|ir|is|it|je|jm|jo|jp|ke|kg|kh|ki|km|kn|kp|kr|kw|ky|kz|la|lb|lc|li|lk|lr|ls|lt|lu|lv|ly|ma|mc|md|mg|mh|mk|ml|mm|mn|mo|mp|mq|mr|ms|mt|mu|mv|mw|mx|my|mz|na|nc|ne|nf|ng|ni|nl|no|np|nr|nu|nz|om|pa|pe|pf|pg|ph|pk|pl|pm|pn|pr|ps|pt|pw|py|qa|re|ro|ru|rw|sa|sb|sc|sd|se|sg|sh|si|sj|sk|sl|sm|sn|so|sr|st|sv|sy|sz|tc|td|tf|tg|th|tj|tk|tm|tn|to|tp|tr|tt|tv|tw|tz|ua|ug|uk|um|us|uy|uz|va|vc|ve|vg|vi|vn|vu|wf|ws|ye|yt|yu|za|zm|zw) diff --git a/src/usr/local/share/protocols/doom3.pat b/src/usr/local/share/protocols/doom3.pat deleted file mode 100644 index 7d32d6f..0000000 --- a/src/usr/local/share/protocols/doom3.pat +++ /dev/null @@ -1,10 +0,0 @@ -# Doom 3 - computer game -# Pattern attributes: good veryfast fast -# Protocol groups: game proprietary -# Wiki: http://www.protocolinfo.org/wiki/Doom -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Thanks to Clayton Macleod (cherrytwist at gmail.com). - -doom3 -^\xff\xffchallenge diff --git a/src/usr/local/share/protocols/edonkey.pat b/src/usr/local/share/protocols/edonkey.pat deleted file mode 100644 index bc2522e..0000000 --- a/src/usr/local/share/protocols/edonkey.pat +++ /dev/null @@ -1,37 +0,0 @@ -# eDonkey2000 - P2P filesharing - http://edonkey2000.com and others -# Pattern attributes: good fast fast overmatch -# Protocol groups: p2p -# Wiki: http://www.protocolinfo.org/wiki/EDonkey -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Tested recently (April/May 2006) with eMule 0.47a and eDonkey2000 1.4 -# and a long time ago with something else. -# -# In addition to matching what you might expect, this matches much of -# what eMule does when you tell it to only connect to the KAD network. -# I don't quite know what to make of this. - -# Thanks to Matt Skidmore - -edonkey - -# http://gd.tuwien.ac.at/opsys/linux/sf/p/pdonkey/eDonkey-protocol-0.6 -# -# In addition to \xe3, \xc5 and \xd4, I see a lot of \xe5. -# As of April 2006, I also see some \xe4. -# -# God this is a mess. What an irritating protocol. -# This will match about 2% of streams with random data in them! -# (But fortunately much fewer than 2% of streams that are other protocols. -# You can test this with the data in ../testing/) - -^[\xc5\xd4\xe3-\xe5].?.?.?.?([\x01\x02\x05\x14\x15\x16\x18\x19\x1a\x1b\x1c\x20\x21\x32\x33\x34\x35\x36\x38\x40\x41\x42\x43\x46\x47\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f\x50\x51\x52\x53\x54\x55\x56\x57\x58[\x60\x81\x82\x90\x91\x93\x96\x97\x98\x99\x9a\x9b\x9c\x9e\xa0\xa1\xa2\xa3\xa4]|\x59................?[ -~]|\x96....$) - -# matches everything and too much -# ^(\xe3|\xc5|\xd4) - -# ipp2p essentially uses "\xe3....\x47", which doesn't seem at all right to me. - -# bandwidtharbitrator uses -# e0.*@.*6[a-z].*p$|e0.*@.*[a-z]6[a-z].*p0$|e.*@.*[0-9]6.*p$|emule|edonkey -# no comments to explain what all the mush is, of course... diff --git a/src/usr/local/share/protocols/exe.pat b/src/usr/local/share/protocols/exe.pat deleted file mode 100644 index 0a16e2a..0000000 --- a/src/usr/local/share/protocols/exe.pat +++ /dev/null @@ -1,20 +0,0 @@ -# Executable - Microsoft PE file format. -# Pattern attributes: good notsofast notsofast subset -# Protocol groups: file - -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# Thanks to Brandon Enright [bmenrighATucsd.edu] - -# This pattern doesn't techincally match the PE file format but rather the -# MZ stub program Microsoft uses for backwards compatibility with DOS. -# That means this will correctly match DOS executables too. - -exe -# There are two different stubs used depending on the compiler/packer. -# Numerous NULL bytes have been stripped from this pattern. - -# This pattern may be more efficient: -# \x4d\x5a\x90\x03\x04|\x4d\x5a\x50\x02\x04 - -# This is easier to understand: -\x4d\x5a(\x90\x03|\x50\x02)\x04 diff --git a/src/usr/local/share/protocols/fasttrack.pat b/src/usr/local/share/protocols/fasttrack.pat deleted file mode 100644 index 6ed8ff1..0000000 --- a/src/usr/local/share/protocols/fasttrack.pat +++ /dev/null @@ -1,23 +0,0 @@ -# FastTrack - P2P filesharing (Kazaa, Morpheus, iMesh, Grokster, etc) -# Pattern attributes: good slow notsofast -# Protocol groups: p2p -# Wiki: http://www.protocolinfo.org/wiki/Fasttrack -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Tested with Kazaa Lite Resurrection 0.0.7.6F -# -# This appears to match the download connections well, but not the search -# connections (I think they are encrypted :-( ). - -fasttrack -# while this is a valid http request, this will be caught because -# the http pattern matches the response (and therefore the next packet) -# Even so, it's best to put this match earlier in the chain. -# http://cvs.berlios.de/cgi-bin/viewcvs.cgi/gift-fasttrack/giFT-FastTrack/PROTOCOL?rev=HEAD&content-type=text/vnd.viewcvs-markup - -# This pattern is kinda slow, but not too bad. -^get (/.download/[ -~]*|/.supernode[ -~]|/.status[ -~]|/.network[ -~]*|/.files|/.hash=[0-9a-f]*/[ -~]*) http/1.1|user-agent: kazaa|x-kazaa(-username|-network|-ip|-supernodeip|-xferid|-xferuid|tag)|^give [0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]?[0-9]?[0-9]? - -# This isn't much faster: -#^get (/.download/.*|/.supernode.|/.status.|/.network.*|/.files|/.hash=[0-9a-f]*/.*) http/1.1|user-agent: kazaa|x-kazaa(-username|-network|-ip|-supernodeip|-xferid|-xferuid|tag)|^give [0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]?[0-9]?[0-9]? - diff --git a/src/usr/local/share/protocols/finger.pat b/src/usr/local/share/protocols/finger.pat deleted file mode 100644 index f567f8c..0000000 --- a/src/usr/local/share/protocols/finger.pat +++ /dev/null @@ -1,15 +0,0 @@ -# Finger - User information server - RFC 1288 -# Pattern attributes: good slow slow undermatch overmatch -# Protocol groups: ietf_draft_standard -# Wiki: http://www.protocolinfo.org/wiki/Finger -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Usually runs on port 79 -# -# This pattern is lightly tested. - -finger -# The first matches the client request, which should look like a username. -# The second matches the usual UNIX reply (but remember that they are -# allowed to say whatever they want) -^[a-z][a-z0-9\-_]+\x0d\x0a|login: [\x09-\x0d -~]* name: [\x09-\x0d -~]* Directory: diff --git a/src/usr/local/share/protocols/flash.pat b/src/usr/local/share/protocols/flash.pat deleted file mode 100644 index 23e5d74..0000000 --- a/src/usr/local/share/protocols/flash.pat +++ /dev/null @@ -1,18 +0,0 @@ -# Flash - Macromedia Flash. -# Pattern attributes: good slow notsofast subset -# Protocol groups: file - -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# Thanks to Brandon Enright {bmenrigh AT ucsd.edu} and chinalantian at -# 126 dot com - -# Macromedia spec: -# http://download.macromedia.com/pub/flash/flash_file_format_specification.pdf -# See also: -# http://www.digitalpreservation.gov/formats/fdd/fdd000130.shtml -# http://osflash.org/flv - -flash -# FWS = uncompressed, CWS = compressed, next byte is version number -# FLV = video -[FC]WS[\x01-\x09]|FLV\x01\x05\x09 diff --git a/src/usr/local/share/protocols/freenet.pat b/src/usr/local/share/protocols/freenet.pat deleted file mode 100644 index c62ad57..0000000 --- a/src/usr/local/share/protocols/freenet.pat +++ /dev/null @@ -1,10 +0,0 @@ -# Freenet - Anonymous information retrieval - http://freenetproject.org -# Pattern attributes: poor veryfast fast -# Protocol groups: p2p document_retrieval open_source -# Wiki: http://www.protocolinfo.org/wiki/Freenet -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE - -freenet -# Freenet is intentionally hard to identify... -# This is empirical, only tested on one computer, and unlikely to work anymore. -^\x01[\x08\x09][\x03\x04] diff --git a/src/usr/local/share/protocols/ftp.pat b/src/usr/local/share/protocols/ftp.pat deleted file mode 100644 index 44d97c4..0000000 --- a/src/usr/local/share/protocols/ftp.pat +++ /dev/null @@ -1,46 +0,0 @@ -# FTP - File Transfer Protocol - RFC 959 -# Pattern attributes: great notsofast fast -# Protocol groups: document_retrieval ietf_internet_standard -# Wiki: http://protocolinfo.org/wiki/FTP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Usually runs on port 21. Note that the data stream is on a dynamically -# assigned port, which means that you will need the FTP connection -# tracking module in your kernel to usefully match FTP data transfers. -# -# This pattern is well tested. -# -# Handles the first two things a server should say: -# -# First, the server says it's ready by sending "220". Most servers say -# something after 220, even though they don't have to, and it usually -# includes the string "ftp" (l7-filter is case insensitive). This -# includes proftpd, vsftpd, wuftpd, warftpd, pureftpd, Bulletproof FTP -# Server, and whatever ftp.microsoft.com uses. Almost all servers use only -# ASCII printable characters between the "220" and the "FTP", but non-English -# ones might use others. -# -# The next thing the server sends is a 331. All the above servers also -# send something including "password" after this code. By default, we -# do not match on this because it takes another packet and is more work -# for regexec. - -ftp -# by default, we allow only ASCII -^220[\x09-\x0d -~]*ftp - -# This covers UTF-8 as well -#^220[\x09-\x0d -~\x80-\xfd]*ftp - -# This allows any characters and is about 4x faster than either of the above -# (which are about the same as each other) -#^220.*ftp - -# This is much slower -#^220[\x09-\x0d -~]*ftp|331[\x09-\x0d -~]*password - -# This pattern is more precise, but takes longer to match. (3 packets vs. 1) -#^220[\x09-\x0d -~]*\x0d\x0aUSER[\x09-\x0d -~]*\x0d\x0a331 - -# same as above, but slightly less precise and only takes 2 packets. -#^220[\x09-\x0d -~]*\x0d\x0aUSER[\x09-\x0d -~]*\x0d\x0a diff --git a/src/usr/local/share/protocols/gif.pat b/src/usr/local/share/protocols/gif.pat deleted file mode 100644 index d54ed91..0000000 --- a/src/usr/local/share/protocols/gif.pat +++ /dev/null @@ -1,8 +0,0 @@ -# GIF - Popular Image format. -# Pattern attributes: good notsofast notsofast subset -# Protocol groups: file - -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -gif -# drawn from /usr/share/magic -GIF8(7|9)a diff --git a/src/usr/local/share/protocols/gkrellm.pat b/src/usr/local/share/protocols/gkrellm.pat deleted file mode 100644 index 73eb537..0000000 --- a/src/usr/local/share/protocols/gkrellm.pat +++ /dev/null @@ -1,13 +0,0 @@ -# Gkrellm - a system monitor - http://gkrellm.net -# Pattern attributes: great veryfast fast -# Protocol groups: monitoring open_source -# Wiki: http://www.protocolinfo.org/wiki/Gkrellm -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern has been tested and is believed to work well. -# Since this is not anything resembling a published protocol, it may change without -# warning in new versions of gkrellm. - -gkrellm -# tested with gkrellm 2.2.7 -^gkrellm [23].[0-9].[0-9]\x0a$ diff --git a/src/usr/local/share/protocols/gnucleuslan.pat b/src/usr/local/share/protocols/gnucleuslan.pat deleted file mode 100644 index ae5895b..0000000 --- a/src/usr/local/share/protocols/gnucleuslan.pat +++ /dev/null @@ -1,10 +0,0 @@ -# GnucleusLAN - LAN-only P2P filesharing -# Pattern attributes: good notsofast notsofast -# Protocol groups: p2p open_source -# Wiki: http://www.protocolinfo.org/wiki/GnucleusLAN -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern has been tested and is believed to work well. - -gnucleuslan -gnuclear connect/[\x09-\x0d -~]*user-agent: gnucleus [\x09-\x0d -~]*lan: diff --git a/src/usr/local/share/protocols/gnutella.pat b/src/usr/local/share/protocols/gnutella.pat deleted file mode 100644 index 770ed43..0000000 --- a/src/usr/local/share/protocols/gnutella.pat +++ /dev/null @@ -1,34 +0,0 @@ -# Gnutella - P2P filesharing -# Pattern attributes: good notsofast notsofast -# Protocol groups: p2p open_source -# Wiki: http://www.protocolinfo.org/wiki/Gnutella -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This should match both Gnutella and "Gnutella2" ("Mike's protocol") -# -# Various clients use this protocol including Mactella, Shareaza, -# GTK-gnutella, Gnucleus, Gnotella, LimeWire, iMesh and BearShare. -# -# This is tested with gtk-gnutella and Shareaza. - -# http://www.gnutella2.com/tiki-index.php?page=UDP%20Transceiver -# http://rfc-gnutella.sf.net/ -# http://www.gnutella2.com/tiki-index.php?page=Gnutella2%20Specification -# http://en.wikipedia.org/wiki/Shareaza - -gnutella - -# The first part matches UDP messages - All start with "GND", then have -# a flag byte which is either \x00, \x01 or \x02, then two sequence bytes -# that can be anything, then a fragment number, which must start at 1. -# The rest matches TCP first client message or first server message (in case -# we can't see client messages). Some parts of this are empirical rather than -# document based. Assumes version is between 0.0 and 2.9. (usually is -# 0.4 or 0.6). I'm guessing at many of the user-agents. -# The last bit is emprical and probably only matches Limewire. -^(gnd[\x01\x02]?.?.?\x01|gnutella connect/[012]\.[0-9]\x0d\x0a|get /uri-res/n2r\?urn:sha1:|get /.*user-agent: (gtk-gnutella|bearshare|mactella|gnucleus|gnotella|limewire|imesh)|get /.*content-type: application/x-gnutella-packets|giv [0-9]*:[0-9a-f]*/|queue [0-9a-f]* [1-9][0-9]?[0-9]?\.[1-9][0-9]?[0-9]?\.[1-9][0-9]?[0-9]?\.[1-9][0-9]?[0-9]?:[1-9][0-9]?[0-9]?[0-9]?|gnutella.*content-type: application/x-gnutella|...................?lime) - -# Needlessly precise, at the expense of time -#^(gnd[\x01\x02]?.?.?\x01|gnutella connect/[012]\.[0-9]\x0d\x0a|get /uri-res/n2r\?urn:sha1:|get /[\x09-\x0d -~]*user-agent: (gtk-gnutella|bearshare|mactella|gnucleus|gnotella|limewire|imesh)|get /[\x09-\x0d -~]*content-type: application/x-gnutella-packets|giv [0-9]*:[0-9a-f]*/|queue [0-9a-f]* [1-9][0-9]?[0-9]?\.[1-9][0-9]?[0-9]?\.[1-9][0-9]?[0-9]?\.[1-9][0-9]?[0-9]?:[1-9][0-9]?[0-9]?[0-9]?|gnutella[\x09-\x0d -~]*content-type: application/x-gnutella|..................lime) - - diff --git a/src/usr/local/share/protocols/goboogy.pat b/src/usr/local/share/protocols/goboogy.pat deleted file mode 100644 index d88d00b..0000000 --- a/src/usr/local/share/protocols/goboogy.pat +++ /dev/null @@ -1,13 +0,0 @@ -# GoBoogy - a Korean P2P protocol -# Pattern attributes: marginal slow notsofast -# Protocol groups: p2p -# Wiki: http://www.protocolinfo.org/wiki/GoBoogy -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern is untested and likely does not work in all cases! -# -# By Adam Przybyla, modified by Matthew Strait. Possibly lifted from -# Josh Ballard (oofle.com). - -goboogy -|^get /getfilebyhash\.cgi\?|^get /queue_register\.cgi\?|^get /getupdowninfo\.cgi\? diff --git a/src/usr/local/share/protocols/gopher.pat b/src/usr/local/share/protocols/gopher.pat deleted file mode 100644 index 773016f..0000000 --- a/src/usr/local/share/protocols/gopher.pat +++ /dev/null @@ -1,25 +0,0 @@ -# Gopher - A precursor to HTTP - RFC 1436 -# Pattern attributes: good slow notsofast undermatch -# Protocol groups: document_retrieval obsolete ietf_rfc_documented -# Wiki: http://www.protocolinfo.org/wiki/Gopher -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Gopher servers usually run on TCP port 70. -# -# This pattern is lightly tested using gopher.dna.affrc.go.jp . - -gopher -# This matches the server's response, but naturally only if it is a -# directory listing, not if it is sending a file, because then the data -# is totally arbitrary. - -# Matches the client saying "list what you have", then the server -# response: one of the file type characters, any printable characters, a -# tab, any printable characters, a tab, something that looks like a -# domain name, a tab, and then a number which could be the start of a -# port number. - -# "0About internet Gopher\tStuff:About us\trawBits.micro.umn.edu\t70" -# "\r7search by keywords on protein data using wais\twaissrc:/protein_all/protein\tgopher.dna.affrc.go.jp\t70" - -^[\x09-\x0d]*[1-9,+tgi][\x09-\x0d -~]*\x09[\x09-\x0d -~]*\x09[a-z0-9.]*\.[a-z][a-z].?.?\x09[1-9] diff --git a/src/usr/local/share/protocols/gtalk.pat b/src/usr/local/share/protocols/gtalk.pat deleted file mode 100644 index aa538ca..0000000 --- a/src/usr/local/share/protocols/gtalk.pat +++ /dev/null @@ -1,11 +0,0 @@ -# GTalk, a Jabber (XMPP) client -# Pattern attributes: good veryfast fast subset -# Protocol groups: chat ietf_proposed_standard -# Wiki: http://www.protocolinfo.org/wiki/Jabber -# Copyright (C) 2009 Matthew Strait; See ../LICENSE - -# See ../protocols/jabber.pat for more details - -gtalk -^ - -halflife2-deathmatch -^\xff\xff\xff\xff.*hl2mpDeathmatch diff --git a/src/usr/local/share/protocols/hddtemp.pat b/src/usr/local/share/protocols/hddtemp.pat deleted file mode 100644 index cdd908c..0000000 --- a/src/usr/local/share/protocols/hddtemp.pat +++ /dev/null @@ -1,14 +0,0 @@ -# hddtemp - Hard drive temperature reporting -# Pattern attributes: great veryfast fast -# Protocol groups: monitoring open_source -# Wiki: http://www.protocolinfo.org/wiki/HDDtemp -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Usually runs on port 7634 -# -# You're a silly person if you use this pattern. -# -# This pattern has been tested and is believed to work well. - -hddtemp -^\|/dev/[a-z][a-z][a-z]\|[0-9a-z]*\|[0-9][0-9]\|[cfk]\| diff --git a/src/usr/local/share/protocols/hotline.pat b/src/usr/local/share/protocols/hotline.pat deleted file mode 100644 index 20ec6de..0000000 --- a/src/usr/local/share/protocols/hotline.pat +++ /dev/null @@ -1,12 +0,0 @@ -# Hotline - An old P2P filesharing protocol -# Pattern attributes: marginal fast fast -# Protocol groups: p2p -# Wiki: http://www.protocolinfo.org/wiki/Hotline -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern is untested! -# -# This is lifted from http://oofle.com/filesharing.php?app=hotline - -hotline -^....................TRTPHOTL\x01\x02 diff --git a/src/usr/local/share/protocols/html.pat b/src/usr/local/share/protocols/html.pat deleted file mode 100644 index d834a96..0000000 --- a/src/usr/local/share/protocols/html.pat +++ /dev/null @@ -1,11 +0,0 @@ -# (X)HTML - (Extensible) Hypertext Markup Language - http://w3.org -# Pattern attributes: good fast notsofast subset -# Protocol groups: file -# -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# This pattern has been tested and is believe to work well. - -# this should match any (X)HTML document from any version that conforms -# even vaugly to the standards. -html - diff --git a/src/usr/local/share/protocols/http-dap.pat b/src/usr/local/share/protocols/http-dap.pat deleted file mode 100644 index 216d8d6..0000000 --- a/src/usr/local/share/protocols/http-dap.pat +++ /dev/null @@ -1,19 +0,0 @@ -# HTTP by Download Accelerator Plus - http://www.speedbit.com -# Pattern attributes: good notsofast notsofast subset -# Protocol groups: document_retrieval ietf_draft_standard -# Wiki: http://protocolinfo.org/wiki/HTTP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Uses HTTP to download. - -http-dap - -# DAP identifies itself in the User-Agent field of every HTTP request it -# makes. This is pretty trivial to get around if speedbit.com ever -# wanted to. - -# The latest version uses "User-Agent: DA 7.0". The additional version -# allowance is an attempt at "future proofing". - -User-Agent: DA [678]\.[0-9] - diff --git a/src/usr/local/share/protocols/http-freshdownload.pat b/src/usr/local/share/protocols/http-freshdownload.pat deleted file mode 100644 index a342e86..0000000 --- a/src/usr/local/share/protocols/http-freshdownload.pat +++ /dev/null @@ -1,17 +0,0 @@ -# HTTP by Fresh Download - http://www.freshdevices.com -# Pattern attributes: good notsofast notsofast subset -# Protocol groups: document_retrieval ietf_draft_standard -# Wiki: http://protocolinfo.org/wiki/HTTP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# Uses HTTP to download. - -http-freshdownload - -# Fresh Download identifies itself in the User-Agent field of every HTTP -# request it makes. - -# The latest version uses "User-Agent: FreshDownload/4.40". The -# additional version allowance is an attempt at "future proofing". - -User-Agent: FreshDownload/[456](\.[0-9][0-9]?)? - diff --git a/src/usr/local/share/protocols/http-itunes.pat b/src/usr/local/share/protocols/http-itunes.pat deleted file mode 100644 index fd44ee4..0000000 --- a/src/usr/local/share/protocols/http-itunes.pat +++ /dev/null @@ -1,14 +0,0 @@ -# HTTP - iTunes (Apple's music program) -# Pattern attributes: good notsofast notsofast subset -# Protocol groups: streaming_audio ietf_draft_standard -# Wiki: http://protocolinfo.org/wiki/HTTP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Port 80 -# iTunes program basically uses the HTTP protocol for its initial -# communication. -# Pattern contributed by Deepak Seshadri - -http-itunes -http/(0\.9|1\.0|1\.1).*(user-agent: itunes) - diff --git a/src/usr/local/share/protocols/http-rtsp.pat b/src/usr/local/share/protocols/http-rtsp.pat deleted file mode 100644 index 73ef926..0000000 --- a/src/usr/local/share/protocols/http-rtsp.pat +++ /dev/null @@ -1,16 +0,0 @@ -# RTSP tunneled within HTTP -# Pattern attributes: ok notsofast fast subset -# Protocol groups: streaming_audio streaming_video ietf_draft_standard -# Wiki: http://www.protocolinfo.org/wiki/RTSP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Apple's documentation on what Quicktime does: -# http://developer.apple.com/quicktime/icefloe/dispatch028.html -# This is what the first part of the pattern is about -# -# The second part is based on the example in RFC 2326. For this part to -# work, this pattern MUST be earlier in the iptables rules chain than -# HTTP. Otherwise, the stream will be identified as HTTP. - -http-rtsp -^(get[\x09-\x0d -~]* Accept: application/x-rtsp-tunnelled|http/(0\.9|1\.0|1\.1) [1-5][0-9][0-9] [\x09-\x0d -~]*a=control:rtsp://) diff --git a/src/usr/local/share/protocols/http.pat b/src/usr/local/share/protocols/http.pat deleted file mode 100644 index 5122310..0000000 --- a/src/usr/local/share/protocols/http.pat +++ /dev/null @@ -1,28 +0,0 @@ -# HTTP - HyperText Transfer Protocol - RFC 2616 -# Pattern attributes: great slow notsofast superset -# Protocol groups: document_retrieval ietf_draft_standard -# Wiki: http://protocolinfo.org/wiki/HTTP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Usually runs on port 80 -# -# This pattern has been tested and is believed to work well. -# -# this intentionally catches the response from the server rather than -# the request so that other protocols which use http (like kazaa) can be -# caught based on specific http requests regardless of the ordering of -# filters... also matches posts - -# Sites that serve really long cookies may break this by pushing the -# server response too far away from the beginning of the connection. To -# fix this, increase the kernel's data buffer length. - -http -# Status-Line = HTTP-Version SP Status-Code SP Reason-Phrase CRLF (rfc 2616) -# As specified in rfc 2616 a status code is preceeded and followed by a -# space. -http/(0\.9|1\.0|1\.1) [1-5][0-9][0-9] [\x09-\x0d -~]*(connection:|content-type:|content-length:|date:)|post [\x09-\x0d -~]* http/[01]\.[019] -# A slightly faster version that might be good enough: -#http/(0\.9|1\.0|1\.1) [1-5][0-9][0-9]|post [\x09-\x0d -~]* http/[01]\.[019] -# old pattern(s): -#(http[\x09-\x0d -~]*(200 ok|302 |304 )[\x09-\x0d -~]*(connection:|content-type:|content-length:))|^(post [\x09-\x0d -~]* http/) diff --git a/src/usr/local/share/protocols/httpaudio.pat b/src/usr/local/share/protocols/httpaudio.pat deleted file mode 100644 index c6cdd9a..0000000 --- a/src/usr/local/share/protocols/httpaudio.pat +++ /dev/null @@ -1,32 +0,0 @@ -# HTTP - Audio over HyperText Transfer Protocol (RFC 2616) -# Pattern attributes: good notsofast notsofast subset -# Protocol groups: streaming_audio document_retrieval ietf_draft_standard -# Wiki: http://protocolinfo.org/wiki/HTTP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Usually runs on port 80 -# -# Contributed by Deepak Seshadri -# -# This pattern has been tested and is believed to work well. -# -# To get or provide more information about this protocol and/or pattern: -# http://www.protocolinfo.org/wiki/HTTP -# http://lists.sourceforge.net/lists/listinfo/l7-filter-developers -# -# If you use this, you should be aware that: -# -# - they match both simple downloads of audio/video and streaming content. -# -# - blocking based on content-type encourages server -# writers/administrators to misreport content-type (which will just make -# headaches for everyone, including us), so I would strongly recommend -# shaping audio/video down to a speed that discourages use of streaming -# players without actually blocking it. -# -# - obviously, since this is a subset of HTTP, you need to match it -# earlier in your iptables rules than HTTP. - -httpaudio -http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0d -~]*(content-type: audio) - diff --git a/src/usr/local/share/protocols/httpcachehit.pat b/src/usr/local/share/protocols/httpcachehit.pat deleted file mode 100644 index 41cb099..0000000 --- a/src/usr/local/share/protocols/httpcachehit.pat +++ /dev/null @@ -1,19 +0,0 @@ -# HTTP - Proxy Cache hit for HyperText Transfer Protocol (RFC 2616) -# Pattern attributes: good notsofast notsofast subset -# Protocol groups: document_retrieval ietf_draft_standard -# Wiki: http://protocolinfo.org/wiki/HTTP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Usually runs on port 80 -# -# Contributed by Francesco Del Degan -# -# This pattern has been tested and is believed to work well. -# -# To get or provide more information about this protocol and/or pattern: -# http://www.protocolinfo.org/wiki/HTTP -# http://lists.sourceforge.net/lists/listinfo/l7-filter-developers - -httpcachehit -http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0d -~]*(x-cache: hit) - diff --git a/src/usr/local/share/protocols/httpcachemiss.pat b/src/usr/local/share/protocols/httpcachemiss.pat deleted file mode 100644 index 09ac6cd..0000000 --- a/src/usr/local/share/protocols/httpcachemiss.pat +++ /dev/null @@ -1,17 +0,0 @@ -# HTTP - Proxy Cache miss for HyperText Transfer Protocol (RFC 2616) -# Pattern attributes: good notsofast notsofast subset -# Protocol groups: document_retrieval ietf_draft_standard -# Wiki: http://protocolinfo.org/wiki/HTTP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Usually runs on port 80 -# -# This pattern has been tested and is believed to work well. -# -# To get or provide more information about this protocol and/or pattern: -# http://www.protocolinfo.org/wiki/HTTP -# http://lists.sourceforge.net/lists/listinfo/l7-filter-developers - -httpcachemiss -http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0d -~]*(x-cache: miss) - diff --git a/src/usr/local/share/protocols/httpvideo.pat b/src/usr/local/share/protocols/httpvideo.pat deleted file mode 100644 index 4a75ce0..0000000 --- a/src/usr/local/share/protocols/httpvideo.pat +++ /dev/null @@ -1,32 +0,0 @@ -# HTTP - Video over HyperText Transfer Protocol (RFC 2616) -# Pattern attributes: good notsofast notsofast subset -# Protocol groups: streaming_video document_retrieval ietf_draft_standard -# Wiki: http://protocolinfo.org/wiki/HTTP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Usually runs on port 80 -# -# Contributed by Deepak Seshadri -# -# This pattern has been tested and is believed to work well. -# -# To get or provide more information about this protocol and/or pattern: -# http://www.protocolinfo.org/wiki/HTTP -# http://lists.sourceforge.net/lists/listinfo/l7-filter-developers -# -# If you use this, you should be aware that: -# -# - they match both simple downloads of audio/video and streaming content. -# -# - blocking based on content-type encourages server -# writers/administrators to misreport content-type (which will just make -# headaches for everyone, including us), so I would strongly recommend -# shaping audio/video down to a speed that discourages use of streaming -# players without actually blocking it. -# -# - obviously, since this is a subset of HTTP, you need to match it -# earlier in your iptables rules than HTTP. - -httpvideo -http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0d -~]*(content-type: video) - diff --git a/src/usr/local/share/protocols/ident.pat b/src/usr/local/share/protocols/ident.pat deleted file mode 100644 index 3205e5e..0000000 --- a/src/usr/local/share/protocols/ident.pat +++ /dev/null @@ -1,15 +0,0 @@ -# Ident - Identification Protocol - RFC 1413 -# Pattern attributes: good fast fast -# Protocol groups: networking ietf_proposed_standard -# Wiki: http://www.protocolinfo.org/wiki/Ident -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Usually runs on port 113 -# -# This pattern is believed to work. - -ident -# "number , numberCRLF" possibly without the CR and/or LF. -# ^$ is appropriate because the first packet should never have anything -# else in it. -^[1-9][0-9]?[0-9]?[0-9]?[0-9]?[\x09-\x0d]*,[\x09-\x0d]*[1-9][0-9]?[0-9]?[0-9]?[0-9]?(\x0d\x0a|[\x0d\x0a])?$ diff --git a/src/usr/local/share/protocols/imap.pat b/src/usr/local/share/protocols/imap.pat deleted file mode 100644 index 3f989c0..0000000 --- a/src/usr/local/share/protocols/imap.pat +++ /dev/null @@ -1,14 +0,0 @@ -# IMAP - Internet Message Access Protocol (A common e-mail protocol) -# Pattern attributes: great fast fast -# Protocol groups: mail ietf_proposed_standard -# Wiki: http://www.protocolinfo.org/wiki/IMAP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This matches IMAP4 (RFC 3501) and probably IMAP2 (RFC 1176) -# -# This pattern has been tested and is believed to work well. -# -# This matches the IMAP welcome message or a noop command (which for -# some unknown reason can happen at the start of a connection?) -imap -^(\* ok|a[0-9]+ noop) diff --git a/src/usr/local/share/protocols/imesh.pat b/src/usr/local/share/protocols/imesh.pat deleted file mode 100644 index 4cb7ac7..0000000 --- a/src/usr/local/share/protocols/imesh.pat +++ /dev/null @@ -1,15 +0,0 @@ -# iMesh - the native protocol of iMesh, a P2P application - http://imesh.com -# Pattern attributes: ok fast notsofast -# Protocol groups: p2p -# Wiki: http://protocolinfo.org/wiki/iMesh -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# depending on the version of iMesh (the program), it can also use fasttrack, -# gnutella and edonkey in addition to iMesh (the protocol). - -imesh -# The first branch matches the login -# The second branch matches the main non-download connection (searches, etc) -# The third branch matches downloads of "premium" content -# The fourth branch matches peer downloads. -^(post[\x09-\x0d -~]*................................|\x34\x80?\x0d?\xfc\xff\x04|get[\x09-\x0d -~]*Host: imsh\.download-prod\.musicnet\.com|\x02[\x01\x02]\x83.*\x02[\x01\x02]\x83) diff --git a/src/usr/local/share/protocols/ipp.pat b/src/usr/local/share/protocols/ipp.pat deleted file mode 100644 index 15540d0..0000000 --- a/src/usr/local/share/protocols/ipp.pat +++ /dev/null @@ -1,12 +0,0 @@ -# IP printing - a new standard for UNIX printing - RFC 2911 -# Pattern attributes: good notsofast notsofast -# Protocol groups: printer ietf_proposed_standard -# Wiki: http://www.protocolinfo.org/wiki/IPP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern has been tested and is believed to work well. - -ipp -# It's unlikely that anything else has this string, but I think we could -# do a bit better... -ipp:// diff --git a/src/usr/local/share/protocols/irc.pat b/src/usr/local/share/protocols/irc.pat deleted file mode 100644 index b922b3e..0000000 --- a/src/usr/local/share/protocols/irc.pat +++ /dev/null @@ -1,20 +0,0 @@ -# IRC - Internet Relay Chat - RFC 1459 -# Pattern attributes: great fast fast -# Protocol groups: chat ietf_proposed_standard -# Wiki: http://www.protocolinfo.org/wiki/IRC -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Usually runs on port 6666 or 6667 -# Note that chat traffic runs on these ports, but IRC-DCC traffic (which -# can use much more bandwidth) uses a dynamically assigned port, so you -# must have the IRC connection tracking module in your kernel to classify -# this. -# -# This pattern has been tested and is believed to work well. - -irc -# First thing that happens is that the client sends NICK and USER, in -# either order. This allows MIRC color codes (\x02-\x0d instead of -# \x09-\x0d). -^(nick[\x09-\x0d -~]*user[\x09-\x0d -~]*:|user[\x09-\x0d -~]*:[\x02-\x0d -~]*nick[\x09-\x0d -~]*\x0d\x0a) - diff --git a/src/usr/local/share/protocols/jabber.pat b/src/usr/local/share/protocols/jabber.pat deleted file mode 100644 index 7c32890..0000000 --- a/src/usr/local/share/protocols/jabber.pat +++ /dev/null @@ -1,24 +0,0 @@ -# Jabber (XMPP) - open instant messenger protocol - RFC 3920 - http://jabber.org -# Pattern attributes: good notsofast notsofast -# Protocol groups: chat ietf_proposed_standard -# Wiki: http://www.protocolinfo.org/wiki/Jabber -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern has been tested with Gaim and Gabber. It is only tested -# with non-SSL mode Jabber with no proxies. - -# Thanks to Jan Hudec for some improvements. - -# Jabber seems to take a long time to set up a connection. I'm -# connecting with Gabber 0.8.8 to 12jabber.org and the first 8 packets -# is this: -# -# -# No mention of my username or password yet, you'll note. - -jabber - says: -# "This pattern identifies openFT P2P transfers fine. openFT is part of giFT -# and is a pretty large p2p network. I would describe this pattern as pretty -# weak, but it works for the giFT-based clients I've used." - -openft -x-openftalias: [-)(0-9a-z ~.] diff --git a/src/usr/local/share/protocols/pcanywhere.pat b/src/usr/local/share/protocols/pcanywhere.pat deleted file mode 100644 index 60b50a7..0000000 --- a/src/usr/local/share/protocols/pcanywhere.pat +++ /dev/null @@ -1,12 +0,0 @@ -# pcAnywhere - Symantec remote access program -# Pattern attributes: marginal veryfast fast -# Protocol groups: remote_access proprietary -# Wiki: http://www.protocolinfo.org/wiki/PcAnywhere -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE - -# This is completely untested! -# See http://www.unixwiz.net/tools/pcascan.txt - -pcanywhere -# I think this only matches queries and not the bulk of the traffic! -^(nq|st)$ diff --git a/src/usr/local/share/protocols/pdf.pat b/src/usr/local/share/protocols/pdf.pat deleted file mode 100644 index 0c0e5f9..0000000 --- a/src/usr/local/share/protocols/pdf.pat +++ /dev/null @@ -1,11 +0,0 @@ -# PDF - Portable Document Format - Postscript-like format by Adobe -# Pattern attributes: good fast notsofast subset -# Protocol groups: file -# -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# This pattern has been tested and is believe to work well. - -# Matches PDF versions 1.0 - 1.6 (not sure if 1.6 exists yet, but it probably -# will. -pdf -%PDF-1\.[0123456] diff --git a/src/usr/local/share/protocols/perl.pat b/src/usr/local/share/protocols/perl.pat deleted file mode 100644 index 822986b..0000000 --- a/src/usr/local/share/protocols/perl.pat +++ /dev/null @@ -1,7 +0,0 @@ -# Perl - A scripting language by Larry Wall. -# Pattern attributes: good fast notsofast subset -# Protocol groups: file - -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -perl -\#! ?/(usr/(local/)?)?bin/perl diff --git a/src/usr/local/share/protocols/png.pat b/src/usr/local/share/protocols/png.pat deleted file mode 100644 index 33aafda..0000000 --- a/src/usr/local/share/protocols/png.pat +++ /dev/null @@ -1,13 +0,0 @@ -# PNG - Portable Network Graphics, a popular image format -# Pattern attributes: good fast notsofast subset -# Protocol groups: file - -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# Contributed by Radovan Josth. Tested at least a bit. - -png -# drawn from /usr/share/magic -\x89PNG\x0d\x0a\x1a\x0a - -# this is probably sufficient, but by default let's use the longer version -# \x89PNG diff --git a/src/usr/local/share/protocols/poco.pat b/src/usr/local/share/protocols/poco.pat deleted file mode 100644 index c7ce686..0000000 --- a/src/usr/local/share/protocols/poco.pat +++ /dev/null @@ -1,12 +0,0 @@ -# POCO and PP365 - Chinese P2P filesharing - http://pp365.com http://poco.cn -# Pattern attributes: ok veryfast fast -# Protocol groups: p2p -# Wiki: http://www.protocolinfo.org/wiki/Poco -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# The author of this pattern says it works, but this is unconfirmed. -# Written by www.routerclub.com wsgtrsys. - -poco -^\x80\x94\x0a\x01....\x1f\x9e - diff --git a/src/usr/local/share/protocols/pop3.pat b/src/usr/local/share/protocols/pop3.pat deleted file mode 100644 index 47a8252..0000000 --- a/src/usr/local/share/protocols/pop3.pat +++ /dev/null @@ -1,50 +0,0 @@ -# POP3 - Post Office Protocol version 3 (popular e-mail protocol) - RFC 1939 -# Pattern attributes: great fast fast -# Protocol groups: mail ietf_internet_standard -# Wiki: http://www.protocolinfo.org/wiki/POP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern has been tested somewhat. - -# this is a difficult protocol to match because of the relative lack of -# distinguishing information. Read on. -pop3 - -# this the most conservative pattern. It should definitely work. -#^(\+ok|-err) - -# this pattern assumes that the server says _something_ after +ok or -err -# I think this is probably the way to go. -^(\+ok |-err ) - -# more that 90% of servers seem to say "pop" after "+ok", but not all. -#^(\+ok .*pop) - -# Here's another tack. I think this is my second favorite. -#^(\+ok [\x09-\x0d -~]*(ready|hello|pop|starting)|-err [\x09-\x0d -~]*(invalid|unknown|unimplemented|unrecognized|command)) - -# this matches the server saying "you have N messages that are M bytes", -# which the client probably asks for early in the session (not tested) -#\+ok [0-9]+ [0-9]+ - -# some sample servers: -# RFC example: +OK POP3 server ready <1896.697170952@dbc.mtview.ca.us> -# mail.dreamhost.com: +OK Hello there. -# pop.carleton.edu: +OK POP3D(*) Server PMDFV6.2.2 at Fri, 12 Sep 2003 19:28:10 -0500 (CDT) (APOP disabled) -# mail.earthlink.net: +OK NGPopper vEL_4_38 at earthlink.net ready <25509.1063412951@falcon> -# *.email.umn.edu: +OK Cubic Circle's v1.22 1998/04/11 POP3 ready <7d1e0000da67623f@aquamarine.tc.umn.edu> -# mail.yale.edu: +OK POP3 pantheon-po01 v2002.81 server ready -# mail.gustavus.edu: +OK POP3 solen v2001.78 server ready -# mail.reed.edu: +OK POP3 letra.reed.edu v2002.81 server ready -# mail.bowdoin.edu: +OK mail.bowdoin.edu POP3 service (iPlanet Messaging Server 5.2 HotFix 1.15 (built Apr 28 2003)) -# pop.colby.edu: +OK Qpopper (version 4.0.5) at basalt starting. -# mail.mac.com: +OK Netscape Messaging Multiplexor ready - -# various error strings: -#-ERR Invalid command. -#-ERR invalid command -#-ERR unimplemented -#-ERR Invalid command, try one of: USER name, PASS string, QUIT -#-ERR Unknown AUTHORIZATION state command -#-ERR Unrecognized command -#-ERR Unknown command: "sadf'". diff --git a/src/usr/local/share/protocols/postscript.pat b/src/usr/local/share/protocols/postscript.pat deleted file mode 100644 index 456ac21..0000000 --- a/src/usr/local/share/protocols/postscript.pat +++ /dev/null @@ -1,7 +0,0 @@ -# Postscript - Printing Language -# Pattern attributes: good fast notsofast subset -# Protocol groups: file - -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -postscript -%!ps diff --git a/src/usr/local/share/protocols/pplive.pat b/src/usr/local/share/protocols/pplive.pat deleted file mode 100644 index 42fef72..0000000 --- a/src/usr/local/share/protocols/pplive.pat +++ /dev/null @@ -1,11 +0,0 @@ -# PPLive - Chinese P2P streaming video - http://pplive.com -# Pattern attributes: ok notsofast notsofast -# Protocol groups: p2p streaming_video proprietary -# Wiki: http://www.protocolinfo.org/wiki/PPLive -# Copyright (C) 2008 Matthew Strait; See ../LICENSE - -# By liangjun, who says that it works. It may be easily improvable with -# a bit more testing. - -pplive -\x01...\xd3.+\x0c.$ diff --git a/src/usr/local/share/protocols/pressplay.pat b/src/usr/local/share/protocols/pressplay.pat deleted file mode 100644 index cd814cc..0000000 --- a/src/usr/local/share/protocols/pressplay.pat +++ /dev/null @@ -1,15 +0,0 @@ -# pressplay - A legal music distribution site - http://pressplay.com -# Pattern attributes: ok notsofast notsofast -# Protocol groups: document_retrieval obsolete proprietary -# Wiki: http://www.protocolinfo.org/wiki/Pressplay -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern was "contributed" (taken with permission) by the bandwidth -# arbitrator project (www.bandwidtharbitrator.com). -# -# This pattern is unconfirmed. - -pressplay -# can we do better than this? -user-agent: nsplayer - diff --git a/src/usr/local/share/protocols/qq.pat b/src/usr/local/share/protocols/qq.pat deleted file mode 100644 index 08db802..0000000 --- a/src/usr/local/share/protocols/qq.pat +++ /dev/null @@ -1,26 +0,0 @@ -# Tencent QQ Protocol - Chinese instant messenger protocol - http://www.qq.com -# Pattern attributes: good notsofast fast -# Protocol groups: chat -# Wiki: http://www.protocolinfo.org/wiki/QQ -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Over six million people use QQ in China, according to wsgtrsys. -# -# This pattern has been tested and is believed to work well. -# -# QQ uses three (two?) methods to connect to server(s?). -# one is udp, and another is tcp -# udp protocol: the first byte is 02 and last byte is 03 -# tcp protocol: the second byte is 02 and last byte is 03 -# tony on protocolinfo.org says that now the *third* byte is 02: -# "but when I tested on my PC, I found that when qq2007/qq2008 -# use tcp protocol, the third byte instead of the second is always 02. -# -# So the QQ protocol changed again, or I have made a mistake, I wonder -# that." -# So now the pattern allows any of the first three bytes to be 02. Delete -# one of the ".?" to restore to the old behaviour. -# pattern written by www.routerclub.com wsgtrsys - -qq -^.?.?\x02.+\x03$ diff --git a/src/usr/local/share/protocols/quake-halflife.pat b/src/usr/local/share/protocols/quake-halflife.pat deleted file mode 100644 index bc05b8f..0000000 --- a/src/usr/local/share/protocols/quake-halflife.pat +++ /dev/null @@ -1,32 +0,0 @@ -# Half Life 1 engine games (HL 1, Quake 2/3/World, Counterstrike 1.6, etc.) -# Pattern attributes: good veryfast fast -# Protocol groups: game proprietary -# Wiki: http://www.protocolinfo.org/wiki/Half-Life http://www.protocolinfo.org/wiki/Counter-Strike http://www.protocolinfo.org/wiki/Day_of_Defeat -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Contributed by Laurens Blankers , who says: -# -# This pattern has been tested with QuakeWorld (2.30), Quake 2 (3.20), -# Quake 3 (1.32), and Half-life (1.1.1.0). But may also work on other -# games based on the Quake engine. -# -# Clayton Macleod says: -# [This should match] Counter-Strike v1.6, [...] the slightly updated -# Counter-Strike: Condition Zero, and the game Day Of Defeat, Team -# Fortress Classic, Deathmatch Classic, Ricochet, Half-Life [1] Deathmatch, -# and I imagine all the other 3rd party mods that also use this engine -# will match that pattern. -# -# Gavin Pryke says: -# Added "getstatus". Quake3 games were not being matched here until it was -# added. - -quake-halflife -# All quake (like) protocols start with 4x 0xFF. Then the client either -# issues getinfo, getchallenge or getstatus. -^\xff\xff\xff\xffget(info|challenge|status) - -# A previous quake pattern allowed the connection to start with only 2 bytes -# of 0xFF. This doesn't seem to ever happen, but we should keep an eye out -# for it. - diff --git a/src/usr/local/share/protocols/quake1.pat b/src/usr/local/share/protocols/quake1.pat deleted file mode 100644 index 46bdebd..0000000 --- a/src/usr/local/share/protocols/quake1.pat +++ /dev/null @@ -1,19 +0,0 @@ -# Quake 1 - A popular computer game. -# Pattern attributes: marginal veryfast fast -# Protocol groups: game proprietary -# Wiki: http://www.protocolinfo.org/wiki/Quake -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern is untested and unconfirmed. - -# Info taken from http://www.gamers.org/dEngine/quake/QDP/qnp.html, -# which says that it "is incomplete, inaccurate and only applies to -# versions 0.91, 0.92, 1.00 and 1.01 of QUAKE" - -quake1 -# Connection request: 80 00 00 0c 01 51 55 41 4b 45 00 03 -# \x80 = control packet. -# \x0c = packet length -# \x01 = CCREQ_CONNECT -# \x03 = protocol version (3 == 0.91, 0.92, 1.00, 1.01) -^\x80\x0c\x01quake\x03 diff --git a/src/usr/local/share/protocols/quicktime.pat b/src/usr/local/share/protocols/quicktime.pat deleted file mode 100644 index 5a6273d..0000000 --- a/src/usr/local/share/protocols/quicktime.pat +++ /dev/null @@ -1,21 +0,0 @@ -# Quicktime HTTP -# Pattern attributes: good notsofast notsofast subset -# Protocol groups: streaming_video streaming_audio ietf_draft_standard -# Wiki: http://protocolinfo.org/wiki/HTTP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern has been tested and is believed to work well. -# (Quick Time v6.5.1 downloading from www.apple.com/trailers) -# -# To get or provide more information about this protocol and/or pattern: -# http://www.protocolinfo.org/wiki/HTTP -# http://lists.sourceforge.net/lists/listinfo/l7-filter-developers -# -# Since this is a subset of HTTP, it should be put earlier in the packet -# filtering chain than HTTP. Also, please don't use this to block Quicktime. -# If you must do that, you should use a filtering HTTP proxy, which is probably -# more accurate. - -quicktime -user-agent: quicktime \(qtver=[0-9].[0-9].[0-9];os=[\x09-\x0d -~]+\)\x0d\x0a - diff --git a/src/usr/local/share/protocols/radmin.pat b/src/usr/local/share/protocols/radmin.pat deleted file mode 100644 index d13aa65..0000000 --- a/src/usr/local/share/protocols/radmin.pat +++ /dev/null @@ -1,17 +0,0 @@ -# Famatech Remote Administrator - remote desktop for MS Windows -# Pattern attributes: ok veryfast fast -# Protocol groups: remote_access proprietary -# Wiki: http://www.protocolinfo.org/wiki/Radmin -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern has been verified with Radmin v1.1 and v3.0beta on Win2000/XP -# It has only been tested between a single pair of computers. - -# The first packet of every TCP stream appears to be either one of: -# -# 01 00 00 00 01 00 00 00 08 08 -# 01 00 00 00 01 00 00 00 1b 1b - -radmin -^\x01\x01(\x08\x08|\x1b\x1b)$ - diff --git a/src/usr/local/share/protocols/rar.pat b/src/usr/local/share/protocols/rar.pat deleted file mode 100644 index 1332af1..0000000 --- a/src/usr/local/share/protocols/rar.pat +++ /dev/null @@ -1,7 +0,0 @@ -# RAR - The WinRAR archive format -# Pattern attributes: good notsofast notsofast subset -# Protocol groups: file - -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -rar -rar\x21\x1a\x07 diff --git a/src/usr/local/share/protocols/rdp.pat b/src/usr/local/share/protocols/rdp.pat deleted file mode 100644 index 44b853f..0000000 --- a/src/usr/local/share/protocols/rdp.pat +++ /dev/null @@ -1,20 +0,0 @@ -# RDP - Remote Desktop Protocol (used in Windows Terminal Services) -# Pattern attributes: ok notsofast notsofast -# Protocol groups: remote_access proprietary -# Wiki: http://www.protocolinfo.org/wiki/RDP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern was submitted by Michael Leong. It has been tested under the -# following conditions: "WinXP Pro with all the patches, rdesktop server -# running on port 7000 instead of 3389 --> WinXP Pro Remote Desktop Client." -# Also tested is WinXP to Win 2000 Server. - -# At least one other person has reported it to work as well. - -rdp -rdpdr.*cliprdr.*rdpsnd - -# Old pattern, submitted by Daniel Weatherford. -# rdpdr.*cliprdp.*rdpsnd - - diff --git a/src/usr/local/share/protocols/replaytv-ivs.pat b/src/usr/local/share/protocols/replaytv-ivs.pat deleted file mode 100644 index aaf9255..0000000 --- a/src/usr/local/share/protocols/replaytv-ivs.pat +++ /dev/null @@ -1,11 +0,0 @@ -# ReplayTV Internet Video Sharing - Digital Video Recorder - http://replaytv.com -# Pattern attributes: good fast fast -# Protocol groups: -# Wiki: http://www.protocolinfo.org/wiki/ReplayTV -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Pattern by jm 409 at hot mail dot com, who says that this one "worked best". - -replaytv-ivs -^(get /ivs-IVSGetFileChunk|http/(0\.9|1\.0|1\.1) [1-5][0-9][0-9] [\x09-\x0d -~]*\x23\x23\x23\x23\x23REPLAY_CHUNK_START\x23\x23\x23\x23\x23) - diff --git a/src/usr/local/share/protocols/rlogin.pat b/src/usr/local/share/protocols/rlogin.pat deleted file mode 100644 index 42c4f7e..0000000 --- a/src/usr/local/share/protocols/rlogin.pat +++ /dev/null @@ -1,19 +0,0 @@ -# rlogin - remote login - RFC 1282 -# Pattern attributes: ok fast fast -# Protocol groups: remote_access ietf_rfc_documented -# Wiki: http://www.protocolinfo.org/wiki/Rlogin -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# usually runs on port 443 -# -# This pattern is untested. - -rlogin -# At least three characters (user name, user name, terminal type), -# the first of which could be the first character of a user name, a -# slash, then a terminal speed. (Assumes that usernames and terminal -# types are alphanumeric only. I'm sure there are usernames like -# "straitm-47" out there, but it's not common.) All terminal speeds -# I know of end in two zeros and are between 3 and 6 digits long. -# This pattern is uncomfortably general. -^[a-z][a-z0-9][a-z0-9]+/[1-9][0-9]?[0-9]?[0-9]?00 diff --git a/src/usr/local/share/protocols/rpm.pat b/src/usr/local/share/protocols/rpm.pat deleted file mode 100644 index 0302839..0000000 --- a/src/usr/local/share/protocols/rpm.pat +++ /dev/null @@ -1,7 +0,0 @@ -# RPM - Redhat Package Management packages -# Pattern attributes: good fast notsofast subset -# Protocol groups: file - -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -rpm -\xed\xab\xee\xdb.?.?.?.?[1-7] diff --git a/src/usr/local/share/protocols/rtf.pat b/src/usr/local/share/protocols/rtf.pat deleted file mode 100644 index 676cb1a..0000000 --- a/src/usr/local/share/protocols/rtf.pat +++ /dev/null @@ -1,8 +0,0 @@ -# RTF - Rich Text Format - an open document format -# Pattern attributes: good fast notsofast subset -# Protocol groups: file - -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -rtf -\{\\rtf[12] - diff --git a/src/usr/local/share/protocols/rtmp.pat b/src/usr/local/share/protocols/rtmp.pat deleted file mode 100644 index 2c7adad..0000000 --- a/src/usr/local/share/protocols/rtmp.pat +++ /dev/null @@ -1,13 +0,0 @@ -# Adobe Real Time Messaging Protocol(RTMP). By Jonathan A.P. Marpaung -# Pattern attributes: works very fast -# Protocol Groups: streaming_video streaming_audio -# The RTMP Specification is availabe at -# http://www.adobe.com/devnet/rtmp/pdf/rtmp_specification_1.0.pdf [^] -# -# First 12 bytes, starting at \x03 are the RTMP header. Next 25 bytes, -# starting at \x02, are part of the RTMP body which is an AMF Object. -# The first string "connect" is a command of the NetConnection class object. -# The next string "app" is a Command Object which is followed by values -# such as "video", . -rtmp -^\x03.+\x14.+\x02.+\x07.(connect)?.+(app)? diff --git a/src/usr/local/share/protocols/rtp.pat b/src/usr/local/share/protocols/rtp.pat deleted file mode 100644 index 61fcd8e..0000000 --- a/src/usr/local/share/protocols/rtp.pat +++ /dev/null @@ -1,33 +0,0 @@ -# RTP - Real-time Transport Protocol - RFC 3550 -# Pattern attributes: ok overmatch undermatch fast fast -# Protocol groups: streaming_video ietf_internet_standard -# Wiki: http://www.protocolinfo.org/wiki/RTP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# RTP headers are *very* short and compact. They have almost nothing in -# them that can be matched by l7-filter. As RTP connections take place -# between even numbered ports, you should probably check for that before -# applying this pattern. If you want to match them along with their -# associated SIP packets, you might try setting up some iptables rules -# that watch for SIP packets and then also match any other UDP packets -# that are going between the same two IP addresses. -# -# I think we can count on the first bit being 1 and the second bit being -# 0 (meaning protocol version 2). The next two bits could go either way, -# but in the example I've seen, they are zero, so I'll assume they are -# usually zero. The next four bits are a count of "contributing source -# identifiers". I'm not sure how big that could be, but in the example -# I've seen, they're zero, so I'll assume they're usually zero. So that -# gives us ^\x80. The next bit is a tossup. Next is the payload type, 7 -# bits. I've taken likely values from the WireShark code: 0-34, 96-127 -# (decimal). The rest of the header is random numbers (sequence number, -# timestamp, synchronization source identifier), so that's no help at -# all. - -rtp -^\x80[\x01-"`-\x7f\x80-\xa2\xe0-\xff]?..........*\x80 - -# Might also try this. It's a bit slower (one packet and not too much extra -# regexec load) and a bit more accurate: -#^\x80[\x01-"`-\x7f\x80-\xa2\xe0-\xff]?..........*\x80.*\x80 - diff --git a/src/usr/local/share/protocols/rtsp.pat b/src/usr/local/share/protocols/rtsp.pat deleted file mode 100644 index 1013ae3..0000000 --- a/src/usr/local/share/protocols/rtsp.pat +++ /dev/null @@ -1,15 +0,0 @@ -# RTSP - Real Time Streaming Protocol - http://www.rtsp.org - RFC 2326 -# Pattern attributes: good notsofast notsofast -# Protocol groups: streaming_video ietf_proposed_standard -# Wiki: http://www.protocolinfo.org/wiki/RTSP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# usually runs on port 554 -# -# To take full advantage of this pattern, please see the RTSP connection -# tracking patch to the Linux kernel referenced at the above site. -# -# This pattern has been tested and is believed to work well. - -rtsp -rtsp/1.0 200 ok diff --git a/src/usr/local/share/protocols/runesofmagic.pat b/src/usr/local/share/protocols/runesofmagic.pat deleted file mode 100644 index 6fbfea4..0000000 --- a/src/usr/local/share/protocols/runesofmagic.pat +++ /dev/null @@ -1,63 +0,0 @@ -# Runes of Magic - game - http://www.runesofmagic.com -# Pattern attributes: ok veryfast fast -# Protocol groups: game proprietary -# Wiki: http://www.protocolinfo.org/wiki/Runes_of_Magic -# Copyright (C) 2008 Matthew Strait; See ../LICENSE - -runesofmagic -^\x10\x03...........\x0a\x02.....\x0e -# See below (this is also veryfast fast) -#^\x10\x03...........?\x0a\x02.....?$ - -# Greatwolf captured the following: -# -# Server: -# -# 10 00 00 00 03 78 76 7a 1e 8a dd b5 95 a3 3a de .....xvz ......:. -# 0a 00 00 00 02 df 85 cc cc cc ........ .. -# -# Client reply: -# -# 0e 00 00 00 02 28 82 cc cc cc 8b c9 cc cc .....(.. ...... -# -# Server: -# -# 2e 00 00 00 02 1e 7f f4 f4 f4 ef f4 f4 f4 b3 8c ........ ........ -# [...] -# -# And says: "Bytes 10 00 00 00 03, 0a 00 00 00 02 and 0e (client reply) -# were consistently present. -# -# ^\x10\x03...........\x0a\x02.....\x0e -# -# Pattern was able to match during the closed beta period. It is still -# matching okay after RoM started open beta but could definitely use -# more testing from others to verify effectiveness." -# -# Matthew Strait says: -# -# * If the server consistently sends those four bytes in the first packet, -# it is probably wasteful to wait for the next (client) packet before -# matching. -# -# * If we switch the match strategy to just looking at the first packet, and -# the first packet is always the same (or nearly the same) length, we can -# anchor (i.e. use a '$') at the end of the packet. -# -# * When there's a string of bytes that I don't understand and that take -# different values from connection to connection, I think it's good to allow -# for the possibility that at least one might be \x00, and so I'd make one -# of the "." into ".?", unless you *know* that \x00 is impossible somehow. -# -# * All of those \xcc bytes don't look random to me. Your comments suggest -# that it isn't always exactly like that, but is there always pattern of -# repeated bytes or something else that might be useful? It probably isn't -# necessary to exploit this, since it looks like there's already enough to -# go with, but it would be nice to understand. -# -# So perhaps it would be an improvement to use: -# -# ^\x10\x03...........?\x0a\x02.....?$ -# -# but this depends on the assumptions I made above. - diff --git a/src/usr/local/share/protocols/shoutcast.pat b/src/usr/local/share/protocols/shoutcast.pat deleted file mode 100644 index e78883c..0000000 --- a/src/usr/local/share/protocols/shoutcast.pat +++ /dev/null @@ -1,27 +0,0 @@ -# Shoutcast and Icecast - streaming audio -# Pattern attributes: good slow notsofast -# Protocol groups: streaming_audio -# Wiki: http://www.protocolinfo.org/wiki/Icecast -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# usually runs on port 80 -# -# Original pattern contributed by Deepak Seshadri who says "The difference between [Shoutcast and -# Icecast] is not clearly mentioned anywhere. According to this -# document, my pattern would filter JUST shoutcast packets." -# -# Should now match both Shoutcast and Icecast. Tested with Winamp (in -# 2005) and Totem using streams at dir.xiph.org (in Nov 2007). -# -# http://sander.vanzoest.com/talks/2002/audio_and_apache/ -# http://forums.radiotoolbox.com/viewtopic.php?t=74 -# http://www.icecast.org - -shoutcast -# The first branch looks for an HTTP request that looks like it is asking for -# a SHOUTcast stream. The second branch looks for the server's reply. However, -# some (newer?) servers answer with "http/1.0 200 OK", not "ICY 200 OK", so -# this will not work. -# This pattern was discovered using Ethereal. -^get /.*icy-metadata:1|icy [1-5][0-9][0-9] [\x09-\x0d -~]*(content-type:audio|icy-) diff --git a/src/usr/local/share/protocols/sip.pat b/src/usr/local/share/protocols/sip.pat deleted file mode 100644 index 2728009..0000000 --- a/src/usr/local/share/protocols/sip.pat +++ /dev/null @@ -1,20 +0,0 @@ -# SIP - Session Initiation Protocol - Internet telephony - RFC 3261, 3265, etc. -# Pattern attributes: good fast fast -# Protocol groups: voip ietf_proposed_standard -# Wiki: http://www.protocolinfo.org/wiki/SIP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern has been tested with the Ubiquity SIP user agent and has been -# confirmed by at least one other user. -# -# Thanks to Ankit Desai for this pattern. Updated by tehseen sagar. -# -# SIP typically uses port 5060. -# -# This pattern is based on SIP request format as per RFC 3261. I'm not -# sure about the version part. The RFC doesn't say anything about it, so -# I have allowed version ranging from 0.x to 2.x. - -#Request-Line = Method SP Request-URI SP SIP-Version CRLF -sip -^(invite|register|cancel|message|subscribe|notify) sip[\x09-\x0d -~]*sip/[0-2]\.[0-9] diff --git a/src/usr/local/share/protocols/skypeout.pat b/src/usr/local/share/protocols/skypeout.pat deleted file mode 100644 index 55e4e10..0000000 --- a/src/usr/local/share/protocols/skypeout.pat +++ /dev/null @@ -1,50 +0,0 @@ -# Skype to phone - UDP voice call (program to POTS phone) - http://skype.com -# Pattern attributes: ok slow notsofast overmatch -# Protocol groups: voip p2p proprietary -# Wiki: http://www.protocolinfo.org/wiki/Skype -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE - -# Thanks to Myles Uyema, mylesuyema AT gmail.com - -# Taken using Ethereal traces of Windows Skype v1.2.037, same in v1.2.0.18_API -# -# Skype will attempt to use the same UDP port for all its connections as -# configured in its options. However, this is a random port by default. -# Skype has some preference for ports 80 and 443. -# -# Example sessions: -# -#SkypeOut -#c6 5c bf 41 8e 8d d6 d2 08 <-- this is sometimes as short as 1 byte and -#c6 5c bf 41 8e 8d d6 d2 08 <-- sometimes as long as 9 (or more?) -#00 6b 2c f5 87 f1 06 -#00 6b 2c f5 87 f1 06 -#00 6b 2c f5 36 ea 85 -#00 6b 2c f5 36 ea 85 -#00 6b 2c f5 57 27 d4 -#00 6b 2c f5 57 27 d4 -#00 6b 2c f5 43 5b 00 -#00 6b 2c f5 43 5b 00 -# -#SkypeOut -#7e 4f e5 b8 -#7e 4f e5 b8 -#00 6b 88 61 80 52 93 -#00 6b 88 61 80 52 93 -#00 6b 88 61 1a 09 e9 -#00 6b 88 61 1a 09 e9 -#00 6b 88 61 47 43 c4 -#00 6b 88 61 47 43 c4 - -skypeout - -# Scary. Our regular expressions suck. This is a prime candidate for -# some sort of a scheme to support two different regular expressions -# when there's a major difference between what the two libraries allow. -# For the Henry Spencer library, there's not much that can be done -# except requiring that we see the same byte twice. - -# This matches about %4 of random streams and 13% of printable random streams - -# This is slow, but not as bad as you might think. -^(\x01.?.?.?.?.?.?.?.?\x01|\x02.?.?.?.?.?.?.?.?\x02|\x03.?.?.?.?.?.?.?.?\x03|\x04.?.?.?.?.?.?.?.?\x04|\x05.?.?.?.?.?.?.?.?\x05|\x06.?.?.?.?.?.?.?.?\x06|\x07.?.?.?.?.?.?.?.?\x07|\x08.?.?.?.?.?.?.?.?\x08|\x09.?.?.?.?.?.?.?.?\x09|\x0a.?.?.?.?.?.?.?.?\x0a|\x0b.?.?.?.?.?.?.?.?\x0b|\x0c.?.?.?.?.?.?.?.?\x0c|\x0d.?.?.?.?.?.?.?.?\x0d|\x0e.?.?.?.?.?.?.?.?\x0e|\x0f.?.?.?.?.?.?.?.?\x0f|\x10.?.?.?.?.?.?.?.?\x10|\x11.?.?.?.?.?.?.?.?\x11|\x12.?.?.?.?.?.?.?.?\x12|\x13.?.?.?.?.?.?.?.?\x13|\x14.?.?.?.?.?.?.?.?\x14|\x15.?.?.?.?.?.?.?.?\x15|\x16.?.?.?.?.?.?.?.?\x16|\x17.?.?.?.?.?.?.?.?\x17|\x18.?.?.?.?.?.?.?.?\x18|\x19.?.?.?.?.?.?.?.?\x19|\x1a.?.?.?.?.?.?.?.?\x1a|\x1b.?.?.?.?.?.?.?.?\x1b|\x1c.?.?.?.?.?.?.?.?\x1c|\x1d.?.?.?.?.?.?.?.?\x1d|\x1e.?.?.?.?.?.?.?.?\x1e|\x1f.?.?.?.?.?.?.?.?\x1f|\x20.?.?.?.?.?.?.?.?\x20|\x21.?.?.?.?.?.?.?.?\x21|\x22.?.?.?.?.?.?.?.?\x22|\x23.?.?.?.?.?.?.?.?\x23|\$.?.?.?.?.?.?.?.?\$|\x25.?.?.?.?.?.?.?.?\x25|\x26.?.?.?.?.?.?.?.?\x26|\x27.?.?.?.?.?.?.?.?\x27|\(.?.?.?.?.?.?.?.?\(|\).?.?.?.?.?.?.?.?\)|\*.?.?.?.?.?.?.?.?\*|\+.?.?.?.?.?.?.?.?\+|\x2c.?.?.?.?.?.?.?.?\x2c|\x2d.?.?.?.?.?.?.?.?\x2d|\..?.?.?.?.?.?.?.?\.|\x2f.?.?.?.?.?.?.?.?\x2f|\x30.?.?.?.?.?.?.?.?\x30|\x31.?.?.?.?.?.?.?.?\x31|\x32.?.?.?.?.?.?.?.?\x32|\x33.?.?.?.?.?.?.?.?\x33|\x34.?.?.?.?.?.?.?.?\x34|\x35.?.?.?.?.?.?.?.?\x35|\x36.?.?.?.?.?.?.?.?\x36|\x37.?.?.?.?.?.?.?.?\x37|\x38.?.?.?.?.?.?.?.?\x38|\x39.?.?.?.?.?.?.?.?\x39|\x3a.?.?.?.?.?.?.?.?\x3a|\x3b.?.?.?.?.?.?.?.?\x3b|\x3c.?.?.?.?.?.?.?.?\x3c|\x3d.?.?.?.?.?.?.?.?\x3d|\x3e.?.?.?.?.?.?.?.?\x3e|\?.?.?.?.?.?.?.?.?\?|\x40.?.?.?.?.?.?.?.?\x40|\x41.?.?.?.?.?.?.?.?\x41|\x42.?.?.?.?.?.?.?.?\x42|\x43.?.?.?.?.?.?.?.?\x43|\x44.?.?.?.?.?.?.?.?\x44|\x45.?.?.?.?.?.?.?.?\x45|\x46.?.?.?.?.?.?.?.?\x46|\x47.?.?.?.?.?.?.?.?\x47|\x48.?.?.?.?.?.?.?.?\x48|\x49.?.?.?.?.?.?.?.?\x49|\x4a.?.?.?.?.?.?.?.?\x4a|\x4b.?.?.?.?.?.?.?.?\x4b|\x4c.?.?.?.?.?.?.?.?\x4c|\x4d.?.?.?.?.?.?.?.?\x4d|\x4e.?.?.?.?.?.?.?.?\x4e|\x4f.?.?.?.?.?.?.?.?\x4f|\x50.?.?.?.?.?.?.?.?\x50|\x51.?.?.?.?.?.?.?.?\x51|\x52.?.?.?.?.?.?.?.?\x52|\x53.?.?.?.?.?.?.?.?\x53|\x54.?.?.?.?.?.?.?.?\x54|\x55.?.?.?.?.?.?.?.?\x55|\x56.?.?.?.?.?.?.?.?\x56|\x57.?.?.?.?.?.?.?.?\x57|\x58.?.?.?.?.?.?.?.?\x58|\x59.?.?.?.?.?.?.?.?\x59|\x5a.?.?.?.?.?.?.?.?\x5a|\[.?.?.?.?.?.?.?.?\[|\\.?.?.?.?.?.?.?.?\\|\].?.?.?.?.?.?.?.?\]|\^.?.?.?.?.?.?.?.?\^|\x5f.?.?.?.?.?.?.?.?\x5f|\x60.?.?.?.?.?.?.?.?\x60|\x61.?.?.?.?.?.?.?.?\x61|\x62.?.?.?.?.?.?.?.?\x62|\x63.?.?.?.?.?.?.?.?\x63|\x64.?.?.?.?.?.?.?.?\x64|\x65.?.?.?.?.?.?.?.?\x65|\x66.?.?.?.?.?.?.?.?\x66|\x67.?.?.?.?.?.?.?.?\x67|\x68.?.?.?.?.?.?.?.?\x68|\x69.?.?.?.?.?.?.?.?\x69|\x6a.?.?.?.?.?.?.?.?\x6a|\x6b.?.?.?.?.?.?.?.?\x6b|\x6c.?.?.?.?.?.?.?.?\x6c|\x6d.?.?.?.?.?.?.?.?\x6d|\x6e.?.?.?.?.?.?.?.?\x6e|\x6f.?.?.?.?.?.?.?.?\x6f|\x70.?.?.?.?.?.?.?.?\x70|\x71.?.?.?.?.?.?.?.?\x71|\x72.?.?.?.?.?.?.?.?\x72|\x73.?.?.?.?.?.?.?.?\x73|\x74.?.?.?.?.?.?.?.?\x74|\x75.?.?.?.?.?.?.?.?\x75|\x76.?.?.?.?.?.?.?.?\x76|\x77.?.?.?.?.?.?.?.?\x77|\x78.?.?.?.?.?.?.?.?\x78|\x79.?.?.?.?.?.?.?.?\x79|\x7a.?.?.?.?.?.?.?.?\x7a|\{.?.?.?.?.?.?.?.?\{|\|.?.?.?.?.?.?.?.?\||\}.?.?.?.?.?.?.?.?\}|\x7e.?.?.?.?.?.?.?.?\x7e|\x7f.?.?.?.?.?.?.?.?\x7f|\x80.?.?.?.?.?.?.?.?\x80|\x81.?.?.?.?.?.?.?.?\x81|\x82.?.?.?.?.?.?.?.?\x82|\x83.?.?.?.?.?.?.?.?\x83|\x84.?.?.?.?.?.?.?.?\x84|\x85.?.?.?.?.?.?.?.?\x85|\x86.?.?.?.?.?.?.?.?\x86|\x87.?.?.?.?.?.?.?.?\x87|\x88.?.?.?.?.?.?.?.?\x88|\x89.?.?.?.?.?.?.?.?\x89|\x8a.?.?.?.?.?.?.?.?\x8a|\x8b.?.?.?.?.?.?.?.?\x8b|\x8c.?.?.?.?.?.?.?.?\x8c|\x8d.?.?.?.?.?.?.?.?\x8d|\x8e.?.?.?.?.?.?.?.?\x8e|\x8f.?.?.?.?.?.?.?.?\x8f|\x90.?.?.?.?.?.?.?.?\x90|\x91.?.?.?.?.?.?.?.?\x91|\x92.?.?.?.?.?.?.?.?\x92|\x93.?.?.?.?.?.?.?.?\x93|\x94.?.?.?.?.?.?.?.?\x94|\x95.?.?.?.?.?.?.?.?\x95|\x96.?.?.?.?.?.?.?.?\x96|\x97.?.?.?.?.?.?.?.?\x97|\x98.?.?.?.?.?.?.?.?\x98|\x99.?.?.?.?.?.?.?.?\x99|\x9a.?.?.?.?.?.?.?.?\x9a|\x9b.?.?.?.?.?.?.?.?\x9b|\x9c.?.?.?.?.?.?.?.?\x9c|\x9d.?.?.?.?.?.?.?.?\x9d|\x9e.?.?.?.?.?.?.?.?\x9e|\x9f.?.?.?.?.?.?.?.?\x9f|\xa0.?.?.?.?.?.?.?.?\xa0|\xa1.?.?.?.?.?.?.?.?\xa1|\xa2.?.?.?.?.?.?.?.?\xa2|\xa3.?.?.?.?.?.?.?.?\xa3|\xa4.?.?.?.?.?.?.?.?\xa4|\xa5.?.?.?.?.?.?.?.?\xa5|\xa6.?.?.?.?.?.?.?.?\xa6|\xa7.?.?.?.?.?.?.?.?\xa7|\xa8.?.?.?.?.?.?.?.?\xa8|\xa9.?.?.?.?.?.?.?.?\xa9|\xaa.?.?.?.?.?.?.?.?\xaa|\xab.?.?.?.?.?.?.?.?\xab|\xac.?.?.?.?.?.?.?.?\xac|\xad.?.?.?.?.?.?.?.?\xad|\xae.?.?.?.?.?.?.?.?\xae|\xaf.?.?.?.?.?.?.?.?\xaf|\xb0.?.?.?.?.?.?.?.?\xb0|\xb1.?.?.?.?.?.?.?.?\xb1|\xb2.?.?.?.?.?.?.?.?\xb2|\xb3.?.?.?.?.?.?.?.?\xb3|\xb4.?.?.?.?.?.?.?.?\xb4|\xb5.?.?.?.?.?.?.?.?\xb5|\xb6.?.?.?.?.?.?.?.?\xb6|\xb7.?.?.?.?.?.?.?.?\xb7|\xb8.?.?.?.?.?.?.?.?\xb8|\xb9.?.?.?.?.?.?.?.?\xb9|\xba.?.?.?.?.?.?.?.?\xba|\xbb.?.?.?.?.?.?.?.?\xbb|\xbc.?.?.?.?.?.?.?.?\xbc|\xbd.?.?.?.?.?.?.?.?\xbd|\xbe.?.?.?.?.?.?.?.?\xbe|\xbf.?.?.?.?.?.?.?.?\xbf|\xc0.?.?.?.?.?.?.?.?\xc0|\xc1.?.?.?.?.?.?.?.?\xc1|\xc2.?.?.?.?.?.?.?.?\xc2|\xc3.?.?.?.?.?.?.?.?\xc3|\xc4.?.?.?.?.?.?.?.?\xc4|\xc5.?.?.?.?.?.?.?.?\xc5|\xc6.?.?.?.?.?.?.?.?\xc6|\xc7.?.?.?.?.?.?.?.?\xc7|\xc8.?.?.?.?.?.?.?.?\xc8|\xc9.?.?.?.?.?.?.?.?\xc9|\xca.?.?.?.?.?.?.?.?\xca|\xcb.?.?.?.?.?.?.?.?\xcb|\xcc.?.?.?.?.?.?.?.?\xcc|\xcd.?.?.?.?.?.?.?.?\xcd|\xce.?.?.?.?.?.?.?.?\xce|\xcf.?.?.?.?.?.?.?.?\xcf|\xd0.?.?.?.?.?.?.?.?\xd0|\xd1.?.?.?.?.?.?.?.?\xd1|\xd2.?.?.?.?.?.?.?.?\xd2|\xd3.?.?.?.?.?.?.?.?\xd3|\xd4.?.?.?.?.?.?.?.?\xd4|\xd5.?.?.?.?.?.?.?.?\xd5|\xd6.?.?.?.?.?.?.?.?\xd6|\xd7.?.?.?.?.?.?.?.?\xd7|\xd8.?.?.?.?.?.?.?.?\xd8|\xd9.?.?.?.?.?.?.?.?\xd9|\xda.?.?.?.?.?.?.?.?\xda|\xdb.?.?.?.?.?.?.?.?\xdb|\xdc.?.?.?.?.?.?.?.?\xdc|\xdd.?.?.?.?.?.?.?.?\xdd|\xde.?.?.?.?.?.?.?.?\xde|\xdf.?.?.?.?.?.?.?.?\xdf|\xe0.?.?.?.?.?.?.?.?\xe0|\xe1.?.?.?.?.?.?.?.?\xe1|\xe2.?.?.?.?.?.?.?.?\xe2|\xe3.?.?.?.?.?.?.?.?\xe3|\xe4.?.?.?.?.?.?.?.?\xe4|\xe5.?.?.?.?.?.?.?.?\xe5|\xe6.?.?.?.?.?.?.?.?\xe6|\xe7.?.?.?.?.?.?.?.?\xe7|\xe8.?.?.?.?.?.?.?.?\xe8|\xe9.?.?.?.?.?.?.?.?\xe9|\xea.?.?.?.?.?.?.?.?\xea|\xeb.?.?.?.?.?.?.?.?\xeb|\xec.?.?.?.?.?.?.?.?\xec|\xed.?.?.?.?.?.?.?.?\xed|\xee.?.?.?.?.?.?.?.?\xee|\xef.?.?.?.?.?.?.?.?\xef|\xf0.?.?.?.?.?.?.?.?\xf0|\xf1.?.?.?.?.?.?.?.?\xf1|\xf2.?.?.?.?.?.?.?.?\xf2|\xf3.?.?.?.?.?.?.?.?\xf3|\xf4.?.?.?.?.?.?.?.?\xf4|\xf5.?.?.?.?.?.?.?.?\xf5|\xf6.?.?.?.?.?.?.?.?\xf6|\xf7.?.?.?.?.?.?.?.?\xf7|\xf8.?.?.?.?.?.?.?.?\xf8|\xf9.?.?.?.?.?.?.?.?\xf9|\xfa.?.?.?.?.?.?.?.?\xfa|\xfb.?.?.?.?.?.?.?.?\xfb|\xfc.?.?.?.?.?.?.?.?\xfc|\xfd.?.?.?.?.?.?.?.?\xfd|\xfe.?.?.?.?.?.?.?.?\xfe|\xff.?.?.?.?.?.?.?.?\xff) diff --git a/src/usr/local/share/protocols/skypetoskype.pat b/src/usr/local/share/protocols/skypetoskype.pat deleted file mode 100644 index ed1103a..0000000 --- a/src/usr/local/share/protocols/skypetoskype.pat +++ /dev/null @@ -1,14 +0,0 @@ -# Skype to Skype - UDP voice call (program to program) - http://skype.com -# Pattern attributes: ok veryfast fast overmatch -# Protocol groups: voip p2p proprietary -# Wiki: http://www.protocolinfo.org/wiki/Skype -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE - -# This matches at least some of the general chatter that occurs when the -# user isn't doing anything as well as actual calls. -# Thanks to Myles Uyema, mylesuyema AT gmail.com - -skypetoskype -# require at least 16 bytes (my limited tests always get at least 18) -^..\x02............. - diff --git a/src/usr/local/share/protocols/smb.pat b/src/usr/local/share/protocols/smb.pat deleted file mode 100644 index c1f8b0a..0000000 --- a/src/usr/local/share/protocols/smb.pat +++ /dev/null @@ -1,19 +0,0 @@ -# Samba/SMB - Server Message Block - Microsoft Windows filesharing -# Pattern attributes: good fast notsofast -# Protocol groups: document_retrieval networking proprietary -# Wiki: http://www.protocolinfo.org/wiki/SMB -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# "This protocol is sometimes also referred to as the Common Internet File -# System (CIFS), LanManager or NetBIOS protocol." -- "man samba" -# -# Actually, SMB is a higher level protocol than NetBIOS. However, the -# NetBIOS header is only 4 bytes: not much to match on. -# -# http://www.ubiqx.org/cifs/SMB.html -# -# This pattern is lightly tested. - -smb -# matches a NEGOTIATE PROTOCOL or TRANSACTION REQUEST command -\xffsmb[\x72\x25] diff --git a/src/usr/local/share/protocols/smtp.pat b/src/usr/local/share/protocols/smtp.pat deleted file mode 100644 index 2f5d195..0000000 --- a/src/usr/local/share/protocols/smtp.pat +++ /dev/null @@ -1,40 +0,0 @@ -# SMTP - Simple Mail Transfer Protocol - RFC 2821 (See also RFC 1869) -# Pattern attributes: great notsofast fast -# Protocol groups: mail ietf_internet_standard -# Wiki: http://www.protocolinfo.org/wiki/SMTP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# usually runs on port 25 -# -# This pattern has been tested and is believed to work well. - -# As usual, no text is required after "220", but all known servers have some -# there. It (almost?) always has string "smtp" in it. The RFC examples -# does not, so we match those too, just in case anyone has copied them -# literally. -# -# Some examples: -# 220 mail.stalker.com ESMTP CommuniGate Pro 4.1.3 -# 220 mail.vieodata.com ESMTP Merak 6.1.0; Mon, 15 Sep 2003 13:48:11 -0400 -# 220 mail.ut.caldera.com ESMTP -# 220 persephone.pmail.gen.nz ESMTP server ready. -# 220 smtp1.superb.net ESMTP -# 220 mail.kerio.com Kerio MailServer 5.6.7 ESMTP ready -# 220-mail.deerfield.com ESMTP VisNetic.MailServer.v6.0.9.0; Mon, 15 Sep 2003 13:4 -# 220 altn.com ESMTP MDaemon 6.8.5; Mon, 15 Sep 2003 12:46:42 -0500 -# 220 X1 NT-ESMTP Server ipsmin0165atl2.interland.net (IMail 6.06 73062-3) -# 220 mail.icewarp.com ESMTP Merak 6.1.1; Mon, 15 Sep 2003 19:43:23 +0200 -# 220-mail.email-scan.com ESMTP -# 220 smaug.dreamhost.com ESMTP -# 220 kona.carleton.edu -- Server ESMTP (PMDF V6.2#30648) -# 220 letra.reed.edu ESMTP Sendmail 8.12.9/8.12.9; Mon, 15 Sep 2003 10:35:57 -0700 (PDT) -# 220-swan.mail.pas.earthlink.net ESMTP Exim 3.33 #1 Mon, 15 Sep 2003 10:32:15 -0700 -# -# RFC examples: -# 220 xyz.com Simple Mail Transfer Service Ready (RFC example) -# 220 dbc.mtview.ca.us SMTP service ready - -smtp -^220[\x09-\x0d -~]* (e?smtp|simple mail) -userspace pattern=^220[\x09-\x0d -~]* (E?SMTP|[Ss]imple [Mm]ail) -userspace flags=REG_NOSUB REG_EXTENDED diff --git a/src/usr/local/share/protocols/snmp-mon.pat b/src/usr/local/share/protocols/snmp-mon.pat deleted file mode 100644 index fe22662..0000000 --- a/src/usr/local/share/protocols/snmp-mon.pat +++ /dev/null @@ -1,32 +0,0 @@ -# SNMP Monitoring - Simple Network Management Protocol (RFC1157) -# Pattern attributes: good veryfast fast subset -# Protocol groups: networking ietf_internet_standard -# Wiki: http://en.wikipedia.org/wiki/SNMP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Usually runs on UDP ports 161 -# -# These filters match SNMPv1 packets without fail, and are made -# as specific as possible not to match any ASN.1 encoded protocols. -# However these could still be matched by other protocols that -# use ASN.1 encoding - -# Contributed by Goli SriSairam - -# This pattern has been tested and is believe to work well. -# -# To get or provide more information about this protocol and/or pattern: -# http://www.protocolinfo.org/wiki/SNMP -# http://lists.sourceforge.net/lists/listinfo/l7-filter-developers - -# SNMPv1 GET/GETNEXT/SET request and response -# matches SNMP header -# version \x02\x01 -# community \x04.+ -# PDU type [\xa0-\xa3] (GET/GETNEXT/SET/GETRESPONSE) -# RequestId \x02[\x01-\x04].?.?.?.? -# errorStatus \x02\x01.? -# errorIndex \x02\x01.? -# varbinds start \x30 -snmp-mon -^\x02\x01\x04.+[\xa0-\xa3]\x02[\x01-\x04].?.?.?.?\x02\x01.?\x02\x01.?\x30 diff --git a/src/usr/local/share/protocols/snmp-trap.pat b/src/usr/local/share/protocols/snmp-trap.pat deleted file mode 100644 index e8ba19a..0000000 --- a/src/usr/local/share/protocols/snmp-trap.pat +++ /dev/null @@ -1,33 +0,0 @@ -# SNMP Traps - Simple Network Management Protocol (RFC1157) -# Pattern attributes: good veryfast fast subset -# Protocol groups: networking ietf_internet_standard -# Wiki: http://en.wikipedia.org/wiki/SNMP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Usually runs on UDP ports 162 -# -# These filters match SNMPv1 packets without fail, and are made -# as specific as possible not to match any ASN.1 encoded protocols. -# However these could still be matched by other protocols that -# use ASN.1 encoding - -# Contributed by Goli SriSairam - -# This pattern has been tested and is believe to work well. -# -# To get or provide more information about this protocol and/or pattern: -# http://www.protocolinfo.org/wiki/SNMP -# http://lists.sourceforge.net/lists/listinfo/l7-filter-developers - -# SNMPv1 Trap -# matches SNMP trap header -# version \x02\x01 -# community string \x04.+ -# PDU type \xa4 (TRAP) -# enterprise \x06.+ -# agent address \x40\x04\.?.?.?.? -# trap type \x02\x01.? -# specific trap type \x02\x01.? -# timestamp \x43 -snmp-trap -^\x02\x01\x04.+\xa4\x06.+\x40\x04.?.?.?.?\x02\x01.?\x02\x01.?\x43 diff --git a/src/usr/local/share/protocols/snmp.pat b/src/usr/local/share/protocols/snmp.pat deleted file mode 100644 index a7186b2..0000000 --- a/src/usr/local/share/protocols/snmp.pat +++ /dev/null @@ -1,19 +0,0 @@ -# SNMP - Simple Network Management Protocol - RFC 1157 -# Pattern attributes: good veryfast fast superset -# Protocol groups: networking ietf_internet_standard -# Wiki: http://www.protocolinfo.org/wiki/SNMP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Usually runs on UDP ports 161 (monitoring) and 162 (traps). -# -# These filters match SNMPv1 packets without fail, and are made as -# specific as possible not to match any ASN.1 encoded protocols. However -# these could still be matched by other protocols that use ASN.1 encoding - -# Contributed by Goli SriSairam - -# This pattern has been tested and is believed to work well. - -# All SNMPv1 traffic. See snmp-mon.pat and snmp-trap.pat for details. -snmp -^\x02\x01\x04.+([\xa0-\xa3]\x02[\x01-\x04].?.?.?.?\x02\x01.?\x02\x01.?\x30|\xa4\x06.+\x40\x04.?.?.?.?\x02\x01.?\x02\x01.?\x43) diff --git a/src/usr/local/share/protocols/socks.pat b/src/usr/local/share/protocols/socks.pat deleted file mode 100644 index 54189fd..0000000 --- a/src/usr/local/share/protocols/socks.pat +++ /dev/null @@ -1,32 +0,0 @@ -# SOCKS Version 5 - Firewall traversal protocol - RFC 1928 -# Pattern attributes: good notsofast notsofast -# Protocol groups: networking ietf_proposed_standard -# Wiki: http://www.protocolinfo.org/wiki/SOCKS -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Usually runs on port 1080 -# Also useful: http://www.iana.org/assignments/socks-methods -# -# We have had two reports that this pattern works. - -# method request, no private methods \x05[\x01-\x08]* -# method reply, assumes sucess \x05[\x01-\x08]? -# method dependent sub-negotiation .* -# request, ipv4 only \x05[\x01-\x03][\x01\x03].* -# reply \x05[\x01-\x08]?[\x01\x03].* - -# username/password method -# u/p request, assuming reasonable usernames and passwords -# \x05[\x02-\x10][a-z][a-z0-9\-]*[\x05-\x20][!-~]* -# server reply -# \x05 - -# GSSAPI method -# client initial token \x01\x01\x02.* -# server reply \x01\x01\x02.* - -# any other method .* (all methods boil down to this until we have information -# about all the commonly used ones) - -socks -\x05[\x01-\x08]*\x05[\x01-\x08]?.*\x05[\x01-\x03][\x01\x03].*\x05[\x01-\x08]?[\x01\x03] diff --git a/src/usr/local/share/protocols/soribada.pat b/src/usr/local/share/protocols/soribada.pat deleted file mode 100644 index e1c0c56..0000000 --- a/src/usr/local/share/protocols/soribada.pat +++ /dev/null @@ -1,51 +0,0 @@ -# Soribada - A Korean P2P filesharing program/protocol - http://www.soribada.com -# Pattern attributes: good slow notsofast -# Protocol groups: p2p -# Wiki: http://www.protocolinfo.org/wiki/Soribada -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE - -# I am told that there are three versions of this protocol, the first no -# longer being used. That would probably explain why incoming searches -# have two different formats... - -# There are three parts to Soribada protocal: -# 1: Ping/Pong to establish a relationship on the net (UDP with 2 useful bytes) -# 2: Searching (in two formats) (UDP with two short easy to match starts) -# 3: Download requests/transfers (TCP with an obvious first packet) - -# 1 -- Pings/Pongs: -# Requester send 2 bytes and a 6 byte response is sent back. -# \x10 for the first byte and \x14-\x16 for the second. -# The response is the first byte (\x10) and the second byte incremented -# by 1 (\x15-\x17). -# No further communication happens between the hosts except for searches. -# A regex match: ^\x10[\x14-\x16]\x10[\x15-\x17].?.?.?.?$ -# First Packet ---^^^^^^^^^^^^^^^ -# Second Packet -----------------^^^^^^^^^^^^^^^^^^^^^^^ - -# 2 -- Search requests: -# All searches are totally stateless and are only responded to if the user -# actually has the file. -# Both format start with a \x01 byte, have 3 "random bytes" and then 3 bytes -# corasponding to one of two formats. -# Format 1 is \x51\x3a\+ and format 2 is \x51\x32\x3a -# A regex match: ^\x01.?.?.?(\x51\x3a\+|\x51\x32\x3a) - -# 3 -- Download requests: -# All downloads start with "GETMP3\x0d\x0aFilename" -# A regex match: ^GETMP3\x0d\x0aFilename - -soribada - -# This will match the second packet of two. -# ^\x10[\x14-\x16]\x10[\x15-\x17].?.?.?.?$ - -# Again, matching this is the end of the comunication. -# ^\x01.?.?.?(\x51\x3a\+|\x51\x32\x3a) - -# This is the start of the transfer and an easy match -#^GETMP3\x0d\x0aFilename - -# This will match everything including the udp packet portions -^GETMP3\x0d\x0aFilename|^\x01.?.?.?(\x51\x3a\+|\x51\x32\x3a)|^\x10[\x14-\x16]\x10[\x15-\x17].?.?.?.?$ - diff --git a/src/usr/local/share/protocols/soulseek.pat b/src/usr/local/share/protocols/soulseek.pat deleted file mode 100644 index ebc06ab..0000000 --- a/src/usr/local/share/protocols/soulseek.pat +++ /dev/null @@ -1,17 +0,0 @@ -# Soulseek - P2P filesharing - http://slsknet.org -# Pattern attributes: good fast fast -# Protocol groups: p2p -# Wiki: http://www.protocolinfo.org/wiki/Soulseek -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# All my tests show that this pattern is fast, but one user has reported that -# it is slow. Your milage may vary. - -# This has been tested and works for "pierce firewall" commands and file -# transfers. It does *not* match all the various sorts of chatter that go on, -# such as searches, pings and whatnot. - -soulseek -# (Pierce firewall: in theory the token could be 4 bytes, but the last two -# seem to always be zero.|download: Peer Init) -^(\x05..?|.\x01.[ -~]+\x01F..?.?.?.?.?.?.?)$ diff --git a/src/usr/local/share/protocols/ssdp.pat b/src/usr/local/share/protocols/ssdp.pat deleted file mode 100644 index d2de92d..0000000 --- a/src/usr/local/share/protocols/ssdp.pat +++ /dev/null @@ -1,21 +0,0 @@ -# SSDP - Simple Service Discovery Protocol - easy discovery of network devices -# Pattern attributes: good slow notsofast -# Protocol groups: networking ietf_draft_standard -# Wiki: http://www.protocolinfo.org/wiki/SSDP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE - -# This pattern was tested only by listening to a Linksys WRT54G. However, -# I expect it works in general given the simplicity of the protocol. - -# SSDP packets should _always_ be sent to the multicast address -# 239.255.255.250, making this pattern irrelevant. (Moreover, SSDP -# packets should be resitricted to local networks that have plenty of -# bandwidth.) However, Microsoft, as usual, has other ideas, so maybe -# it could be useful. Can't hurt, anyway. :-) -# -# http://www.upnp.org/download/draft_cai_ssdp_v1_03.txt -# http://msdn.microsoft.com/library/default.asp?url=/library/en-us/randz/protocol/ssdp.asp - -ssdp -^notify[\x09-\x0d ]\*[\x09-\x0d ]http/1\.1[\x09-\x0d -~]*ssdp:(alive|byebye)|^m-search[\x09-\x0d ]\*[\x09-\x0d ]http/1\.1[\x09-\x0d -~]*ssdp:discover - diff --git a/src/usr/local/share/protocols/ssh.pat b/src/usr/local/share/protocols/ssh.pat deleted file mode 100644 index 5e32f5c..0000000 --- a/src/usr/local/share/protocols/ssh.pat +++ /dev/null @@ -1,17 +0,0 @@ -# SSH - Secure SHell -# Pattern attributes: great veryfast fast -# Protocol groups: remote_access secure ietf_draft_standard -# Wiki: http://www.protocolinfo.org/wiki/SSH -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# usually runs on port 22 -# -# http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-22.txt -# -# This pattern has been tested and is believed to work well. - -ssh -^ssh-[12]\.[0-9] - -# old pattern: -# (diffie-hellman-group-exchange-sha1|diffie-hellman-group1-sha1.ssh-rsa|ssh-dssfaes128-cbc|3des-cbc|blowfish-cbc|cast128-cbc|arcfour|aes192-cbc|aes256-cbc|rijndael-cbc@lysator.liu.sefaes128-cbc|3des-cbc|blowfish-cbc|cast128-cbc|arcfour|aes192-cbc|aes256-cbc|rijndael-cbc@lysator.liu.seuhmac-md5|hmac-sha1|hmac-ripemd160)+ diff --git a/src/usr/local/share/protocols/ssl.pat b/src/usr/local/share/protocols/ssl.pat deleted file mode 100644 index ae30ee4..0000000 --- a/src/usr/local/share/protocols/ssl.pat +++ /dev/null @@ -1,16 +0,0 @@ -# SSL and TLS - Secure Socket Layer / Transport Layer Security - RFC 2246 -# Pattern attributes: good notsofast fast superset -# Protocol groups: secure ietf_proposed_standard -# Wiki: http://www.protocolinfo.org/wiki/SSL -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Usually runs on port 443 -# -# This is a superset of validcertssl. For it to match, it must be first. -# -# This pattern has been tested and is believed to work well. - -ssl -# Server Hello with certificate | Client Hello -# This allows SSL 3.X, which includes TLS 1.0, known internally as SSL 3.1 -^(.?.?\x16\x03.*\x16\x03|.?.?\x01\x03\x01?.*\x0b) diff --git a/src/usr/local/share/protocols/stun.pat b/src/usr/local/share/protocols/stun.pat deleted file mode 100644 index 3bfc3ab..0000000 --- a/src/usr/local/share/protocols/stun.pat +++ /dev/null @@ -1,46 +0,0 @@ -# STUN - Simple Traversal of UDP Through NAT - RFC 3489 -# Pattern attributes: ok veryfast fast -# Protocol groups: networking ietf_proposed_standard -# Wiki: http://www.protocolinfo.org/wiki/STUN -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern is untested as far as I know. - -# Wikipedia says: "The STUN server is contacted on UDP port 3478, -# however the server will hint clients to perform tests on alternate IP -# and port number too (STUN servers have two IP addresses). The RFC -# states that this port and IP are arbitrary." - -stun -# \x01 is a Binding Request. \x02 is a Shared Secret Request. Binding -# Requests are, experimentally, exactly 20 Bytes with three NULL Bytes. -# The first NULL is part of the two byte message type field. The other -# two give the message length, zero. I'm guessing that Shared Secret -# Requests are similar, but I have not checked. Please read the RFC and -# do experiments to find out. All other message types are responses, -# and so don't matter. -# -# The .? allows one of the Message Transaction ID Bytes to be \x00. If -# two are \x00, it will fail. This will happen 0.37% of the time, since -# the Message Transaction ID is supposed to be random. If this is -# unacceptable to you, add another ? to reduce this to 0.020%, but be -# aware of the increased possibility of false positives. -^[\x01\x02]................?$ - -# From my post to the mailing list: -# http://sourceforge.net/mailarchive/message.php?msg_id=36787107 -# -# This is a rather permissive pattern, but you can make it a little better -# by combining it with another iptables rule that checks that the packet -# data is exactly 20 Bytes. Of course, the second packet is longer, so -# maybe that introduces more complications than benefits. -# -# If you're willing to wait until the second packet to make the -# identification, you could use this: -# -# ^\x01................?\x01\x01 -# -# or if the Message Length is always \x24 (I'm not sure it is from your -# single example): -# -# ^\x01................?\x01\x01\x24 diff --git a/src/usr/local/share/protocols/subspace.pat b/src/usr/local/share/protocols/subspace.pat deleted file mode 100644 index 0a1b174..0000000 --- a/src/usr/local/share/protocols/subspace.pat +++ /dev/null @@ -1,21 +0,0 @@ -# Subspace - 2D asteroids-style space game - http://sscentral.com -# Pattern attributes: marginal veryfast fast -# Protocol groups: game -# Wiki: http://www.protocolinfo.org/wiki/Subspace -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# By Myles Uyema -# -# This pattern matches the initial 2 packets of the client-server -# 'handshake' when joining a Zone. -# -# The first packet is an 8 byte UDP payload sent from client -# 0x00 0x01 0x?? 0x?? 0x?? 0x?? 0x11 -# The next packet is a 12 byte UDP response from server -# 0x00 0x10 0x?? 0x?? 0x?? 0x?? 0x?? 0x?? 0x?? 0x?? 0x01 0x00 -# -# l7-filter strips out the null bytes, leaving me with this pattern - -subspace -^\x01....\x11\x10........\x01$ - diff --git a/src/usr/local/share/protocols/subversion.pat b/src/usr/local/share/protocols/subversion.pat deleted file mode 100644 index 8769a19..0000000 --- a/src/usr/local/share/protocols/subversion.pat +++ /dev/null @@ -1,13 +0,0 @@ -# Subversion - a version control system -# Pattern attributes: ok veryfast fast -# Protocol groups: version_control open_source -# Wiki: http://www.protocolinfo.org/wiki/Subversion -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern is UNTESTED. (But it seems straightforward enough...) -# -# Subversion uses TCP port 3690 by default. - -subversion -# This is not a valid basic GNU regular expression. -^\( success \( 1 2 \( diff --git a/src/usr/local/share/protocols/swf.pat b/src/usr/local/share/protocols/swf.pat deleted file mode 100644 index af03086..0000000 --- a/src/usr/local/share/protocols/swf.pat +++ /dev/null @@ -1,2 +0,0 @@ -swf -swf\x21\x1a\x07 diff --git a/src/usr/local/share/protocols/tar.pat b/src/usr/local/share/protocols/tar.pat deleted file mode 100644 index d3ea987..0000000 --- a/src/usr/local/share/protocols/tar.pat +++ /dev/null @@ -1,12 +0,0 @@ -# Tar - tape archive. Standard UNIX file archiver, not just for tapes. -# Pattern attributes: good notsofast notsofast subset -# Protocol groups: file - -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -tar -# /usr/share/magic -## POSIX tar archives -#257 string ustar\0 POSIX tar archive -#257 string ustar\040\040\0 GNU tar archive -# this is pretty general. It's not a dictionary word, but still... -ustar diff --git a/src/usr/local/share/protocols/teamfortress2.pat b/src/usr/local/share/protocols/teamfortress2.pat deleted file mode 100644 index 337af39..0000000 --- a/src/usr/local/share/protocols/teamfortress2.pat +++ /dev/null @@ -1,11 +0,0 @@ -# Team Fortress 2 - network game - http://www.valvesoftware.com -# Pattern attributes: good veryfast fast -# Protocol groups: game proprietary -# Wiki: http://www.protocolinfo.org/wiki/Team_Fortress -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Credits: Clayton Macleod -# Jan Engelhardt - -teamfortress2 -^\xff\xff\xff\xff.....*tfTeam Fortress diff --git a/src/usr/local/share/protocols/teamspeak.pat b/src/usr/local/share/protocols/teamspeak.pat deleted file mode 100644 index 8b2155e..0000000 --- a/src/usr/local/share/protocols/teamspeak.pat +++ /dev/null @@ -1,15 +0,0 @@ -# TeamSpeak - VoIP application - http://goteamspeak.com -# Pattern attributes: good veryfast fast -# Protocol groups: voip proprietary -# Wiki: http://www.protocolinfo.org/wiki/TeamSpeak -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern has been tested by Matthew Strait and verified by packet -# traces by at least two other people. The meaning of f4b303 is not -# known, but it seems to appear in all first packets. This pattern only -# matches the actual UDP voice traffic, not the TeamSpeak web interface -# or "TCP query". - -teamspeak -^\xf4\xbe\x03.*teamspeak - diff --git a/src/usr/local/share/protocols/telnet.pat b/src/usr/local/share/protocols/telnet.pat deleted file mode 100644 index cf10d0e..0000000 --- a/src/usr/local/share/protocols/telnet.pat +++ /dev/null @@ -1,16 +0,0 @@ -# Telnet - Insecure remote login - RFC 854 -# Pattern attributes: good veryfast fast -# Protocol groups: remote_access obsolete ietf_internet_standard -# Wiki: http://www.protocolinfo.org/wiki/Telnet -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Usually runs on port 23 -# -# This pattern is lightly tested. - -telnet -# Matches at least three IAC (Do|Will|Don't|Won't) commands in a row. -# My telnet client sends 9 when I connect, so this should be fine. -# This pattern could fail on a unchatty connection or it could be -# matched by something non-telnet spewing a lot of stuff in the fb-ff range. -^\xff[\xfb-\xfe].\xff[\xfb-\xfe].\xff[\xfb-\xfe] diff --git a/src/usr/local/share/protocols/tesla.pat b/src/usr/local/share/protocols/tesla.pat deleted file mode 100644 index 1f4ee86..0000000 --- a/src/usr/local/share/protocols/tesla.pat +++ /dev/null @@ -1,15 +0,0 @@ -# Tesla Advanced Communication - P2P filesharing (?) -# Pattern attributes: marginal slow notsofast -# Protocol groups: p2p -# Wiki: http://www.protocolinfo.org/wiki/Tesla -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern is untested! - -# This is lifted from http://oofle.com/filesharing.php?app=tesla -# There is no explaination of what these numbers mean. -# The above page says that the first string is found only in TCP packets -# and the second only in UDP. - -tesla -\x03\x9a\x89\x22\x31\x31\x31\.\x30\x30\x20\x42\x65\x74\x61\x20|\xe2\x3c\x69\x1e\x1c\xe9 diff --git a/src/usr/local/share/protocols/tftp.pat b/src/usr/local/share/protocols/tftp.pat deleted file mode 100644 index 1782ff5..0000000 --- a/src/usr/local/share/protocols/tftp.pat +++ /dev/null @@ -1,21 +0,0 @@ -# TFTP - Trivial File Transfer Protocol - used for bootstrapping - RFC 1350 -# Pattern attributes: marginal fast fast -# Protocol groups: document_retrieval ietf_internet_standard -# Wiki: http://www.protocolinfo.org/wiki/TFTP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# usually runs on port 69 -# -# This pattern is unconfirmed. - -tftp -# The first packet from the initiating host should either be a Read Request -# or a Write Request. In the other direction, it should be data packet with -# block number one or an ACK with block number zero. We only attempt to match -# the initiating host's packets, because the only identifying features of -# the responses to them are two byte sequences (which isn't specific enough). -# (\x01|\x02) = Read Request or Write Request -# [ -~]* = the file name -# the rest = netascii|octet|mail (case insensitivity done by the kernel) - -^(\x01|\x02)[ -~]*(netascii|octet|mail) diff --git a/src/usr/local/share/protocols/thecircle.pat b/src/usr/local/share/protocols/thecircle.pat deleted file mode 100644 index d5e2b80..0000000 --- a/src/usr/local/share/protocols/thecircle.pat +++ /dev/null @@ -1,12 +0,0 @@ -# The Circle - P2P application - http://thecircle.org.au -# Pattern attributes: ok veryfast fast -# Protocol groups: p2p open_source -# Wiki: http://www.protocolinfo.org/wiki/The_Circle -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE - -# This is tested with The Circle 0.41c on Linux. -# It likely misses some stuff. Notably, I wasn't able to test it on any -# large downloads, because no one is sharing anything! - -thecircle -^t\x03ni.?[\x01-\x06]?t[\x01-\x05]s[\x0a\x0b](glob|who are you$|query data) diff --git a/src/usr/local/share/protocols/tonghuashun.pat b/src/usr/local/share/protocols/tonghuashun.pat deleted file mode 100644 index 45f838b..0000000 --- a/src/usr/local/share/protocols/tonghuashun.pat +++ /dev/null @@ -1,11 +0,0 @@ -# Tonghuashun - stock analysis and trading; Chinese - http://www.10jqka.com.cn -# Pattern attributes: ok fast fast -# Protocol groups: -# Wiki: http://www.protocolinfo.org/wiki/Tonghuashun -# Copyright (C) 2009 Matthew Strait; See ../LICENSE - -# Pattern contributed by liangjun without comment. - -tonghuashun -^(GET /docookie\.php\?uname=|\xfd\xfd\xfd\xfd\x30\x30\x30\x30\x30) - diff --git a/src/usr/local/share/protocols/tor.pat b/src/usr/local/share/protocols/tor.pat deleted file mode 100644 index 7e4f707..0000000 --- a/src/usr/local/share/protocols/tor.pat +++ /dev/null @@ -1,17 +0,0 @@ -# Tor - The Onion Router - used for anonymization - http://tor.eff.org -# Pattern attributes: good notsofast notsofast -# Protocol groups: networking -# Wiki: http://protocolinfo.org/wiki/Tor -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This pattern has been tested and is believed to work well. -# -# It matches on the second packet. I have no idea how the protocol -# works, but this matches every stream I have made using Tor 0.1.0.16 as -# a client on Linux. -# -# It does NOT attempt to match the HTTP request that fetches the list of -# Tor servers. - -tor -TOR1.* diff --git a/src/usr/local/share/protocols/tsp.pat b/src/usr/local/share/protocols/tsp.pat deleted file mode 100644 index 7751df9..0000000 --- a/src/usr/local/share/protocols/tsp.pat +++ /dev/null @@ -1,14 +0,0 @@ -# TSP - Berkely UNIX Time Synchronization Protocol -# Pattern attributes: good veryfast fast overmatch -# Protocol groups: time_synchronization open_source -# Wiki: http://www.protocolinfo.org/wiki/TSP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# http://ftp.svbug.com/ftp/pub/manuals/pdf/smm.22.timed.pdf -# http://docs.freebsd.org/44doc/smm/12.timed/paper.pdf -# -# This pattern is barely tested. - -tsp -# type, version (1), sequence number, 8 type specific bytes, machine name -^[\x01-\x13\x16-$]\x01.?.?.?.?.?.?.?.?.?.?[ -~]+ diff --git a/src/usr/local/share/protocols/unset.pat b/src/usr/local/share/protocols/unset.pat deleted file mode 100644 index b9c1244..0000000 --- a/src/usr/local/share/protocols/unset.pat +++ /dev/null @@ -1,8 +0,0 @@ -# Unset - Dummy pattern for unmatched connections that are still being tested - -unset -# This pattern is ignored by the kernel. It sees that the "protocol" is -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# "testing" and always returns matched for connections that are still -# being tested. -. diff --git a/src/usr/local/share/protocols/uucp.pat b/src/usr/local/share/protocols/uucp.pat deleted file mode 100644 index f7ef22c..0000000 --- a/src/usr/local/share/protocols/uucp.pat +++ /dev/null @@ -1,12 +0,0 @@ -# UUCP - Unix to Unix Copy -# Pattern attributes: ok veryfast fast -# Protocol groups: document_retrieval obsolete -# Wiki: http://www.protocolinfo.org/wiki/UUCP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE - -# This is completely untested! (I don't know how to use UUCP...) - -# See http://docs.freebsd.org/info/uucp/uucp.info.The_Initial_Handshake.html - -uucp -^\x10here= diff --git a/src/usr/local/share/protocols/validcertssl.pat b/src/usr/local/share/protocols/validcertssl.pat deleted file mode 100644 index 7aa1812..0000000 --- a/src/usr/local/share/protocols/validcertssl.pat +++ /dev/null @@ -1,25 +0,0 @@ -# Valid certificate SSL -# Pattern attributes: good slow notsofast subset -# Protocol groups: secure ietf_proposed_standard -# Wiki: http://www.protocolinfo.org/wiki/SSL -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE - -# This matches anything claiming to use a valid certificate from a well -# known certificate authority. -# -# This is a subset of ssl, so it needs to come first to match. -# -# Note that opening a website that has a valid certificate will -# open one connection that matches this and many ssl connections that -# only match the ssl pattern. Thus, this pattern may not be very useful. -# -# This pattern is believed match only the above, but may not match all -# of it. -# -# the certificate authority info is sent in quasi plain text, if it matches -# a well known certificate authority then we will assume it is a -# web/imaps/etc server. Other ssl may be good too, but it should fall under -# a different rule - -validcertssl -^(.?.?\x16\x03.*\x16\x03|.?.?\x01\x03\x01?.*\x0b).*(thawte|equifax secure|rsa data security, inc|verisign, inc|gte cybertrust root|entrust\.net limited) diff --git a/src/usr/local/share/protocols/ventrilo.pat b/src/usr/local/share/protocols/ventrilo.pat deleted file mode 100644 index 74e588c..0000000 --- a/src/usr/local/share/protocols/ventrilo.pat +++ /dev/null @@ -1,18 +0,0 @@ -# Ventrilo - VoIP - http://ventrilo.com -# Pattern attributes: good fast fast -# Protocol groups: voip proprietary -# Wiki: http://www.protocolinfo.org/wiki/Ventrilo -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# I have tested this with Ventrilo client 2.3.0 on Windows talking to -# Ventrilo server 2.3.1 (the public version) on Linux. I've done this -# both within a LAN and over the Internet. In one test, I tried -# monkeying around with the server settings to see if I could break the -# pattern, and I couldn't. However, you can't change the port number in -# the public server. -# -# It has also been tested by one other person in an unknown configuration. - -ventrilo -^..?v\$\xcf - diff --git a/src/usr/local/share/protocols/vnc.pat b/src/usr/local/share/protocols/vnc.pat deleted file mode 100644 index 79d0ae8..0000000 --- a/src/usr/local/share/protocols/vnc.pat +++ /dev/null @@ -1,23 +0,0 @@ -# VNC - Virtual Network Computing. Also known as RFB - Remote Frame Buffer -# Pattern attributes: great veryfast fast -# Protocol groups: remote_access -# Wiki: http://www.protocolinfo.org/wiki/VNC -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# http://www.realvnc.com/documentation.html -# -# This pattern has been verified with vnc v3.3.7 on WinXP and Linux -# -# Thanks to Trevor Paskett for this pattern. - -vnc -# Assumes single digit major and minor version numbers -# This message should be all alone in the first packet, so ^$ is appropriate -^rfb 00[1-9]\.00[0-9]\x0a$ - -# This is a more restrictive version which assumes the version numbers -# are ones actually in existance at the time of this writing, i.e. 3.3, -# 3.7 and 3.8 (with some clients wrongly reporting 3.5). It should be -# slightly faster, but probably not worth the extra maintenance. -# ^rfb 003\.00[3578]\x0a$ - diff --git a/src/usr/local/share/protocols/whois.pat b/src/usr/local/share/protocols/whois.pat deleted file mode 100644 index 6abf0e8..0000000 --- a/src/usr/local/share/protocols/whois.pat +++ /dev/null @@ -1,14 +0,0 @@ -# Whois - query/response system, usually used for domain name info - RFC 3912 -# Pattern attributes: good notsofast notsofast overmatch -# Protocol groups: networking ietf_draft_standard -# Wiki: http://www.protocolinfo.org/wiki/Whois -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Usually runs on TCP port 43 -# -# This pattern has been tested and is believed to work well. - -whois -# Matches the query. Assumes only that it is printable ASCII without wierd -# whitespace. -^[ !-~]+\x0d\x0a$ diff --git a/src/usr/local/share/protocols/worldofwarcraft.pat b/src/usr/local/share/protocols/worldofwarcraft.pat deleted file mode 100644 index 4136d79..0000000 --- a/src/usr/local/share/protocols/worldofwarcraft.pat +++ /dev/null @@ -1,66 +0,0 @@ -# World of Warcraft - popular network game - http://blizzard.com/ -# Pattern attributes: ok veryfast fast -# Protocol groups: game proprietary -# Wiki: http://www.protocolinfo.org/wiki/World_of_Warcraft -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE - -worldofwarcraft -^\x06\xec\x01 - -# Quoth the author of this pattern, Weisskopf Beat : - -# I have written a pattern for wow (tested with versions 1.8.3 and -# 1.8.4, german edition). It does not match the login as i think this is -# uncritical, but i have added the necessary info later on. So only the -# actual in-game traffic is matched. -# -# I hope the pattern is specific enough, otherwise one may add some -# bytes from the response. -# -# some captured info: -# -# login: -# -# 0000: 00 02 28 00 57 6F 57 00 01 08 03 C7 12 36 38 78 ..(.WoW......68x -# 0010: 00 6E 69 57 00 45 44 65 64 3C 00 00 00 C0 A8 01 .niW.EDed<...... -# 0020: 22 0A 42 57 45 49 53 53 4B 4F 50 46 ".BWEISSKOPF -# -# 0000: 00 02 28 00 57 6F 57 00 01 08 03 C7 12 36 38 78 ..(.WoW......68x -# 0010: 00 6E 69 57 00 45 44 65 64 3C 00 00 00 C0 A8 01 .niW.EDed<...... -# 0020: 22 0A 42 57 45 49 53 53 4B 4F 50 46 ".BWEISSKOPF -# -# server asking: -# -# #1 -# 0000: 00 06 EC 01 04 49 C5 33 .....I.3 -# -# #2 -# 0000: 00 06 EC 01 C3 A8 6E 63 ......nc -# -# client response -# #1 -# 0000: 00 A4 ED 01 00 00 C7 12 00 00 00 00 00 00 42 57 ..............BW -# 0010: 45 49 53 53 4B 4F 50 46 00 EB 35 DC 89 5A CA 6D EISSKOPF..5..Z.m -# 0020: 17 95 DE 5B 74 6E 1E 5D 23 73 C6 8F 27 9F 11 12 ...[tn.]#s..'... -# 0030: BB 21 01 00 00 78 9C 75 CC 41 0A 83 50 0C 84 E1 .!...x.u.A..P... -# 0040: E7 3D 7A 19 75 25 D4 4D AB EB 12 5E A2 0C 8D 51 .=z.u%.M...^...Q -# 0050: D2 57 04 4F DF 2E 2D A4 B3 FD 86 3F A5 EF 1A C5 .W.O..-....?.... -# 0060: 71 90 F3 A3 7E E7 82 D5 C6 2E 55 CB 7E B9 FE 58 q...~.....U.~..X -# 0070: 43 A5 A8 4C 10 E5 1E 86 85 B6 E8 04 63 D8 1C 06 C..L........c... -# 0080: 5A A7 A9 84 D2 D9 6B 93 1C 5B 4F D9 D7 50 6E 04 Z.....k..[O..Pn. -# 0090: 0E 61 20 15 8B 6B 83 13 CB FD 09 D5 7F 0C 13 3F .a ..k.........? -# 00A0: DB 07 B4 EA 54 F8 ....T. -# -# #2 -# 0000: 00 A4 ED 01 00 00 C7 12 00 00 00 00 00 00 42 57 ..............BW -# 0010: 45 49 53 53 4B 4F 50 46 00 38 4C B5 95 C3 AD 25 EISSKOPF.8L....% -# 0020: CB 73 48 BD 82 FC 99 63 59 AC BF F3 D0 C6 8D AB .sH....cY....... -# 0030: 3D 21 01 00 00 78 9C 75 CC 41 0A 83 50 0C 84 E1 =!...x.u.A..P... -# 0040: E7 3D 7A 19 75 25 D4 4D AB EB 12 5E A2 0C 8D 51 .=z.u%.M...^...Q -# 0050: D2 57 04 4F DF 2E 2D A4 B3 FD 86 3F A5 EF 1A C5 .W.O..-....?.... -# 0060: 71 90 F3 A3 7E E7 82 D5 C6 2E 55 CB 7E B9 FE 58 q...~.....U.~..X -# 0070: 43 A5 A8 4C 10 E5 1E 86 85 B6 E8 04 63 D8 1C 06 C..L........c... -# 0080: 5A A7 A9 84 D2 D9 6B 93 1C 5B 4F D9 D7 50 6E 04 Z.....k..[O..Pn. -# 0090: 0E 61 20 15 8B 6B 83 13 CB FD 09 D5 7F 0C 13 3F .a ..k.........? -# 00A0: DB 07 B4 EA 54 F8 ....T. - diff --git a/src/usr/local/share/protocols/x11.pat b/src/usr/local/share/protocols/x11.pat deleted file mode 100644 index 2028ee7..0000000 --- a/src/usr/local/share/protocols/x11.pat +++ /dev/null @@ -1,23 +0,0 @@ -# X Windows Version 11 - Networked GUI system used in most Unices -# Pattern attributes: good notsofast veryfast -# Protocol groups: remote_access x_consortium_standard -# Wiki: http://www.protocolinfo.org/wiki/X11 -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# It is common for X to be tunneled through SSH. Then obviously this pattern -# will not catch it. -# -# Specification: http://www.msu.edu/~huntharo/xwin/docs/xwindows/PROTO.pdf -# Usually runs on port 6000 (6001 for the second server on a host, etc) -# -# This pattern has been tested. - -x11 -# 'l' = little-endian. 'B' = big endian -# ".?" is for the unused byte that comes next. If it's a null, it won't appear. -# \x0b = protocol-major-version 11. -# For some reason, protocol-minor-version is 0, not 6, so can't match it. -# This pattern is too general. -^[lb].?\x0b -userspace pattern=^[lB].?\x0b -userspace flags=REG_NOSUB diff --git a/src/usr/local/share/protocols/xboxlive.pat b/src/usr/local/share/protocols/xboxlive.pat deleted file mode 100644 index d04d9a7..0000000 --- a/src/usr/local/share/protocols/xboxlive.pat +++ /dev/null @@ -1,41 +0,0 @@ -# XBox Live - Console gaming -# Pattern attributes: marginal slow notsofast -# Protocol groups: game proprietary -# Wiki: http://www.protocolinfo.org/wiki/XBox_Live -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This may match all XBox traffic, or may only match Halo 2 traffic. -# We don't know yet. -# -# Thanks to Myles Uyema , who says: -# -# Analyzing packet traces using Ethereal, the Xbox typically connects -# to remote users using UDP port 3074. The first frame is typically -# a 156 byte UDP payload. I've only scrutinized the first 20 or so bytes. -# -# Each line below represents the first frame between my Xbox and a remote -# player's IP address playing Halo2 on Xbox Live. -# -# 00 00 00 00 00 58 80 00 00 00 00 00 82 31 9e a8 05 0f c5 62 00 f3 96 08 -# 00 00 00 00 00 58 80 00 00 00 00 00 82 31 9e a8 0f 0f c5 62 00 f3 97 09 -# 00 00 00 00 00 58 80 00 00 00 00 00 82 31 9e a8 05 0f c5 62 00 f3 95 07 -# 00 00 00 00 00 58 80 00 00 00 00 00 81 87 ea 59 aa 11 ff 89 00 f3 bc 07 -# 00 00 00 00 00 58 80 00 00 00 00 00 81 87 ea 59 aa 11 ff 89 00 f3 be 09 -# 00 00 00 00 00 58 80 00 00 00 00 00 81 87 ea 59 aa 11 ff 89 00 f3 bf 0a -# 00 00 00 00 00 58 80 00 00 00 00 00 81 87 ea 59 aa 11 ff 89 00 f3 bd 08 -# 00 00 00 00 00 58 80 00 00 00 00 00 81 87 ea 59 aa 11 ff 89 00 f3 ba 05 -# 00 00 00 00 00 58 80 00 00 00 00 00 81 87 ea 59 aa 11 ff 89 00 f3 bb 06 -# 00 00 00 00 00 58 80 00 00 00 00 00 81 7f dd 14 f2 8e a3 a1 00 f3 ca 06 -# 00 00 00 00 00 58 80 00 00 00 00 00 81 7f dd 14 f2 8e a3 a1 00 f3 cc 08 -# 00 00 00 00 00 58 80 00 00 00 00 00 81 7f dd 14 f2 8e a3 a1 00 f3 c9 05 -# 00 00 00 00 00 58 80 00 00 00 00 00 8b ca 5b c0 d8 9c f8 c3 00 f3 d4 0a -# 00 00 00 00 00 58 80 00 00 00 00 00 8b ca 5b c0 d8 9c f3 c3 00 f3 d1 07 -# 00 00 00 00 00 58 80 00 00 00 00 00 8b ca 5b c0 d8 9c f8 c3 00 f3 d2 08 -# 00 00 00 00 00 58 80 00 00 00 00 00 8b ca 5b c0 d8 9c f8 c3 00 f3 cf 05 -# 00 00 00 00 06 58 4e 00 00 00 e6 d9 6e ab 65 0d 63 9f 02 00 00 02 80 dd -# 00 00 00 00 06 58 4e 00 00 00 46 e2 95 74 cd f9 bc 3d 00 00 00 00 8b ca -# 00 00 00 00 06 58 4e 00 00 00 cf ce 3b 5c f5 f2 49 9a 00 00 00 00 8b ca -# 00 00 00 00 06 58 4e 00 00 00 a9 c0 ac c5 16 e5 c9 92 00 00 00 00 8b ca - -xboxlive -^\x58\x80........\xf3|^\x06\x58\x4e diff --git a/src/usr/local/share/protocols/xunlei.pat b/src/usr/local/share/protocols/xunlei.pat deleted file mode 100644 index f7814c7..0000000 --- a/src/usr/local/share/protocols/xunlei.pat +++ /dev/null @@ -1,83 +0,0 @@ -# Xunlei - Chinese P2P filesharing - http://xunlei.com -# Pattern attributes: good slow notsofast -# Protocol groups: p2p -# Wiki: http://www.protocolinfo.org/wiki/Xunlei -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# This has been tested by a number of people. -# -# Written by wsgtrsys of www.routerclub.com. Improved by VeNoMouS. -# Improved more by wsgtrsys and platinum of bbs.chinaunix.net. -# -# Further additions of HTTP-like content by liangjunATdcuxD.Tcom, who -# says: "i find old pattern is not working . so i write a new pattern of -# xunlei,it's working with all of xunlei 5 version!" Matthew Strait notes -# in response: -# -# I've looked around and I'm fairly sure that Internet Explorer 5.0 -# never identifies itself as "Mozilla/4.0 (compatible; MSIE 5.00; -# Windows 98)" and that Internet Explorer 6.0 never identifies itself as -# either "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; )" or -# "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)". - -# The keep-alive part needs some examination too. These might validly -# occur in an HTTP/1.0 connection, although I think in practical cases -# they don't since there's general only one \x0d\x0a after it and/or the -# next line starts with a letter (especially because it's the client -# sending it). It wouldn't be crazy, though, if another protocol -# (besides Xunlei) used keep-alive in a way that did match this. But -# since I can't think of any examples, I'll assume it's ok for now. - -xunlei -^([()]|get)(...?.?.?(reg|get|query)|.+User-Agent: (Mozilla/4\.0 \(compatible; (MSIE 6\.0; Windows NT 5\.1;? ?\)|MSIE 5\.00; Windows 98\))))|Keep-Alive\x0d\x0a\x0d\x0a[26] - - -# This was the pattern until 2008 11 08. It is safer than the above against -# overmatching ordinary HTTP connections -#^[()]...?.?.?(reg|get|query) - -# More detail: -# From http://sourceforge.net/tracker/index.php?func=detail&aid=1885209&group_id=80085&atid=558668 -# -############################################################################## -# Date: 2008-02-03 -# Sender: hydr0g3n -# -# Xunlei (Chinese P2P) traffic is not matched anymore by layer7 xunlei -# pattern. It used to work in the past but not anymore. Maybe Xunlei was -# updated and pattern should be adapted? -# -# Apparently ipp2p was edited by Chinese people to detect pplive and xunlei. -# It is interesting and very recent: -# http://www.chinaunix.net/jh/4/914377.html -############################################################################## -# Date: 2008-02-03 -# Sender: quadong -# -# Ok. Only some of the ipp2p function can be translated into an l7-filter -# regular expression. The first part of search_xunlei can't be, since it -# works by checking whether the length of the packet matches a byte in the -# packet. The second part of search_xunlei becomes: -# -# \x20.?\x01?.?[\x01\x77]............?.?.?.?\x38 -# -# Or possibly: -# -# ^\x20.?\x01?.?[\x01\x77]............?.?.?.?\x38 -# -# I'm not sure whether IPP2P looks at every packet or only the first of each -# connection. -# -# udp_search_xunlei says: -# \x01\x01\x01\xfe\xff\xfe\xff|\x01\x11\xa0\xfe\xff\xfe\xff -# -# Again, putting a ^ at the beginning might work: -# -# ^(\x01\x01\x01\xfe\xff\xfe\xff|\x01\x11\xa0\xfe\xff\xfe\xff) -# -# So this *might* work: -# -# ^(\x20.?\x01?.?[\x01\x77]............?.?.?.?\x38|\x01\x01\x01\xfe\xff\xfe\xff|\x01\x11\xa0\xfe\xff\xfe\xff) -# -# but the ^ might be wrong and it will not match the HTTP part of Xunlei. -############################################################################## diff --git a/src/usr/local/share/protocols/yahoo.pat b/src/usr/local/share/protocols/yahoo.pat deleted file mode 100644 index 17595b8..0000000 --- a/src/usr/local/share/protocols/yahoo.pat +++ /dev/null @@ -1,27 +0,0 @@ -# Yahoo messenger - an instant messenger protocol - http://yahoo.com -# Pattern attributes: good fast fast -# Protocol groups: chat proprietary -# Wiki: http://www.protocolinfo.org/wiki/Yahoo_Messenger -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# Usually runs on port 5050 -# -# This pattern has been tested and is believed to work well. - -yahoo -# http://www.venkydude.com/articles/yahoo.htm says: -# All Yahoo commands start with YMSG. -# (Well... http://ethereal.com/faq.html#q5.32 suggests that YPNS and YHOO -# are also possible, so let's allow those) -# The next 7 bytes contain command (packet?) length and version information -# which we won't currently try to match. -# L means "YAHOO_SERVICE_VERIFY" according to Ethereal -# W means "encryption challenge command" (YAHOO_SERVICE_AUTH) -# T means "login command" (YAHOO_SERVICE_AUTHRESP) -# (there are others, i.e. 0x01 "coming online", 0x02 "going offline", -# 0x04 "changing status to available", 0x06 "user message", but W and T -# should appear in the first few packets.) -# 0xC080 is the standard argument separator, it should appear not long -# after the "type of command" byte. - -^(ymsg|ypns|yhoo).?.?.?.?.?.?.?[lwt].*\xc0\x80 diff --git a/src/usr/local/share/protocols/zip.pat b/src/usr/local/share/protocols/zip.pat deleted file mode 100644 index e001354..0000000 --- a/src/usr/local/share/protocols/zip.pat +++ /dev/null @@ -1,7 +0,0 @@ -# ZIP - (PK|Win)Zip archive format -# Pattern attributes: good notsofast notsofast subset -# Protocol groups: file - -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -zip -pk\x03\x04\x14 diff --git a/src/usr/local/share/protocols/zmaap.pat b/src/usr/local/share/protocols/zmaap.pat deleted file mode 100644 index e741eca..0000000 --- a/src/usr/local/share/protocols/zmaap.pat +++ /dev/null @@ -1,18 +0,0 @@ -# ZMAAP - Zeroconf Multicast Address Allocation Protocol -# Pattern attributes: ok veryfast fast -# Protocol groups: networking ietf_draft_standard -# Wiki: http://www.protocolinfo.org/wiki/ZMAAP -# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE -# -# http://files.zeroconf.org/draft-ietf-zeroconf-zmaap-02.txt -# (Note that this reference is an Internet-Draft, and therefore must -# be considered a work in progress.) -# -# This pattern is untested! - -zmaap -# - 4 byte magic number. -# - 1 byte version. Allow 1 & 2, even though only version 1 currently exists. -# - 1 byte message type,which is either 0 or 1 -# - 1 byte address family. L7-filter only works in IPv4, so this is 1. -^\x1b\xd7\x3b\x48[\x01\x02]\x01?\x01 diff --git a/src/usr/local/www/diag_patterns.php b/src/usr/local/www/diag_patterns.php deleted file mode 100644 index ff04d67..0000000 --- a/src/usr/local/www/diag_patterns.php +++ /dev/null @@ -1,125 +0,0 @@ -setMultipartEncoding(); - -$section = new Form_Section('Upload Layer7 pattern file'); - -$filepicker = new Form_Input( - 'ulfile', - 'File to upload', - 'file' -); - -$section->addInput($filepicker)->setHelp('Choose the file you wish to upload (*.pat)'); - -$form->add($section); -print($form); - -include("foot.inc"); diff --git a/src/usr/local/www/firewall_rules_edit.php b/src/usr/local/www/firewall_rules_edit.php index 446b380..d4450d2 100644 --- a/src/usr/local/www/firewall_rules_edit.php +++ b/src/usr/local/www/firewall_rules_edit.php @@ -278,7 +278,6 @@ if (isset($id) && $a_filter[$id]) { $pconfig['ackqueue'] = (($a_filter[$id]['ackqueue'] == "none") ? '' : $a_filter[$id]['ackqueue']); $pconfig['dnpipe'] = (($a_filter[$id]['dnpipe'] == "none") ? '' : $a_filter[$id]['dnpipe']); $pconfig['pdnpipe'] = (($a_filter[$id]['pdnpipe'] == "none") ? '' : $a_filter[$id]['pdnpipe']); - $pconfig['l7container'] = (($a_filter[$id]['l7container'] == "none") ? '' : $a_filter[$id]['l7container']); //schedule support $pconfig['sched'] = (($a_filter[$id]['sched'] == "none") ? '' : $a_filter[$id]['sched']); @@ -310,8 +309,6 @@ read_altq_config(); /* XXX: */ $qlist =& get_unique_queue_list(); read_dummynet_config(); /* XXX: */ $dnqlist =& get_unique_dnqueue_list(); -read_layer7_config(); -$l7clist =& get_l7_unique_list(); $a_gatewaygroups = return_gateway_groups_array(); if ($_POST) { @@ -615,14 +612,6 @@ if ($_POST) { if (!empty($_POST['ruleid']) && !ctype_digit($_POST['ruleid'])) { $input_errors[] = gettext('ID must be an integer'); } - if ($_POST['l7container'] && $_POST['l7container'] != "") { - if (!($_POST['proto'] == "tcp" || $_POST['proto'] == "udp" || $_POST['proto'] == "tcp/udp")) { - $input_errors[] = gettext("You can only select a layer7 container for TCP and/or UDP protocols"); - } - if ($_POST['type'] <> "pass") { - $input_errors[] = gettext("You can only select a layer7 container for Pass type rules."); - } - } if (!in_array($_POST['proto'], array("tcp", "tcp/udp"))) { if (!empty($_POST['max-src-conn'])) { @@ -657,7 +646,7 @@ if ($_POST) { } } - if (($_POST['statetype'] == "none") && (empty($_POST['l7container']))) { + if ($_POST['statetype'] == "none") { if (!empty($_POST['max'])) { $input_errors[] = gettext("You cannot specify the maximum state entries (advanced option) if statetype is none and no L7 container is selected."); } @@ -880,10 +869,6 @@ if ($_POST) { } } - if ($_POST['l7container'] != "") { - $filterent['l7container'] = $_POST['l7container']; - } - if ($_POST['sched'] != "") { $filterent['sched'] = $_POST['sched']; } @@ -1638,14 +1623,6 @@ $section->add($group)->setHelp('Choose the Acknowledge Queue only if you have '. 'selected Queue.' ); -$section->addInput(new Form_Select( - 'l7container', - 'Layer7', - $pconfig['l7container'], - array_keys($l7clist) -))->setHelp('Choose a Layer7 container to apply application protocol inspection '. - 'rules. These are valid for TCP and UDP protocols only.'); - $has_created_time = (isset($a_filter[$id]['created']) && is_array($a_filter[$id]['created'])); $has_updated_time = (isset($a_filter[$id]['updated']) && is_array($a_filter[$id]['updated'])); diff --git a/src/usr/local/www/firewall_shaper.php b/src/usr/local/www/firewall_shaper.php index 2bdad01..fb7b3c1 100644 --- a/src/usr/local/www/firewall_shaper.php +++ b/src/usr/local/www/firewall_shaper.php @@ -433,7 +433,6 @@ $tab_array = array(); $tab_array[] = array(gettext("By Interface"), true, "firewall_shaper.php"); $tab_array[] = array(gettext("By Queue"), false, "firewall_shaper_queues.php"); $tab_array[] = array(gettext("Limiter"), false, "firewall_shaper_vinterface.php"); -$tab_array[] = array(gettext("Layer7"), false, "firewall_shaper_layer7.php"); $tab_array[] = array(gettext("Wizards"), false, "firewall_shaper_wizards.php"); display_top_tabs($tab_array); diff --git a/src/usr/local/www/firewall_shaper_layer7.php b/src/usr/local/www/firewall_shaper_layer7.php deleted file mode 100644 index 90cd57e..0000000 --- a/src/usr/local/www/firewall_shaper_layer7.php +++ /dev/null @@ -1,613 +0,0 @@ -' . - gettext('You can add new layer7 protocol patterns by simply uploading the file') . - ' ' . gettext('here') . ''; - -read_layer7_config(); - -$sform = new Form(false); - -if ($_GET['reset'] != "") { - // kill all ipfw-classifyd processes - mwexec("killall -9 ipfw-classifyd"); - exit; -} - -if ($_GET) { - if ($_GET['container']) { - $name = htmlspecialchars(trim($_GET['container'])); - } - if ($_GET['action']) { - $action = htmlspecialchars($_GET['action']); - } -} - -if ($_POST) { - if ($_POST['container']) { - $name = htmlspecialchars(trim($_POST['container'])); - } -} - -if ($name) { - //Get the object from the 7rules list - $container = $layer7_rules_list[$name]; -} - -if ($_GET) { - switch ($action) { - case "add": - $show_proto_form = true; - $container = new layer7(); - $sform = $container->build_form(); //constructs the graphical interface on the right side - unset($container); - break; - case "show": - $show_proto_form = true; - if ($container) { - $sform = $container->build_form(); - } - else { - $show_proto_form = false; - $input_errors[] = gettext("Layer7 Rules Container not found!"); - } - break; - default: - echo log_error("Get default"); - $show_proto_form = false; - $dfltmsg = true; - break; - } -} - -//add a new l7rules container -if ($_POST) { - $show_proto_form = true; - unset($input_errors); - - if ($_POST['Submit']) { - - if (isset($layer7_rules_list[$name])) { - $l7r = $layer7_rules_list[$name]; - $_POST['divert_port'] = $l7r->GetRPort(); - } else { - $l7r =& new layer7(); - $_POST['divert_port'] = $l7r->gen_divert_port(); - } - for ($i = 0; $_POST['protocol'][$i] <> ""; $i++) { - $_POST['l7rules'][$i]['protocol'] = $_POST['protocol'][$i]; - $_POST['l7rules'][$i]['structure'] = $_POST['structure'][$i]; - $_POST['l7rules'][$i]['behaviour'] = $_POST['behaviour'][$i]; - } - $l7r->validate_input($_POST, $input_errors); - $l7r->ReadConfig($_POST['container'], $_POST); - //Before writing the results, we need to test for repeated protocols - $non_dupes = array(); - $dupes = array(); - for ($j = 0; $j < $i; $j++) { - if (!$non_dupes[$_POST['protocol'][$j]]) { - $non_dupes[$_POST['protocol'][$j]] = true; - } else { - $dupes[] = $_POST['protocol'][$j]; - } - } - - unset($non_dupes); - if (sizeof($dupes) == 0 && !$input_errors) { - $l7r->wconfig(); - if (write_config()) { - mark_subsystem_dirty('shaper'); - } - - read_layer7_config(); - } else { - if (sizeof($dupes) > 0) { - $dupe_error = gettext("Found the following repeated protocol definitions") . ": "; - foreach ($dupes as $dupe) { - $dupe_error .= "$dupe "; - } - $input_errors[] .= $dupe_error; - } - } - - unset($dupes); - unset($dupe_error); - //Even if there are repeated protocols, we won't lose any previous values - //The user will be able to solve the situation - $sform = $l7r->build_form(); - //Necessary to correctly build the proto form - $container = $layer7_rules_list[$name]; - if ($input_errors) { - $container =& $l7r; - } - } else if ($_POST['apply']) { - write_config(); - - $retval = 0; - $retval = filter_configure(); - $savemsg = get_std_save_message($retval); - - if (stristr($retval, "error") <> true) { - $savemsg = get_std_save_message($retval); - } else { - $savemsg = $retval; - } - - clear_subsystem_dirty('shaper'); - - if ($container) { - $sform = $container->build_form(); - } else { - $show_proto_form = false; - $dfltmsg = true; - } - } else if ($_POST['delete']) { - $container->delete_l7c(); - if (write_config()) { - mark_subsystem_dirty('shaper'); - } - unset($container); - - header("Location: firewall_shaper_layer7.php"); - exit; - } else { - $show_proto_form = false; - } -} - -if (!$_GET && !$_POST) { - $show_proto_form = false; - $dfltmsg = true; -} - -// Builds the left tree -$tree = "
    "; -if (is_array($layer7_rules_list)) { - foreach ($layer7_rules_list as $tmpl7) { - $tree .= $tmpl7->build_tree(); - } -} - -$tree .= "
"; - -include("head.inc"); -?> - - - - - - -'; // No stripes for this table - $tbl .= 'ProtocolStructureBehavior'; - $tbl .= ''; - - if ($container) { - foreach ($container->rsets as $l7rule) { - - $tbl .= ''; - $tbl .= ''; - $tbl .= ''; - - $tbl .= ''; - - endif; - - if ($l7rule->GetRStructure() == "queue"): - foreach ($avail_behaviours_altq as $behaviour): - - $tbl .= ''; - - endforeach; - - $tbl .= ''; - - endif; - - if ($l7rule->GetRStructure() == "limiter"): - foreach ($avail_behaviours_limiter as $behaviour): - $tbl .= ''; - - endforeach; - - $tbl .= ''; - - endif; - - $tbl .= ''; - $tbl .= ''; - $tbl .= gettext('Remove') . ''; - $tbl .= ''; - - - } //end foreach - } //end if - - $tbl .= ''; - - $tbl .= '' . gettext('Add row') . - ''; - - return($tbl); -} - -if ($input_errors) - print_input_errors($input_errors); - -if ($savemsg) - print_info_box($savemsg, 'success'); - -if (is_subsystem_dirty('shaper')) - print_info_box_np(gettext("The traffic shaper configuration has been changed") . ".
" . gettext("You must apply the changes in order for them to take effect.")); - -$tab_array = array(); -$tab_array[] = array(gettext("By Interface"), false, "firewall_shaper.php"); -$tab_array[] = array(gettext("By Queue"), false, "firewall_shaper_queues.php"); -$tab_array[] = array(gettext("Limiter"), false, "firewall_shaper_vinterface.php"); -$tab_array[] = array(gettext("Layer7"), true, "firewall_shaper_layer7.php"); -$tab_array[] = array(gettext("Wizards"), false, "firewall_shaper_wizards.php"); -display_top_tabs($tab_array); - -// Create a StaticText control and populate it with the rules table -if (!$dfltmsg) { - $section = new Form_Section('Add one (or more) rules'); - - $section->addInput(new Form_StaticText( - 'Rule(s)', - build_l7table() - )); - - $sform->add($section); -} -?> - -
-

Layer 7

-
-
- -
- -
-
-
-
- - - diff --git a/src/usr/local/www/firewall_shaper_wizards.php b/src/usr/local/www/firewall_shaper_wizards.php index a12de43..c1e1c1a 100644 --- a/src/usr/local/www/firewall_shaper_wizards.php +++ b/src/usr/local/www/firewall_shaper_wizards.php @@ -114,7 +114,6 @@ $tab_array = array(); $tab_array[] = array(gettext("By Interface"), false, "firewall_shaper.php"); $tab_array[] = array(gettext("By Queue"), false, "firewall_shaper_queues.php"); $tab_array[] = array(gettext("Limiter"), false, "firewall_shaper_vinterface.php"); -$tab_array[] = array(gettext("Layer7"), false, "firewall_shaper_layer7.php"); $tab_array[] = array(gettext("Wizards"), true, "firewall_shaper_wizards.php"); display_top_tabs($tab_array); diff --git a/src/usr/local/www/guiconfig.inc b/src/usr/local/www/guiconfig.inc index c137db2..7a89ffd 100644 --- a/src/usr/local/www/guiconfig.inc +++ b/src/usr/local/www/guiconfig.inc @@ -507,9 +507,6 @@ function firewall_check_for_advanced_options(&$item) { if ($item['defaultqueue']) { $item_set .= "defaultqueue {$item['defaultqueue']} "; } - if ($item['l7container']) { - $item_set .= "layer7 {$item['l7container']} "; - } if ($item['tag']) { $item_set .= "tag {$item['tag']} "; } diff --git a/src/usr/local/www/help.php b/src/usr/local/www/help.php index ca632c4..70e0c6c 100644 --- a/src/usr/local/www/help.php +++ b/src/usr/local/www/help.php @@ -90,7 +90,6 @@ $helppages = array( 'diag_confbak.php' => 'https://doc.pfsense.org/index.php/Configuration_History', 'diag_defaults.php' => 'https://doc.pfsense.org/index.php/Factory_Defaults', 'firewall_shaper.php' => 'https://doc.pfsense.org/index.php/Traffic_Shaping_Guide', - 'firewall_shaper_layer7.php' => 'https://doc.pfsense.org/index.php/Layer_7', 'firewall_shaper_queues.php' => 'https://doc.pfsense.org/index.php/Traffic_Shaping_Guide', 'firewall_shaper_vinterface.php' => 'https://doc.pfsense.org/index.php/Limiters', 'firewall_shaper_wizards.php' => 'https://doc.pfsense.org/index.php/Traffic_Shaping_Guide', @@ -113,7 +112,6 @@ $helppages = array( 'diag_logs_ipsec.php' => 'https://doc.pfsense.org/index.php/IPsec_Logs', 'diag_logs_openvpn.php' => 'https://doc.pfsense.org/index.php/OpenVPN_Logs', 'diag_nanobsd.php' => 'https://doc.pfsense.org/index.php/NanoBSD_Diagnostics', - 'diag_patterns.php' => 'https://doc.pfsense.org/index.php/Layer7_Pattern_Diagnostics', 'diag_ping.php' => 'https://doc.pfsense.org/index.php/Ping_Host', 'diag_pkglogs.php' => 'https://doc.pfsense.org/index.php/Package_Logs', 'diag_tables.php' => 'https://doc.pfsense.org/index.php/Tables', diff --git a/src/usr/local/www/system_hasync.php b/src/usr/local/www/system_hasync.php index e113d32..7fab42e 100755 --- a/src/usr/local/www/system_hasync.php +++ b/src/usr/local/www/system_hasync.php @@ -89,7 +89,6 @@ $checkbox_names = array( 'synchronizevirtualip', 'synchronizetrafficshaper', 'synchronizetrafficshaperlimiter', - 'synchronizetrafficshaperlayer7', 'synchronizednsforwarder', 'synchronizecaptiveportal'); @@ -328,14 +327,6 @@ $group->add(new Form_MultiCheckbox( )); $group->add(new Form_MultiCheckbox( - 'synchronizetrafficshaperlayer7', - 'Synchronize traffic shaper (layer 7)', - 'Traffic Shaper Layer 7 configuration ', - ($pconfig['synchronizetrafficshaperlayer7'] === 'on'), - 'on' -)); - -$group->add(new Form_MultiCheckbox( 'synchronizednsforwarder', 'Synchronize traffic shaper (Forwarder/Resolver)', 'DNS Forwarder and DNS Resolver configurations ', -- cgit v1.1