From owner-freebsd-isp@FreeBSD.ORG  Mon Nov 28 15:59:41 2005
Return-Path: <owner-freebsd-isp@FreeBSD.ORG>
X-Original-To: freebsd-isp@freebsd.org
Delivered-To: freebsd-isp@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6593A16A420
	for <freebsd-isp@freebsd.org>; Mon, 28 Nov 2005 15:59:41 +0000 (GMT)
	(envelope-from danial_thom@yahoo.com)
Received: from web33313.mail.mud.yahoo.com (web33313.mail.mud.yahoo.com
	[68.142.206.128])
	by mx1.FreeBSD.org (Postfix) with SMTP id 55CEE43D53
	for <freebsd-isp@freebsd.org>; Mon, 28 Nov 2005 15:59:40 +0000 (GMT)
	(envelope-from danial_thom@yahoo.com)
Received: (qmail 39911 invoked by uid 60001); 28 Nov 2005 15:57:57 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com;
	h=Message-ID:Received:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding;
	b=AJeanW7TZJpyru2NsxJjpL7Lt/4DPMD6SbM0tXoJ6kxrDYr/i6UQ+nQLOpsXUXH+IIImN5/A+27JpMFPuMviYSFaRI7mt09pchR7EDhlyekwB6WuKUQbZ1SOXEhgtlOksXsCUEZ8CZi4xl1o9YagdBA3Mq+GxlPM5wISPGkAo0E=
	; 
Message-ID: <20051128155757.39909.qmail@web33313.mail.mud.yahoo.com>
Received: from [24.46.186.215] by web33313.mail.mud.yahoo.com via HTTP;
	Mon, 28 Nov 2005 07:57:57 PST
Date: Mon, 28 Nov 2005 07:57:57 -0800 (PST)
From: Danial Thom <danial_thom@yahoo.com>
To: KrzychK2 <krzychk2@o2.pl>, freebsd-isp@freebsd.org
In-Reply-To: <1873935578.20051128090041@o2.pl>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Cc: 
Subject: Re: P2P blocking
X-BeenThere: freebsd-isp@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: danial_thom@yahoo.com
List-Id: Internet Services Providers <freebsd-isp.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-isp>
List-Post: <mailto:freebsd-isp@freebsd.org>
List-Help: <mailto:freebsd-isp-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Nov 2005 15:59:41 -0000



--- KrzychK2 <krzychk2@o2.pl> wrote:

> Hello freebsd-isp!
> 
> I'd like to ask, is there any packet using
> kernel module for rejecting
> p2p traffic by packet matching??
> 
> Snort isn't an option for me, because it very
> overloads system at high
> traffic and it's very slow.
> 
> I'm thinking about something for netgraph
> subsystem.

There are commercial add-ons  for FreeBSD 4.x
(ET/BWMGR (www.etinc.com) comes to mind), but
what you want to do is best done with a dedicated
device. Its very CPU-intensive, as every TCP
header has to be checked and connections need to
be tracked. Its not as simple as looking for a
pattern in a packet, because once a transfer has
initiated the packets don't have any signatures
that can be identified. 

Danial


		
__________________________________ 
Yahoo! Music Unlimited 
Access over 1 million songs. Try it free. 
http://music.yahoo.com/unlimited/