From owner-freebsd-security@FreeBSD.ORG Fri Feb 20 04:48:20 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 19EF216A4CE; Fri, 20 Feb 2004 04:48:20 -0800 (PST) Received: from proton.hexanet.fr (proton.hexanet.fr [81.23.32.33]) by mx1.FreeBSD.org (Postfix) with ESMTP id DFE7743D1F; Fri, 20 Feb 2004 04:48:19 -0800 (PST) (envelope-from c.prevotaux@hexanet.fr) Received: from hexanet.fr (localhost [127.0.0.1]) by proton.hexanet.fr (Postfix) with SMTP id 5197A4C97A; Fri, 20 Feb 2004 13:48:18 +0100 (CET) Date: Fri, 20 Feb 2004 13:48:18 +0100 From: Christophe Prevotaux To: Bruce M Simpson Message-Id: <20040220134818.4f5c99a9.c.prevotaux@hexanet.fr> In-Reply-To: <20040219211411.GB3612@saboteur.dek.spc.org> References: <20040219210216.22863.qmail@web12608.mail.yahoo.com> <20040219211411.GB3612@saboteur.dek.spc.org> Organization: HEXANET Sarl X-Mailer: Sylpheed version 0.9.6 (GTK+ 1.2.10; i386-portbld-freebsd4.9) X-NCC-RegID: fr.hexanet Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Mailman-Approved-At: Mon, 23 Feb 2004 02:00:27 -0800 cc: freebsd-net@freebsd.org cc: freebsd-security@freebsd.org Subject: Re: traffic normalizer for ipfw? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Feb 2004 12:48:20 -0000 What about making protocol syntax and grammar dictionnary based filtering ?=20 In the way you could recognize any protocol on any port=20 and filter by many keys looking into protocol up to the highest levels. Of course this requires analysis of many protocols and writing of many dictionaries. But at least one company made this : http://www.qosmos.fr On Thu, 19 Feb 2004 21:14:11 +0000 Bruce M Simpson wrote: > On Thu, Feb 19, 2004 at 01:02:16PM -0800, Dorin H wrote: > > Is there some way to configure ipfw to do traffic > > normalizing ("scrubbing", as in ipf for OpenBSD)? Is > > there any tool to do it for FreeBSD firewalling?=20 > > I've heard that ipf was ported on current, anything > > else? >=20 > We're looking at bringing pf into the tree. One of the things on my > unofficial(some would say a work of pure fiction) is to look at > something for KaZaA filtering on BSD... >=20 > If you're talking about traffic shaping, have a look at dummynet which > is already there. >=20 > BMS > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to > "freebsd-security-unsubscribe@freebsd.org" >=20 -- =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Christophe Prevotaux Email: c.prevotaux@hexanet.fr HEXANET SARL URL: http://www.hexanet.fr/ Z.A.C Les Charmilles Tel: +33 (0)3 26 79 30 05=20 3 All=E9e Thierry Sabine Direct: +33 (0)3 26 61 77 72=20 BP202 Fax: +33 (0)3 26 79 30 06 51686 Reims Cedex 2 =20 FRANCE HEXANET Network Operation Center =20 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D