From owner-freebsd-pf@FreeBSD.ORG Thu Nov 24 13:47:24 2005 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 11BC416A420 for ; Thu, 24 Nov 2005 13:47:24 +0000 (GMT) (envelope-from tdamas@gmail.com) Received: from zproxy.gmail.com (zproxy.gmail.com [64.233.162.199]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1BF3B43D5E for ; Thu, 24 Nov 2005 13:47:22 +0000 (GMT) (envelope-from tdamas@gmail.com) Received: by zproxy.gmail.com with SMTP id 8so181912nzo for ; Thu, 24 Nov 2005 05:47:21 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=oSa6epz0NAeFFG49+I36UkA+86viZWiJxqegh3ZSeuvc3AjOeY35RN17H4itCFIALKtO2nwSakoddfswKfaNelcA21Yqan8Buv+8peXniS7IJc1zvfF0Z08+gPkTP1UsX2V/71HhY6mHWKwuxfAdSiMsBRpBhMemZa4lkm5Ghys= Received: by 10.37.15.18 with SMTP id s18mr373257nzi; Thu, 24 Nov 2005 05:47:21 -0800 (PST) Received: by 10.36.148.7 with HTTP; Thu, 24 Nov 2005 05:47:21 -0800 (PST) Message-ID: Date: Thu, 24 Nov 2005 11:47:21 -0200 From: Thiago Damas To: freebsd-pf@freebsd.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: Subject: Re: Protocol filter capabilities X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Nov 2005 13:47:24 -0000 I have a program that implements this, via divert socket with ipfw. I think the better way to do this is with a program that listens with bfp/pcap, and inserts/deletes rules using ioctls in /dev/pf For now, I'm trying to alter a queue, given a state, using /dev/pf, but it doesnt seen easy. Altering the queue I can limit the bandwidth of a protocol; if I want to block the protocol, I can just delete the state of the firewall. Have you some ideas? 2005/11/23, Alexandre DELAY : > hi guys, > > I am looking for an efficient way to filter different protocols, such as > edonkey or BEEP. > For the moment, I think that pf doesn't support it. > > Don't you think that it would be a nice thing to be able to include such > "filters" from, for example, ethereal? > Ethereal support more than 34k different protocols. It woul be nice to be > able to choose from those filters and to apply some rules according to th= ose > filters. > > Do you know a way to do this? > > Cheers > > Alex > > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" >