Date: Fri, 11 Nov 2005 18:14:27 +0100 (CET) From: Oliver Fromme <olli@lurza.secnetix.de> To: freebsd-ipfw@FreeBSD.ORG Subject: Re: String Match Message-ID: <200511111714.jABHERRs071823@lurza.secnetix.de> In-Reply-To: <002301c5e617$fe751750$46bb1ec9@ironman>
next in thread | previous in thread | raw e-mail | index | archive | help
Cesar <listas@itm.net.br> wrote: > Its not a bad ideia since I see a lot of people searching for P2P traffic > control/shaper. > > I'm operating an ISP with 3000 broadband users ... And yes. I can call they > untrusted, but this is not the point. In that case I'm thankful that I'm not your customer. My DSL provider does not restrict or limit traffic arbitrarily. If he did, I would cancel the contract and go to a different provider. (Note that I'm not using any P2P applications myself.) > I tried a linux based system ( Mikrotik ) to limit P2P and it matched almost > 100% of P2P traffic ... And as I know, ipfw can't do this. It is not IPFW's job. This does not belong in the packet filter in the kernel. Linux has a lot of crazy things, such as in-kernel HTTP server, but that doesn't mean that FreeBSD has to follow it. As Max pointed out, you can achieve the same in various ways (divert, bpf, pfil, netgraph), which are much better suited for that job. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd Any opinions expressed in this message may be personal to the author and may not necessarily reflect the opinions of secnetix in any way. Passwords are like underwear. You don't share them, you don't hang them on your monitor or under your keyboard, you don't email them, or put them on a web site, and you must change them very often.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200511111714.jABHERRs071823>