From owner-freebsd-net@FreeBSD.ORG Thu Jul 31 21:09:27 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 55C60106567D for ; Thu, 31 Jul 2008 21:09:27 +0000 (UTC) (envelope-from ermal.luci@gmail.com) Received: from rv-out-0506.google.com (rv-out-0506.google.com [209.85.198.239]) by mx1.freebsd.org (Postfix) with ESMTP id 237DF8FC19 for ; Thu, 31 Jul 2008 21:09:26 +0000 (UTC) (envelope-from ermal.luci@gmail.com) Received: by rv-out-0506.google.com with SMTP id b25so989184rvf.43 for ; Thu, 31 Jul 2008 14:09:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=8ikMoFcSDmvgHGRuWdtyHTc23v4+X75d4L/n5NVFfe4=; b=kelmSR4B3d0ZW2VoKV4uzqOwxRefhSNl6Y3LI+QgZlLT95ultOG1QRquDxuTAKPhrS wBcuGlbZl0niKj5NCqhLpTQ0qlKiP9nEtt+MFCJHaQOJZpqvYvR1fQnfTZ2EVXmJvG0G 5NZLhYKa+0hUugcSBsbhjxKd6u1tak0dyPDO0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=ulDQpSxghcOaSgzQd6yYZS6wNyixCF5OE+owM0KvJJsTzZQ6vg7y6xzMav/HD5AZ+T +IwPejlX+zESoeUL2mRP+Ls47GLYNRGiiSvUafsAJkvmiZy6lZKbkv0nufnYQs1/x/ac NtHDFcTdu0z38F9hF6lNYjzUlwsvRdI8MTMfU= Received: by 10.141.162.1 with SMTP id p1mr5521890rvo.161.1217537067458; Thu, 31 Jul 2008 13:44:27 -0700 (PDT) Received: by 10.141.128.2 with HTTP; Thu, 31 Jul 2008 13:44:27 -0700 (PDT) Message-ID: <9a542da30807311344u34422adauade5c2b62b71804a@mail.gmail.com> Date: Thu, 31 Jul 2008 22:44:27 +0200 From: "=?ISO-8859-1?Q?Ermal_Lu=E7i?=" To: mtm@wubethiopia.com In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: Cc: freebsd-net@freebsd.org Subject: Re: Application layer classifier for ipfw X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 Jul 2008 21:09:27 -0000 > Hi, > > An Internet Cafe I do some work for was recently having problems with > very slow internet access. It turns out customers were running P2P file > sharing applications which were hogging all the bandwidth. I looked for > programs that would allow me to shape traffic according to the > application layer protocol, but couldn't find any for FreeBSD. I found a > couple: l7-filter and ipp2p, but these are Linux specific. So, I decided > to write one. The result is ipfw-classifyd : > http://people.freebsd.org/~mtm/ipfw-classifyd.tar.bz2 > > As the name implies it uses ipfw(4) to implement a userland daemon that > classifies TCP and UDP packets according to regular expression patterns > for various protocols. It's intended to be used with divert(4) sockets > and dummynet(4) so you can do traffic shaping depending on the > application level protocol. The protocol patterns are from the l7-filter > project. > > Basically, you use ipfw(8) to divert tcp/udp packets to the damon. It > reads its configuration file for a list of protocols and ipfw(8) rules. > Then, when it detects a matching session it re-injects the packet back > at the specified rule number. The tarball has a sample configuration > file and firewall script to get you started. > > While I have not done extensive testing, preliminary tests are > encouraging and it seems to work, so I thought I'd announce it to the > rest of the world in case anyone else is interested in this kind of > application. > > Comments and suggestions highly appreciated. Thanks for this. I have a question, you remove a flow from if you see a FIN for the TCP case and only on overlapping flow for either TCP/UDP how do the other flows expire i am missing that part? > > Cheers. > -- > Mike Makonnen | GPG-KEY: http://people.freebsd.org/~mtm/mtm.asc > mtm @ FreeBSD.Org | AC7B 5672 2D11 F4D0 EBF8 5279 5359 2B82 7CD4 1F55 > FreeBSD | http://www.freebsd.org > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > -- Ermal