Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Filtering out P2P traffic
From: Damjan Perenic (damjan.perenicguest.arnes.si)
Date: Fri Feb 10 2006 - 11:20:33 CST
In an educational institution I use Solaris 10 on the gateway between
internet and internal network. I would like to filter out P2P
traffic. But since the P2P clients can use any port which is open for
traffic, I would need to do content-based filtering.
Is possible to block P2P traffic with the IPFilter included in
Solaris 10? I see in the IPFilter FAQ (http://www.phildev.net/ipf/
IPFques.html#ques36), that you can do "simple matching of content for
TCP session startup" on the first 16 bytes. But that means I need to
find out what to match for all P2P protocols. Also, I could not find
on docs.sun.com if this kind of rules are supported in IPFilter
integrated in Solaris 10.
I do not want to block anything else except P2P. There are many
protocols which I would like to go though like SSH, VNC, RDC etc.
What options are there to build such filter on Solaris? Is there any
other free/cheap option to do it? If not, is it possible to slow down
P2P traffic via IPQoS?