Re: [HiPPIE-Users] A couple of general question
Brought to you by:
baldown
Menu
▾
▴
Re: [HiPPIE-Users] A couple of general question
|
From: seba h. <ha...@ho...> - 2010-09-14 21:51:34
|
greg, I do not know too deep how HIPPIE works, but I couldn't see any place where says that it could recognise RTP. The problem of Hippie is that it is a little complicate to make a pattern of a new protocol and if I remember well you have to recompile the kernel after you add a new pattern. What you mean with "active" mode? You want to use it in the middle of the traffic? You can do it using iptables/netfilter rules. You use Hippie to recognise the traffic and then you can make decisions using iptables. I know better L7-filter or ntop. L7 filter have some problems to detect RTP because the pattern that it use is very general but if you use conntrack (conntrack_sip or conntrack_h323) it detect almost all the RTP and SIP packets with no error. The problem is that it assign all of them like SIP. I do not know exactly how you want to define if you accept or deny the packets but i almost sure that Iptables with L7filter can do what you want. Bye Seba > Date: Tue, 14 Sep 2010 16:12:54 -0500 > From: oli...@gm... > To: hip...@li... > Subject: [HiPPIE-Users] A couple of general question > > Hi, > > I have been *trying* to use l7-filters for my purposes, but it keeps > crashing on me, so I am exploring alternatives. I ran across HiPPIE, > and while it seemed promising, I just need to verify a couple of > things. > > o Does the *active* mode work? I could not find any docs on it. > > o Is RTP supported in any way? I see rtsp is, but they are not > nearly the same thing as far as packet composition goes. I need to > grab the payload type from RTP packets and either drop or allow > depending on what it is. > > Can HiPPIE do this? > > Thanks > > -Greg > > ------------------------------------------------------------------------------ > Start uncovering the many advantages of virtual appliances > and start using them to simplify application deployment and > accelerate your shift to cloud computing. > http://p.sf.net/sfu/novell-sfdev2dev > _______________________________________________ > HiPPIE-Users mailing list > HiP...@li... > https://lists.sourceforge.net/lists/listinfo/hippie-users |