diff options
| author | Tim Yardley <lst@openwrt.org> | 2007-11-19 23:07:00 +0000 |
|---|---|---|
| committer | Tim Yardley <lst@openwrt.org> | 2007-11-19 23:07:00 +0000 |
| commit | b03c1401f616809522ac22b28e052dd3bee6f1a4 (patch) | |
| tree | 6370b802508b461d852e6a55c249cba87652729b /package/iptables/files/l7/bittorrent.pat | |
| parent | f97352b6f868c2e0da6cdbf3aba932ea0ac63b40 (diff) | |
| download | upstream-b03c1401f616809522ac22b28e052dd3bee6f1a4.tar.gz upstream-b03c1401f616809522ac22b28e052dd3bee6f1a4.tar.bz2 upstream-b03c1401f616809522ac22b28e052dd3bee6f1a4.zip | |
update stripped subset of l7 patterns to 11-03-2007 patterns
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@9582 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'package/iptables/files/l7/bittorrent.pat')
| -rw-r--r-- | package/iptables/files/l7/bittorrent.pat | 29 |
1 files changed, 21 insertions, 8 deletions
diff --git a/package/iptables/files/l7/bittorrent.pat b/package/iptables/files/l7/bittorrent.pat index c1804ee4ba..e5aa5bc13d 100644 --- a/package/iptables/files/l7/bittorrent.pat +++ b/package/iptables/files/l7/bittorrent.pat @@ -1,14 +1,27 @@ # Bittorrent - P2P filesharing / publishing tool - http://www.bittorrent.com -# Pattern quality: great veryfast +# Pattern attributes: good slow notsofast undermatch +# Protocol groups: p2p open_source +# Wiki: http://www.protocolinfo.org/wiki/Bittorrent # -# This pattern has been tested and is believed to work well. If it does not -# work for you, or you believe it could be improved, please post to -# l7-filter-developers@lists.sf.net . This list may be subscribed to at -# http://lists.sourceforge.net/lists/listinfo/l7-filter-developers +# This pattern has been tested and is believed to work well. +# It will, however, not work on bittorrent streams that are encrypted, since +# it's impossible to match encrypted data (unless the encryption is extremely +# weak, like rot13 or something...). + bittorrent # Does not attempt to match the HTTP download of the tracker # 0x13 is the length of "bittorrent protocol" -# Second two bits match UDP wierdness, commented out until it's tested -#^(\x13bittorrent protocol|d1:ad2:id20:|\x08'7P\)[RP]) -^\x13bittorrent protocol +# Second two bits match UDP wierdness +# Next bit matches something Azureus does +# Ditto on the next bit. Could also match on "user-agent: azureus", but that's in the next +# packet and perhaps this will match multiple clients. + +# Recently the ^ was removed from before \x13. I think this was an accident, +# so I have restored it. + +# This is not a valid GNU basic regular expression (but that's ok). +^(\x13bittorrent protocol|azver\x01$|get /scrape\?info_hash=)|d1:ad2:id20:|\x08'7P\)[RP] + +# This pattern is "fast", but won't catch as much +#^(\x13bittorrent protocol|azver\x01$|get /scrape\?info_hash=) |