Actions
Feature #396
closedAutomatic P2P protocol detection
Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
-
Effort:
Difficulty:
Label:
Description
Hi,
I have been testing Suricata for some time now and my original goal has been to use Suricata as a deep packet inspection to block P2P in my network. I was initially testing out OpenDPI from: https://code.google.com/p/opendpi/ which is a high performance open source DPI engine capable of detecting over P2P traffic and other protocols efficiently.
However, it was quite complicated to get it working and does not support Netfilter queue unlike Suricata. So I was wondering if a similar P2P protocol detection can be integrated in Suricata.
Updated by Victor Julien over 12 years ago
- Status changed from New to Closed
The ET rule set allows for detecting a lot of P2P, check emerging-p2p.rules.
Other than that, code based detection could be added. Feel free to open up feature requests for specific protocols.
Actions