Modify

Ticket #3545 (closed feature request: invalid)

Opened 18 months ago

Last modified 7 months ago

L7 filter and regular expression

Reported by: cramped_gamut@… Owned by: jacalvo@…
Milestone: nice to have someday Component: base
Severity: normal Keywords: L7 Filter, Regular Expression
Cc:

Description

Hi everyone,

I have some queries regarding the L7 Filter issues for protocol detection.

  1. Does every ptotocol leaves a fingerprint inside which we cannot indentify with this mean which are not yet coded and which are not accessible with this methods?
  1. the rules about the timing for protocol detection?
  1. is the modification necesssary to get the protocols detected, and how is the modification done?
  1. As protocol detection with L7 filter is based on application layer protocols. However, even for this do we need to look at the headers from the bottom up of the OSI layer before reaching up to the application layer or only the application layer payload is enough to detect the protocols from L7 filtering method.
  1. Is they any means of put some markers for the initial and end of the session in the RegEx? rules??

Attachments

Change History

comment:1 Changed 18 months ago by jacalvo@…

  • Status changed from new to closed
  • Resolution set to invalid

Please, this trac is for reporting bugs, questions should be asked at  http://forum.zentyal.org, thanks.

View

Add a comment

Modify Ticket

Change Properties
<Author field>
Action
as closed
The resolution will be deleted. Next status will be 'reopened'
Author


E-mail address and user name can be saved in the Preferences.

Attachments
 
Note: See TracTickets for help on using tickets.