NetFilter
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: https on non-standard port

from [Pablo Sanchez] [Permanent Link][Original]
To: "'afshin lamei'" <afshinlamei@gmail.com>, <netfilter@lists.netfilter.org>
Subject: RE: https on non-standard port
From: "Pablo Sanchez" <pablo@blueoakdb.com>
Date: Wed, 14 Mar 2007 09:59:58 -0400
Cc:
Delivered-to: sp-com-lists@consult.net
Delivered-to: netfilter-list1@securepoint.com
In-reply-to: <3115d56e0703132353l6773de8av8dcc7db10c618553@mail.gmail.com>
List-archive: </pipermail/netfilter>
List-help: <mailto:netfilter-request@lists.netfilter.org?subject=help>
List-id: General discussion and user questions <netfilter.lists.netfilter.org>
List-post: <mailto:netfilter@lists.netfilter.org>
List-subscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=subscribe>
List-unsubscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>
Organization: Blueoak Database Engineering, Inc
References: <3115d56e0703132353l6773de8av8dcc7db10c618553@mail.gmail.com>
Reply-to: pablo@blueoakdb.com
Sender: netfilter-bounces@lists.netfilter.org
Thread-index: AcdmBYxqAc2Rs7N+RuSt3T7iaDzMMgAO1C1Q 
 

> -----Original Message-----
> From: netfilter-bounces@lists.netfilter.org 
> [mailto:netfilter-bounces@lists.netfilter.org] On Behalf Of 
> afshin lamei
> Sent: Wednesday, March 14, 2007 2:54 AM
> To: netfilter@lists.netfilter.org
> Subject: https on non-standard port
> 
> Dear all,
> I'm trying to detect the HTTPS traffic which is not on port 443. As
> I've seen in Layer7 documents at http://l7-filter.sourceforge.net
> there is no a predefined pattern for that.

Hi,

I think you may have misunderstood the L7 documentation; L7 can and will
identify SSL (HTTPS) traffic independent of port number.

Here's the pattern it uses:

        
<http://l7-filter.sourceforge.net/layer7-protocols/protocols/ssl.pat>

Cheers,
-pablo
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Dropped fin acks (iptables + lvs), Klaas Jan Wierenga
Next by Date:  Re: Routing to and from an IP on an interface, Jan Engelhardt
Previous by Thread:  https on non-standard port, afshin lamei
Next by Thread:  Re: Dropped fin acks (iptables + lvs), Klaas Jan Wierenga
Indexes:  [Date] [Thread] [Top] [All Lists]